JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 184.154.139.62

184.154.139.62 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 25%: ?

25%

ISP	Internap Holding LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS32475
Hostname(s)	placeholder.sitelock.com
Domain Name	horizoniq.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 184.154.139.62

Whois 184.154.139.62

IP Abuse Reports for 184.154.139.62:

This IP address has been reported a total of 55 times from 12 distinct sources. 184.154.139.62 was first reported on July 8th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 2000cn.com.au	2026-06-17 15:23:34 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-05 05:07:10 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 01:07:03.847143 2026] [security2:error] [pid 32198:tid 32198] [client 184.154.139.62:39678] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.thesmithcouple.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.thesmithcouple.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aiJZd_z4wMuRALTh3iRDogAAABI"], referer: http://www.google.com/url?url=www.thesmithcouple.com&yahoo.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 03:20:39 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:20:33.146066 2026] [security2:error] [pid 14150:tid 14150] [client 184.154.139.62:54124] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.texaslawman.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texaslawman.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aiJAgSO318ebxqFq_x-5oAAAAAk"], referer: http://www.google.com/url?url=www.texaslawman.net&yahoo.com show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-31 05:02:50 (2 weeks ago)	987 querystring crawling (29m59s)	Brute-Force Bad Web Bot
🇫🇷 masterguru	2026-05-25 18:39:43 (3 weeks ago)	Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADER ... show more Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADERS:User-Agent. (913100-197) show less	Hacking Bad Web Bot
🇧🇪 cmbplf	2026-05-18 05:59:05 (1 month ago)	296 querystring crawling (29m59s)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-15 10:51:54 (1 month ago)	(mod_security) mod_security (id:243420) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:243420) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 06:51:50.711058 2026] [security2:error] [pid 31540:tid 31540] [client 184.154.139.62:36938] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS_NAMES:" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.schonar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.schonar.com"] [uri "/assets/shopping-cart/%=%20config.action%20%"] [unique_id "agb6xu9BHoUNmmx1RprjXQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-05-12 04:01:46 (1 month ago)	102 querystring crawling (29m59s)	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-10 10:25:09 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 06:25:03.112669 2026] [security2:error] [pid 31977:tid 31977] [client 184.154.139.62:49470] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.barkoskieelectric.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.barkoskieelectric.com"] [uri "/mailto:[email protected]"] [unique_id "agBc_xHXHWF_fiO_QxgVegAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-02 18:10:44 (1 month ago)	Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADER ... show more Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADERS:User-Agent. (913100-197) show less	Hacking Bad Web Bot
🇫🇷 masterguru	2026-04-22 17:56:52 (1 month ago)	Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADER ... show more Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADERS:User-Agent. (913100-197) show less	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-12 02:23:33 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:225170) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 22:23:24.998424 2026] [security2:error] [pid 3823556:tid 3823556] [client 184.154.139.62:54150] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.texaslawman.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.texaslawman.net"] [uri "/wp-json/wp/v2/users/1"] [unique_id "adsCHPhCWpxnSsn8vp5drQAAAAg"], referer: http://www.google.com/url?url=www.texaslawman.net&yahoo.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-10 18:17:37 (2 months ago)	Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADER ... show more Found User-Agent associated with security scanner. Matched phrase "sitelockspider" at REQUEST_HEADERS:User-Agent. (913100-197) show less	Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-28 11:09:40 (2 months ago)	(mod_security) mod_security (id:243420) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:243420) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 28 07:09:31.750050 2026] [security2:error] [pid 17389:tid 17389] [client 184.154.139.62:55802] ModSecurity: Access denied with code 403 (phase 3). Match of "validateByteRange 0-31" against "ARGS_NAMES:" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6640"] [id "243420"] [rev "4"] [msg "COMODO WAF: Information disclosure vulnerability in Eclipse Jetty before 9.2.9.v20150224 (CVE-2015-2080)\|\|www.schonar.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.schonar.com"] [uri "/assets/shopping-cart/%=%20config.action%20%"] [unique_id "ace260li2Bmk8SWG_vwQIgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-25 10:26:34 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in ... show more (mod_security) mod_security (id:210730) triggered by 184.154.139.62 (placeholder.sitelock.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 25 06:26:26.701750 2026] [security2:error] [pid 7271:tid 7271] [client 184.154.139.62:48138] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.barkoskieelectric.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.barkoskieelectric.com"] [uri "/mailto:[email protected]"] [unique_id "acO4UuudQVuAPhod-2rhKgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 66.132.195.106

🇺🇸 2a03:2880:f800:18::

🇺🇸 64.227.25.120

🇳🇱 2a06:a880:5:27dc::1

🇳🇱 2a00:1450:4013:c01::122

🇺🇸 2607:5500:3000:5d1::2

🇺🇸 205.210.31.55

🇺🇸 194.62.107.137

🇲🇽 187.189.1.136

🇧🇷 177.131.17.140

🇧🇷 177.72.188.230

🇺🇸 136.144.35.153

🇹🇼 111.70.33.217

🇮🇹 91.80.128.127

🇳🇱 45.148.10.152

🇳🇱 45.148.10.147

🇷🇴 2.57.121.25

🇭🇰 165.154.23.177

🇹🇭 114.131.130.11

🇨🇳 36.132.228.6