JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.13.241

154.94.13.241 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS17561
Domain Name	cloudinnovation.org
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.13.241

Whois 154.94.13.241

IP Abuse Reports for 154.94.13.241:

This IP address has been reported a total of 22 times from 8 distinct sources. 154.94.13.241 was first reported on October 28th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-09-21 07:07:52 (8 months ago)	SSH BruteForce attack	SSH
🇷🇺 Deynekin.com	2025-09-19 15:48:56 (8 months ago)	This IP address has been identified as part of a botnet infrastructure used by threat actors, indica ... show more This IP address has been identified as part of a botnet infrastructure used by threat actors, indicating automated and malicious activity. show less	Fraud Orders FTP Brute-Force Phishing Web Spam Email Spam Port Scan Hacking SQL Injection Brute-Force Exploited Host Web App Attack SSH
Anonymous	2025-09-07 03:30:27 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-09-04 11:11:09 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-29 22:24:13 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-24 15:29:19 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 24 11:29:14.297120 2025] [security2:error] [pid 30264:tid 30264] [client 154.94.13.241:39661] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bostonamerican.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bostonamerican.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIJRSq_gDLXNupWtBmwG-AAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-23 20:46:58 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-07-23 20:08:38 (10 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jul 23 16:08:35.019917 2025] [security2:error] [pid 19852:tid 19852] [client 154.94.13.241:60727] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|astrology7.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "astrology7.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aIFBQ-AWs4wG10mvGRFbHAAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-07-13 20:11:48 (10 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 COMPLEX	2025-05-15 03:11:33 (1 year ago)	Triggered Cloudflare WAF (firewallCustom) from ES. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from ES. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/2 (GET method) Timestamp: 2025-05-15T03:09:19Z show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-04-08 15:46:21 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 08 11:46:17.008814 2025] [security2:error] [pid 1629919:tid 1629919] [client 154.94.13.241:18591] [client 154.94.13.241] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|pamelaweisberg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "pamelaweisberg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_VEyU2d64n91yMjGiXwBQAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-03 12:54:28 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-24 03:33:08 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-03-24 01:59:25 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 23 21:59:22.591097 2025] [security2:error] [pid 4376:tid 4376] [client 154.94.13.241:42345] [client 154.94.13.241] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|enselme.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "enselme.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z-C8egT7coHATLgTDUW5YgAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-21 07:30:04 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.55.146.74

🇳🇱 212.192.240.126

🇨🇳 14.103.114.55

🇧🇷 200.179.28.194

🇬🇧 193.163.125.169

🇮🇶 185.166.25.150

🇯🇵 115.69.206.243

🇳🇱 104.23.172.123

🇨🇳 14.103.63.16

🇧🇷 187.61.112.154

🇳🇱 185.136.15.13

🇨🇳 183.165.246.71

🇨🇳 183.11.142.46

🇻🇳 171.244.61.79

🇺🇸 165.154.36.102

🇺🇸 132.148.131.176

🇩🇪 85.203.15.182

🇮🇹 81.57.15.243

🇭🇰 45.142.154.99

🇺🇸 35.253.131.138