JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.104.8.220

194.104.8.220 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 6%: ?

ISP	TrafficTransitSolution LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	traffictransitsolution.us
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.104.8.220

Whois 194.104.8.220

IP Abuse Reports for 194.104.8.220:

This IP address has been reported a total of 16 times from 9 distinct sources. 194.104.8.220 was first reported on February 23rd 2021, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-29 17:38:07 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 29 13:38:00.634793 2026] [security2:error] [pid 12293:tid 12293] [client 194.104.8.220:21563] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.anniversaryweddingfavors.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.anniversaryweddingfavors.com"] [uri "/s3cmd.ini"] [unique_id "afJB-Hn--iEMyLkoviOrHQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-27 15:45:25 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 194.104.8.220 (CA/Canada/-): 2 in the ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 194.104.8.220 (CA/Canada/-): 2 in the last 3600 secs (0-196) show less	Hacking
🇬🇧 Celtic	2026-04-27 07:09:46 (1 month ago)	Blocked by Fail2Ban with Jail (plesk-modsecurity)	Brute-Force SSH
🇳🇱 jjnxpct	2026-04-27 03:49:34 (1 month ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.aws/credentials (Rule ID: 930130) - Restricted File Access Attempt show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-01-23 02:28:18 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 21:28:09.545684 2026] [security2:error] [pid 14716:tid 14730] [client 194.104.8.220:64667] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sillytheatreproductions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sillytheatreproductions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXLcuUtVRaLEegES55V-6gAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-23 01:39:23 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 20:39:08.471493 2026] [security2:error] [pid 24044:tid 24044] [client 194.104.8.220:16693] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|disio.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "disio.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXLRPJ8fQbA_r_xGTIaEMgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 12:08:16 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.220 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 07:08:09.908513 2026] [security2:error] [pid 2914880:tid 2914902] [client 194.104.8.220:58271] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|worldecom.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "worldecom.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aXITKXB8MIxg9sKmYBTfVQAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-16 17:51:09 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-15 16:04:41 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇿 lp	2025-03-15 01:24:17 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 194.104.8.220 2025-03-15T01:05:25+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 194.104.8.220 2025-03-15T01:05:25+01:00 vpn Access-Reject 'hotdog' station: 194.104.8.220 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-03-15T01:07:38+01:00 vpn Access-Reject 'sean' station: 194.104.8.220 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
Anonymous	2025-02-16 19:52:07 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-02-10 07:38:44 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-12-24 06:30:18 (1 year ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Anonymous	2024-12-24 04:12:07 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 Sklurk	2022-04-16 12:50:01 (4 years ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.214

🇿🇼 197.221.232.44

🇮🇹 172.213.2.229

🇺🇸 172.203.149.63

🇺🇾 167.61.33.52

🇳🇬 102.216.134.50

🇺🇸 91.230.168.208

🇺🇸 64.62.197.77

🇻🇳 58.186.20.143

🇮🇳 2409:40e1:3009:d612:122:ae2c:13ec:48b8

🇧🇷 187.180.191.187

🇳🇱 176.65.139.181

🇺🇾 167.61.211.110

🇩🇪 162.55.31.215

🇰🇷 121.179.93.147

🇮🇳 113.193.187.154

🇳🇱 45.148.10.121

🇺🇸 216.25.89.75

🇳🇱 176.65.132.39

🇺🇾 167.61.196.203