JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.12.169

154.94.12.169 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS17561
Domain Name	cloudinnovation.org
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.12.169

Whois 154.94.12.169

IP Abuse Reports for 154.94.12.169:

This IP address has been reported a total of 15 times from 8 distinct sources. 154.94.12.169 was first reported on November 6th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 cyfordtechnologies.com	2025-09-06 21:03:35 (8 months ago)	Rate limit exceeded : Reported by Cyford API	DDoS Attack
🇺🇸 TPI-Abuse	2025-09-05 21:57:26 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Sep 05 17:57:18.659623 2025] [security2:error] [pid 20413:tid 20413] [client 154.94.12.169:22537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.emmpftp.tremulant.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aLtcvt72G0Ks4kqXN4uYQgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-04 22:25:46 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 18:25:41.157802 2025] [security2:error] [pid 26351:tid 26351] [client 154.94.12.169:53251] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|meetupmadness.io\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "meetupmadness.io"] [uri "/s3cmd.ini"] [unique_id "aLoR5egGv9NY3OvmI4vr7QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-15 14:35:17 (9 months ago)	(mod_security) mod_security (id:210831) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210831) triggered by 154.94.12.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 15 10:35:12.336955 2025] [security2:error] [pid 18740:tid 18740] [client 154.94.12.169:24625] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/usage_202508.html"] [unique_id "aJ9FoGBl2reaueClMqtUMwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 AutoAddOnStore	2025-08-12 18:10:00 (9 months ago)	Form spam	Web Spam
Anonymous	2025-08-12 14:02:47 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 oncord	2025-08-02 04:19:00 (10 months ago)	Form spam	Web Spam
Anonymous	2025-07-08 07:19:21 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-10 18:29:53 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-12-30 08:08:35 (1 year ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2024.12.30 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2024.12.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-12-29 23:10:14 (1 year ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2024.12.29 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2024.12.29 is noted in report timestamp show less	Hacking Brute-Force
🇫🇷 Sklurk	2024-12-19 12:02:53 (1 year ago)	Web App Attack	Web App Attack
🇩🇪 nyuuzyou	2024-11-08 20:24:55 (1 year ago)	Intensive scraping: /web?s=dumpster%20company%20Northumberland&scraper=mwmbl. User-Agent: Mozilla/5. ... show more Intensive scraping: /web?s=dumpster%20company%20Northumberland&scraper=mwmbl. User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68. show less	Bad Web Bot
🇩🇪 nyuuzyou	2024-11-07 23:16:35 (1 year ago)	Intensive scraping: /web?s=dumpster%20company%20Derby&scraper=marginalia. User-Agent: Mozilla/5.0 (X ... show more Intensive scraping: /web?s=dumpster%20company%20Derby&scraper=marginalia. User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68. show less	Bad Web Bot
🇩🇪 nyuuzyou	2024-11-06 20:03:15 (1 year ago)	Intensive scraping: /web?s=insurance%20claims%20Gwynedd&scraper=yep. User-Agent: Mozilla/5.0 (Window ... show more Intensive scraping: /web?s=insurance%20claims%20Gwynedd&scraper=yep. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 OPR/89.0.4447.51. show less	Bad Web Bot

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇬 197.44.15.210

🇪🇪 196.196.253.20

🇨🇳 171.117.22.247

🇳🇱 159.223.213.49

🇸🇦 144.24.209.174

🇧🇪 104.155.61.164

🇻🇳 103.110.87.57

🇫🇷 91.231.89.64

🇺🇸 73.88.196.91

🇵🇰 72.255.33.12

🇬🇧 217.154.45.93

🇧🇴 200.105.141.172

🇹🇼 198.235.24.99

🇬🇧 193.163.125.105

🇩🇪 185.242.3.173

🇨🇳 115.190.241.179

🇫🇷 91.231.89.196

🇧🇪 34.62.253.166

🇺🇸 20.168.122.81

🇻🇳 14.248.56.127