JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.14.138

154.94.14.138 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 0%: ?

ISP	Xiapu County Yangyao Clothing Business Department
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇺🇸 United States of America
City	Newark, New Jersey

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.14.138

Whois 154.94.14.138

IP Abuse Reports for 154.94.14.138:

This IP address has been reported a total of 15 times from 5 distinct sources. 154.94.14.138 was first reported on November 5th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-09-25 01:45:17 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 24 21:45:10.075313 2025] [security2:error] [pid 31957:tid 31957] [client 154.94.14.138:16469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wingblade.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wingblade.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aNSepvBCd3RBwng6SkQpRQAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-14 09:35:29 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-02 05:45:48 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-11 17:16:22 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 11 13:16:17.023022 2025] [security2:error] [pid 27467:tid 27467] [client 154.94.14.138:44399] [client 154.94.14.138] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|yogitunes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "yogitunes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_lOYdWk4iboiErV93YHRQAAACA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-11 01:22:31 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 10 21:22:27.733862 2025] [security2:error] [pid 31854:tid 31854] [client 154.94.14.138:33043] [client 154.94.14.138] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|scotts.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "scotts.net"] [uri "/wp-json/wp/v2/users"] [unique_id "Z_hu08qCVD3-MT5el4vtHgAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-04-05 09:22:33 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-04-04 19:41:39 (1 year ago)	(mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 04 15:41:33.599896 2025] [security2:error] [pid 1905095:tid 1905095] [client 154.94.14.138:59179] [client 154.94.14.138] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|rachelfia.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "rachelfia.com"] [uri "/"] [unique_id "Z_A17X_PsgXsVyGmkpO66AAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-04 12:26:43 (1 year ago)	(mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 04 08:26:37.443948 2025] [security2:error] [pid 20460:tid 20460] [client 154.94.14.138:42057] [client 154.94.14.138] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|platinummedicalevaluations.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "platinummedicalevaluations.com"] [uri "/"] [unique_id "Z-_P_bZLFwibybJvuyN2_AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-28 09:41:00 (1 year ago)	(mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210740) triggered by 154.94.14.138 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 28 05:40:53.586353 2025] [security2:error] [pid 26673:tid 26673] [client 154.94.14.138:26225] [client 154.94.14.138] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|chicagoinquirer.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "chicagoinquirer.com"] [uri "/"] [unique_id "Z-ZupZlYM56l_BUbmX55QQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.14.138	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.14.138	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.14.138	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 154.94.14.138	DDoS Attack Brute-Force Web App Attack
Anonymous	2024-12-30 06:40:27 (1 year ago)	Attempted brute force login to web vpn 4 time(s); last attempt for 2024.12.30 is noted in report tim ... show more Attempted brute force login to web vpn 4 time(s); last attempt for 2024.12.30 is noted in report timestamp show less	Hacking Brute-Force
🇩🇪 nyuuzyou	2024-11-05 10:46:28 (1 year ago)	Intensive scraping: /web?s=ad%20spy%20tool%20free&country=he-he&scraper=ddg. User-Agent: Mozilla/5.0 ... show more Intensive scraping: /web?s=ad%20spy%20tool%20free&country=he-he&scraper=ddg. User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36. show less	Bad Web Bot

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 61.129.70.208

🇨🇳 60.172.54.36

🇬🇧 2a06:4882:5000::53

🇦🇷 201.177.2.195

🇭🇰 185.227.153.56

🇺🇸 148.75.111.90

🇻🇳 103.61.123.132

🇺🇸 71.6.135.131

🇺🇸 66.132.186.183

🇳🇱 45.156.128.79

🇺🇸 34.144.181.79

🇨🇳 218.205.34.19

🇦🇷 190.103.220.141

🇮🇳 160.202.38.220

🇺🇸 155.103.69.40

🇵🇭 139.135.241.23

🇨🇳 121.29.5.181

🇵🇰 110.93.224.226

🇰🇪 105.27.148.94

🇺🇸 96.232.235.85