JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.12.189

154.94.12.189 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Xiapu County Yangyao Clothing Business Department
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.12.189

Whois 154.94.12.189

IP Abuse Reports for 154.94.12.189:

This IP address has been reported a total of 15 times from 10 distinct sources. 154.94.12.189 was first reported on November 4th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-30 10:55:52 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.189 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Sep 30 06:55:47.398132 2025] [security2:error] [pid 10216:tid 10216] [client 154.94.12.189:45905] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|puoci.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "puoci.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aNu3M2H5DyvSaEJIIQ1LfwAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2025-09-23 05:23:46 (8 months ago)	2.001 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2025-09-13 22:07:48 (9 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.189 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 13 18:07:42.656656 2025] [security2:error] [pid 5871:tid 5871] [client 154.94.12.189:22595] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ubuciko.com:80\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ubuciko.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aMXrLkOtfWvomP8VTC-8fgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-06-25 07:57:27 (11 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2024-12-30 08:31:44 (1 year ago)	Attempted brute force login to web vpn 19 time(s); last attempt for 2024.12.30 is noted in report ti ... show more Attempted brute force login to web vpn 19 time(s); last attempt for 2024.12.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-12-29 23:45:56 (1 year ago)	Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report tim ... show more Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report timestamp show less	Hacking Brute-Force
🇨🇦 wil.com	2024-12-12 21:08:56 (1 year ago)	GlobalProtect login attempts with user owalker.	VPN IP Brute-Force
🇷🇴 abuse_IP_reporter	2024-12-09 13:00:37 (1 year ago)	ddosattackagainspublicwebpagewithrandomstrings	DDoS Attack
🇷🇴 abuse_IP_reporter	2024-12-09 13:00:37 (1 year ago)	ddosattackagainspublicwebpagewithrandomstrings	DDoS Attack
🇷🇴 abuse_IP_reporter	2024-12-09 13:00:37 (1 year ago)	ddosattackagainspublicwebpagewithrandomstrings	DDoS Attack
Anonymous	2024-11-19 09:10:15 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
🇺🇸 VSM Networks	2024-11-15 19:45:57 (1 year ago)	Credential Stuffing	Brute-Force
🇪🇸 librebit	2024-11-14 06:59:53 (1 year ago)	RDWeb scan	Web App Attack
🇺🇸 octageeks.com	2024-11-09 05:06:40 (1 year ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇪🇸 librebit	2024-11-04 22:32:44 (1 year ago)	RDWeb scan	Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 115.77.111.2

🇲🇦 105.154.46.175

🇳🇱 91.92.40.35

🇺🇸 34.26.204.126

🇵🇪 190.237.79.165

🇬🇹 190.151.130.5

🇺🇸 185.191.171.1

🇷🇺 178.176.250.149

🇺🇸 148.153.245.161

🇺🇸 66.132.172.108

🇫🇷 51.75.236.138

🇧🇷 45.164.251.67

🇺🇸 43.162.103.6

🇩🇪 185.209.196.202

🇩🇪 158.180.24.147

🇨🇳 117.50.218.37

🇮🇩 180.244.70.216

🇸🇬 97.74.87.152

🇺🇸 71.6.147.254

🇨🇳 61.151.249.194