JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.29.233.143

154.29.233.143 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 0%: ?

ISP	Aventice LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46261
Domain Name	aventice.com
Country	🇺🇸 United States of America
City	Ashburn, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.29.233.143

Whois 154.29.233.143

IP Abuse Reports for 154.29.233.143:

This IP address has been reported a total of 6 times from 4 distinct sources. 154.29.233.143 was first reported on August 26th 2024, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2025-09-07 12:47:27 (9 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 12_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2024-11-26 23:29:51 (1 year ago)	(mod_security) mod_security (id:211190) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 26 18:29:43.841979 2024] [security2:error] [pid 14717:tid 14958] [client 154.29.233.143:38345] [client 154.29.233.143] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /cgi-bin/mj_wwwusr?passw&list=GLOBAL&user&func=help&extra=/../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/cgi-bin/mj_wwwusr"] [unique_id "Z0ZZ5yoOGKpOKZMFj1ayWQAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Alejandro Docasar	2024-11-26 14:44:21 (1 year ago)		Web App Attack
🇺🇸 TPI-Abuse	2024-09-03 18:49:32 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 03 14:49:19.142019 2024] [security2:error] [pid 25047:tid 25047] [client 154.29.233.143:44231] [client 154.29.233.143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|mail.stdavids-media.com\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "mail.stdavids-media.com"] [uri "/db.php.bak"] [unique_id "ZtdaL2AzgBdRYO8ZcO3dawAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-08-27 04:30:06 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-08-26 23:06:58 (1 year ago)	(mod_security) mod_security (id:212620) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:212620) triggered by 154.29.233.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Aug 26 19:05:17.769647 2024] [security2:error] [pid 529543:tid 529609] [client 154.29.233.143:33297] [client 154.29.233.143] ModSecurity: Access denied with code 403 (phase 2). Pattern match "<script\\\\b" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/07_XSS_XSS.conf"] [line "65"] [id "212620"] [rev "4"] [msg "COMODO WAF: Cross-site Scripting (XSS) Attack\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: <script found within REQUEST_URI: /wp-login.php?login-error=<script>alert(document.domain)</script>"] [severity "CRITICAL"] [tag "CWAF"] [tag "XSS"] [hostname "kettlehill.kettlehill.com"] [uri "/wp-login.php"] [unique_id "Zs0KLZoXNVjKy2q1RnB6FQAAAZE"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 103.250.11.63

🇹🇼 198.235.24.46

🇺🇸 162.216.150.197

🇨🇳 112.86.225.16

🇹🇭 110.77.137.236

🇳🇴 109.205.10.43

🇺🇸 107.152.44.215

🇺🇸 104.248.229.49

🇸🇬 103.253.27.44

🇭🇰 101.36.127.86

🇺🇸 72.10.32.138

🇨🇳 14.103.105.36

🇪🇸 5.182.83.231

🇷🇴 2.57.121.25

🇩🇪 209.38.249.240

🇺🇸 205.210.31.83

🇨🇳 203.2.112.125

🇬🇧 195.96.139.49

🇨🇾 185.205.184.28

🇺🇸 160.153.176.197