JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.94.34.228

185.94.34.228 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	Fast Servers (Pty) Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	traffictransitsolution.us
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.94.34.228

Whois 185.94.34.228

IP Abuse Reports for 185.94.34.228:

This IP address has been reported a total of 16 times from 10 distinct sources. 185.94.34.228 was first reported on April 12th 2024, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-02-06 14:56:30 (4 months ago)	Fail2Ban banned 185.94.34.228 for security violations in jail wp-armour. Log: 2026/02/06 14:56:29 [e ... show more Fail2Ban banned 185.94.34.228 for security violations in jail wp-armour. Log: 2026/02/06 14:56:29 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 185.94.34.228 \| Target: wplogin" , client: 185.94.34.228, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2025-12-04 21:42:31 (6 months ago)	(mod_security) mod_security (id:210350) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 16:42:26.485552 2025] [security2:error] [pid 7932:tid 7932] [client 185.94.34.228:25239] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.advantageinvestigation.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.advantageinvestigation.com"] [uri "/"] [unique_id "aTIAQu5ADgeugTd4fqHddgAAAG0"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-15 00:07:44 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 14 20:07:39.019630 2025] [security2:error] [pid 5654:tid 5654] [client 185.94.34.228:46553] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|thinkingepic.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "thinkingepic.com"] [uri "/"] [unique_id "aO7lyygCHLvueoz7d1CYdAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-09-26 17:01:04 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-09-24 11:16:44 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇭 backslash	2025-05-23 22:45:05 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2024-12-01 07:51:13 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 02:51:06.139453 2024] [security2:error] [pid 3685607:tid 3685607] [client 185.94.34.228:29123] [client 185.94.34.228] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Berkeley 4059/Thumbs.db"] [unique_id "Z0wVatYrPzpZBc_Giwv0QQAAAAI"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Berkeley%204059/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-10-19 21:10:01 (1 year ago)	GlobalProtect login attempts with user nagios.	VPN IP Brute-Force
Anonymous	2024-10-03 06:51:05 (1 year ago)	\| CMS (WordPress or Joomla) brute force attempt 10 times (rewritten)	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2024-09-18 20:33:28 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.94.34.228 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 18 16:33:23.989596 2024] [security2:error] [pid 523898:tid 524076] [client 185.94.34.228:58837] [client 185.94.34.228] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|transitionalcareservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "transitionalcareservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "Zus5E-gBjtxNdJeCt0jnogAAARU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-09-18 12:25:28 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 BPS-StatisticsIndonesia	2024-09-15 08:30:53 (1 year ago)	XML RPC Scan Activities	Brute-Force Web App Attack
Anonymous	2024-09-11 08:18:09 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-08-26 18:32:47 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇨🇭 backslash	2024-05-23 00:30:06 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇼 197.243.14.52

🇳🇱 193.176.31.226

🇰🇭 175.100.107.238

🇷🇺 95.188.91.101

🇷🇺 91.241.150.246

🇰🇷 58.65.96.14

🇸🇬 47.82.54.59

🇬🇧 35.203.210.45

🇺🇸 185.77.223.54

🇺🇸 153.66.28.132

🇨🇳 110.249.202.113

🇬🇧 89.37.172.150

🇭🇷 82.23.211.239

🇺🇸 71.6.241.172

🇲🇾 49.124.153.9

🇲🇾 49.124.145.57

🇸🇬 47.79.11.104

🇺🇸 45.156.129.121

🇳🇱 45.148.10.151

🇧🇷 45.140.193.156