JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.13.97

154.94.13.97 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 0%: ?

ISP	Xiapu County Yangyao Clothing Business Department
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.13.97

Whois 154.94.13.97

IP Abuse Reports for 154.94.13.97:

This IP address has been reported a total of 11 times from 4 distinct sources. 154.94.13.97 was first reported on November 5th 2024, and the most recent report was 9 months ago.

Old Reports: The most recent abuse report for this IP address is from 9 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-11 11:26:06 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 07:25:58.046656 2025] [security2:error] [pid 2319:tid 2319] [client 154.94.13.97:26517] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.casademunt.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.casademunt.com"] [uri "/s3cmd.ini"] [unique_id "aMKxxlLqexyh4Oiq_OZ_rAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-11 05:44:28 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 11 01:44:19.754296 2025] [security2:error] [pid 1716:tid 1716] [client 154.94.13.97:49637] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.kittencream.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aMJhs_63KtCyfZBBXtprggAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 08:58:00 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 04:57:52.751081 2025] [security2:error] [pid 14639:tid 14639] [client 154.94.13.97:40783] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.brandsmedia.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aLv3kKMQEbSUGe5w0wOE_wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-11 20:13:34 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-07-28 14:03:51 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-05-14 00:33:52 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 13 20:33:44.523645 2025] [security2:error] [pid 2566996:tid 2566996] [client 154.94.13.97:39467] [client 154.94.13.97] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|billthompsons.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "billthompsons.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aCPk6P5m8gQzBkqtLSc4JgAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-03 16:47:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-30 10:49:10 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 154.94.13.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 30 06:49:04.875927 2025] [security2:error] [pid 3550628:tid 3550628] [client 154.94.13.97:27787] [client 154.94.13.97] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|graner.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "graner.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aBIAIKTBfPf1uUyPWk5sEAAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-12-30 08:22:55 (1 year ago)	Attempted brute force login to web vpn 8 time(s); last attempt for 2024.12.30 is noted in report tim ... show more Attempted brute force login to web vpn 8 time(s); last attempt for 2024.12.30 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2024-12-29 23:09:44 (1 year ago)	Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report tim ... show more Attempted brute force login to web vpn 5 time(s); last attempt for 2024.12.29 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 nyuuzyou	2024-11-05 10:25:26 (1 year ago)	Intensive scraping: /web?s=cpa%20grip%20alternative&country=pt-pt&scraper=mojeek. User-Agent: Mozill ... show more Intensive scraping: /web?s=cpa%20grip%20alternative&country=pt-pt&scraper=mojeek. User-Agent: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0. show less	Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.144

🇱🇻 185.113.139.51

🇩🇿 105.110.188.5

🇨🇳 8.138.185.253

🇺🇸 2400:cb00:1180:1000:426e:c15:c636:4816

🇺🇸 162.216.149.157

🇫🇷 141.11.18.59

🇮🇳 122.185.100.218

🇸🇬 103.189.234.244

🇺🇸 66.93.239.7

🇺🇸 65.110.40.233

🇨🇳 39.98.50.43

🇺🇸 13.86.104.46

🇩🇪 8.209.96.179

🇺🇸 162.216.150.185

🇺🇸 162.216.150.4

🇮🇩 117.102.86.226

🇫🇷 91.196.152.35

🇮🇳 59.179.31.237

🇷🇺 46.147.195.11