JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.12.75

154.94.12.75 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS17561
Domain Name	cloudinnovation.org
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.12.75

Whois 154.94.12.75

IP Abuse Reports for 154.94.12.75:

This IP address has been reported a total of 16 times from 9 distinct sources. 154.94.12.75 was first reported on November 4th 2024, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 10dencehispahard SL	2025-08-22 09:33:23 (9 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-08-15 05:49:24 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Blexyel	2025-04-30 19:29:53 (1 year ago)	154.94.12.75 - - [30/Apr/2025:21:29:53 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 ( ... show more 154.94.12.75 - - [30/Apr/2025:21:29:53 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_3) AppleWebKit/617.2.4 (KHTML, like Gecko) Version/17.3 Safari/617.2.4" ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-04-26 07:08:14 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 26 03:08:08.211064 2025] [security2:error] [pid 19179:tid 19179] [client 154.94.12.75:24281] [client 154.94.12.75] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.escribaniasmith.com.ar"] [uri "/.git/config"] [unique_id "aAyGWDmbcvJbN-2mTTQyuwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-04-22 07:09:52 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2025-04-18 18:18:52 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 14:18:47.203911 2025] [security2:error] [pid 13896:tid 13896] [client 154.94.12.75:36563] [client 154.94.12.75] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "csmedicalbilling.com"] [uri "/.git/config"] [unique_id "aAKXhwlLJ__rXlKm2cD8AgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-14 04:44:59 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-04-09 17:36:29 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-04 02:53:32 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 154.94.12.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 03 22:53:29.779127 2025] [security2:error] [pid 614:tid 614] [client 154.94.12.75:10931] [client 154.94.12.75] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|zodiacwin.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "zodiacwin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z-9JqcmaHeN58VnZZgDFDwAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-03 06:54:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-25 00:01:54 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-22 00:10:16 (1 year ago)	154.94.12.75 - - [22/Mar/2025:01:10:10 +0100] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.goog ... show more 154.94.12.75 - - [22/Mar/2025:01:10:10 +0100] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.94.12.75 - - [22/Mar/2025:01:10:14 +0100] "GET /wp-login.php HTTP/1.1" 404 178 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Web App Attack
🇪🇸 librebit	2024-11-18 16:15:04 (1 year ago)	RDWeb scan	Web App Attack
Anonymous	2024-11-12 05:05:14 (1 year ago)	Automatic report - Vulnerability scan /RDWeb/Pages/en-US/login.aspx	Web App Attack
🇩🇪 nyuuzyou	2024-11-05 00:36:25 (1 year ago)	Intensive scraping: /web?s=spiderman%20quiz&country=ng-ng&scraper=marginalia. User-Agent: Mozilla/5. ... show more Intensive scraping: /web?s=spiderman%20quiz&country=ng-ng&scraper=marginalia. User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36. show less	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 152.233.20.103

🇸🇬 147.93.158.72

🇩🇿 129.45.70.118

🇮🇩 103.98.176.164

🇨🇳 103.61.188.93

🇺🇸 66.132.195.105

🇺🇸 152.32.235.107

🇻🇳 113.161.144.72

🇵🇱 95.214.53.157

🇬🇧 89.37.172.139

🇧🇪 35.210.61.208

🇮🇷 5.232.38.186

🇮🇳 2404:6800:4000:1000::12a

🇨🇳 218.17.217.141

🇹🇷 78.187.94.96

🇫🇮 46.62.131.178

🇷🇴 2.57.121.25

🇫🇷 213.199.44.107

🇩🇪 167.94.145.22

🇺🇸 162.243.138.30