JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.12.5

154.94.12.5 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.12.5

Whois 154.94.12.5

IP Abuse Reports for 154.94.12.5:

This IP address has been reported a total of 18 times from 8 distinct sources. 154.94.12.5 was first reported on November 5th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 Rosh	2025-09-24 08:19:58 (8 months ago)	[09/24/25 10:19:58] 1 attack: /wp-login.php?wpaas-standard-login=1 (severity 11);	Web App Attack
🇧🇪 cmbplf	2025-09-23 03:58:29 (8 months ago)	6.000 POST requests in 1 hour (1w3d2hfromnow)	Brute-Force Bad Web Bot
Anonymous	2025-09-21 22:55:50 (8 months ago)	wordpress-trap	Web App Attack
Anonymous	2025-08-21 14:23:48 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-07-24 23:29:27 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-24 12:43:05 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 24 08:42:58.987690 2025] [security2:error] [pid 11684:tid 11684] [client 154.94.12.5:55731] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mdp-interiors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mdp-interiors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIIqUtbPzCnSXw2yTDW5KwAAACs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-09 05:25:43 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-07 03:17:56 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 23:17:52.614912 2025] [security2:error] [pid 354102:tid 354102] [client 154.94.12.5:10625] [client 154.94.12.5] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hodges-web.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hodges-web.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aBrQ4NAbdyO3-6XobjCHTgAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-06 18:51:59 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-22 09:18:17 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-09 10:16:46 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 09 06:16:41.241759 2025] [security2:error] [pid 2602706:tid 2602706] [client 154.94.12.5:23927] [client 154.94.12.5] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|owenbiosci.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "owenbiosci.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_ZJCQmLdh3HNDptA4lLPQAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-08 16:44:48 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 12:44:41.761339 2025] [security2:error] [pid 4652:tid 4652] [client 154.94.12.5:43665] [client 154.94.12.5] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thegamblefamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thegamblefamily.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_VSeZjex55lcKRi1TuSjAAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-05 07:02:15 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 05 03:02:10.669007 2025] [security2:error] [pid 23798:tid 23828] [client 154.94.12.5:23503] [client 154.94.12.5] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|coldwave.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "coldwave.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_DVcv9PxDkLApJ7697IAAAAABc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-30 08:46:55 (1 year ago)	Attempted brute force login to web vpn 16 time(s); last attempt for 2024.12.30 is noted in report ti ... show more Attempted brute force login to web vpn 16 time(s); last attempt for 2024.12.30 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 PulseServers	2024-11-24 23:59:25 (1 year ago)	Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com ... show more Malicious Web Traffic - Exploit probing, request floods, etc. on a server hosted by PulseServers.com - ISUS1 ... show less	DDoS Attack Exploited Host

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 198.2.178.25

🇹🇭 165.154.120.13

🇰🇷 119.203.251.187

🇩🇪 87.106.42.210

🇶🇦 34.18.192.167

🇷🇴 2.57.122.238

🇵🇪 190.119.63.98

🇭🇰 123.58.213.128

🇺🇸 34.61.246.132

🇭🇰 199.45.154.184

🇫🇷 178.18.248.51

🇳🇱 176.65.149.194

🇳🇱 162.159.113.152

🇱🇹 77.90.185.238

🇨🇳 39.101.92.145

🇨🇳 220.194.41.50

🇻🇪 166.1.88.225

🇫🇷 91.231.89.93

🇳🇱 185.242.226.71

🇫🇷 185.177.72.12