JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.12.237

154.94.12.237 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	Xiapu County Yangyao Clothing Business Department
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.12.237

Whois 154.94.12.237

IP Abuse Reports for 154.94.12.237:

This IP address has been reported a total of 22 times from 15 distinct sources. 154.94.12.237 was first reported on October 16th 2024, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-08-31 08:57:14 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 04:57:09.638854 2025] [security2:error] [pid 29164:tid 29164] [client 154.94.12.237:58853] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.eqmarino.tecnoconce.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.eqmarino.tecnoconce.com"] [uri "/s3cmd.ini"] [unique_id "aLQOZZhojvNmmPe5ictFVgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2025-08-28 17:08:48 (9 months ago)	WP Login Scan Activities	Web App Attack
🇫🇷 COMAITE	2025-08-26 00:11:47 (9 months ago)	SQL injection attempt from 154.94.12.237.	Web App Attack
🇺🇸 island-freaks.com	2025-08-22 09:53:52 (9 months ago)	Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 154.94.12.237 \| Agent: Mozi ... show more Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 154.94.12.237 \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇨🇭 backslash	2025-08-19 11:20:07 (9 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇱🇺 conseilgouz	2025-08-18 05:29:52 (9 months ago)	are-12 : Block return, carriage return, ... characters=>/ereignisse?filter_category=2&filter_fro ... show more are-12 : Block return, carriage return, ... characters=>/ereignisse?filter_category=2&filter_from=2024-12-13%27&iccaldate=2024-12-1(') show less	Hacking
🇮🇩 BPS-StatisticsIndonesia	2025-08-15 06:25:01 (10 months ago)	WP Login Scan Activities	Web App Attack
🇺🇸 TPI-Abuse	2025-08-13 19:24:47 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 13 15:24:43.223447 2025] [security2:error] [pid 25390:tid 25390] [client 154.94.12.237:18885] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|garrygwilt.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "garrygwilt.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aJzme15ecEMiCnrhq7cbDgAAAAY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2025-08-07 03:47:15 (10 months ago)	Wordpress login scanning	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-07-23 12:36:01 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.237 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 23 08:35:57.969580 2025] [security2:error] [pid 30455:tid 30455] [client 154.94.12.237:12835] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kidswow.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kidswow.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIDXLRY_MnlCfKSwpNyazAAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-31 01:29:13 (1 year ago)	2025-05-31T03:29:13.501508+02:00 zanati wp(www.sahpa.co.za)[3332511]: Blocked authentication attempt ... show more 2025-05-31T03:29:13.501508+02:00 zanati wp(www.sahpa.co.za)[3332511]: Blocked authentication attempt for [email protected] from 154.94.12.237 ... show less	Web App Attack
Anonymous	2025-03-29 03:09:16 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.12.237	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.12.237	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.12.237	DDoS Attack Brute-Force Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 130.131.220.95

🇨🇳 113.237.197.18

🇺🇸 216.180.246.225

🇯🇵 168.110.61.246

🇩🇪 167.172.177.125

🇨🇳 123.187.243.243

🇫🇷 85.217.140.53

🇺🇸 66.132.172.233

🇺🇸 66.132.172.220

🇨🇳 27.115.124.118

🇳🇱 2a0b:8bc0:2:614e::1

🇳🇱 195.211.191.112

🇧🇷 187.45.181.130

🇯🇵 160.251.101.169

🇺🇸 147.185.132.73

🇫🇷 91.231.89.233

🇳🇱 91.92.40.4

🇺🇸 66.132.172.236

🇳🇱 45.148.10.147

🇬🇧 35.203.211.199