JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 23.94.81.154

23.94.81.154 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	HostPapa
Usage Type	Data Center/Web Hosting/Transit
ASN	AS36352
Hostname(s)	23-94-81-154-host.colocrossing.com
Domain Name	hostpapa.com
Country	🇺🇸 United States of America
City	Buffalo, New York

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 23.94.81.154

Whois 23.94.81.154

IP Abuse Reports for 23.94.81.154:

This IP address has been reported a total of 48 times from 33 distinct sources. 23.94.81.154 was first reported on June 16th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-17 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇩🇪 Da_tschek	2026-06-17 18:56:29 (1 day ago)	Port scanning	Port Scan Hacking
🇩🇪 centurion	2026-06-17 06:21:10 (1 day ago)	Blocked by UFW on ns02 [52869/tcp] Source port: 31439 TTL: 51 Packet length: 40 TOS: 0x00 This repo ... show more Blocked by UFW on ns02 [52869/tcp] Source port: 31439 TTL: 51 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 VMHeaven.io	2026-06-17 06:07:55 (1 day ago)	Blocked by UFW [52869/tcp] Source port: 31439 TTL: 50 Packet length: 40	Port Scan
🇳🇱 rmvanderspek	2026-06-17 04:55:04 (1 day ago)	Telnet Brute-force (IoT Botnet scan) detected.	Brute-Force IoT Targeted
🇫🇷 TheHoneyPotter	2026-06-17 04:37:13 (1 day ago)	Honeypot [fc-honeypot]: Unauthorized connection attempt detected on 23/TELNET Reported by: https://g ... show more Honeypot [fc-honeypot]: Unauthorized connection attempt detected on 23/TELNET Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Port Scan
🇺🇸 RAP	2026-06-17 04:18:39 (1 day ago)	2026-06-17 04:18:39 UTC Unauthorized activity to TCP port 2323. Telnet	Port Scan
🇳🇱 BIV	2026-06-17 04:11:08 (1 day ago)	Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered ... show more Honeypot multi-source hit. Sources: tpot:Cowrie,tpot:P0f,tpot:Suricata. Ports: 23. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Brute-Force SSH
🇬🇧 gbzret4d	2026-06-17 03:04:40 (1 day ago)	Honeypot [uk-production01]: Unauthorized connection attempt detected on 23/TELNET	Hacking Port Scan
🇦🇹 centurion	2026-06-17 02:28:28 (1 day ago)	Unauthorized attempt on git [2323/tcp] Source port: 51165 TTL: 49 Packet length: 40 TOS: 0x00 https: ... show more Unauthorized attempt on git [2323/tcp] Source port: 51165 TTL: 49 Packet length: 40 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-17 02:27:49 (1 day ago)	Honeypot hit: Unauthorized connection attempt detected on 23/TELNET Reported by: https://github.com/ ... show more Honeypot hit: Unauthorized connection attempt detected on 23/TELNET Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Hacking Port Scan
🇩🇪 Admins@FBN	2026-06-17 02:12:28 (1 day ago)	FW-PortScan: Traffic Blocked srcport=22851 dstport=23	Port Scan
🇺🇸 xmission.com	2026-06-17 02:12:09 (1 day ago)	Blocked by UFW (TCP on 23) Source port: 5764 TTL: 51 Packet length: 40 TOS: 0x08 This report (for 2 ... show more Blocked by UFW (TCP on 23) Source port: 5764 TTL: 51 Packet length: 40 TOS: 0x08 This report (for 23.94.81.154) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
🇳🇱 ByeByte API	2026-06-17 01:31:48 (1 day ago)	byebyte.space auth: TCP packet to port 23 (telnet) at 2026-06-17T01:31:48Z. Source port 55922. TCP f ... show more byebyte.space auth: TCP packet to port 23 (telnet) at 2026-06-17T01:31:48Z. Source port 55922. TCP flags: SYN. Packet: 40B, TTL 50, window 57440, IP id 57286. Single packet, dropped at firewall. p0f: 14 hops. show less	Port Scan
🇩🇪 anycast_ac	2026-06-17 01:26:06 (1 day ago)	[mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: ... show more [mirai-detector honeypot] Inbound attack against our honeypot on tcp/23 (telnet). Tried credentials: b'\x04\x19\x19\x02':b'\x15\x17\x02GFDO' Commands captured: $ enable $ system $ shell $ sh $ /bin/busybox IZ1H9 show less	DDoS Attack IoT Targeted Brute-Force

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.249

🇬🇧 81.19.219.244

🇺🇸 64.227.102.14

🇬🇧 35.203.211.120

🇺🇸 216.180.246.141

🇺🇸 216.73.217.22

🇬🇧 213.166.84.52

🇺🇸 209.222.98.158

🇺🇸 209.46.125.221

🇧🇷 200.214.0.179

🇩🇪 194.88.98.90

🇬🇧 193.163.125.45

🇺🇸 192.155.84.147

🇬🇧 185.247.137.20

🇸🇪 185.246.128.25

🇺🇸 173.255.221.22

🇫🇮 147.185.133.253

🇨🇳 123.138.18.10

🇨🇳 120.48.54.170

🇮🇳 116.73.240.74