JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.104.8.56

194.104.8.56 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 7%: ?

ISP	TrafficTransitSolution LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	traffictransitsolution.us
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.104.8.56

Whois 194.104.8.56

IP Abuse Reports for 194.104.8.56:

This IP address has been reported a total of 27 times from 12 distinct sources. 194.104.8.56 was first reported on September 18th 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NicoID	2026-05-01 00:14:44 (1 month ago)	194.104.8.56 - - [30/Apr/2026:15:37:18 -0600] "GET /wp-login.php HTTP/1.1" 200 4882 "https://www.goo ... show more 194.104.8.56 - - [30/Apr/2026:15:37:18 -0600] "GET /wp-login.php HTTP/1.1" 200 4882 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-24 13:42:12 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 09:42:05.648911 2026] [security2:error] [pid 5940:tid 5940] [client 194.104.8.56:39307] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tankservicesinc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tankservicesinc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aetzLQApDt7exx4y4C4dcwAAABo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-19 11:04:49 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 07:04:42.287661 2026] [security2:error] [pid 1943810:tid 1943810] [client 194.104.8.56:41185] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|webjemm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "webjemm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aeS2yrdevx9o5VhxST2KogAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 05:13:04 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 194.104.8.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 01:12:58.465548 2026] [security2:error] [pid 617634:tid 617634] [client 194.104.8.56:34383] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|hotjive.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "hotjive.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeMS2ndDynGuMHjZo4DG9wAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2026-03-28 14:34:55 (2 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-10 14:37:39 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇸🇬 Vano Ganzzz	2025-11-29 11:10:20 (6 months ago)	Triggered Cloudflare WAF (ratelimit) from US. Action taken: BLOCK ASN: 26548 (PUREVOLTAGE-INC) Proto ... show more Triggered Cloudflare WAF (ratelimit) from US. Action taken: BLOCK ASN: 26548 (PUREVOLTAGE-INC) Protocol: HTTP/2 (GET method) Endpoint: / Timestamp: 2025-11-29T11:10:20Z Ray ID: 9a61a86f9dc075e8 UA: Mozilla/5.0 (iPad; CPU OS 17_0 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) CriOS/133.0.0.0 Mobile/15E148 Safari/604.1 show less	Bad Web Bot
Anonymous	2025-09-01 15:31:49 (9 months ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-06-05 04:55:58 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-02 18:32:59 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-06-01 12:11:19 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-29 17:09:23 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-27 11:27:07 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-05-16 01:57:12 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇩🇪 stinpriza	2025-05-14 17:39:48 (1 year ago)	(XMLRPC) xmlrpc banned 194.104.8.56 (RU/Russia/-): 1 in the last 3600 secs	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 172.253.244.27

🇺🇸 172.93.102.236

🇺🇸 147.90.199.70

🇺🇸 147.90.198.203

🇺🇸 147.90.196.30

🇪🇸 94.73.38.99

🇪🇸 80.102.218.187

🇳🇱 45.148.10.151

🇩🇿 41.96.96.23

🇹🇷 172.69.250.151

🇺🇸 147.90.197.200

🇺🇸 147.90.197.48

🇻🇳 103.77.175.15

🇮🇷 79.175.176.177

🇳🇱 45.148.10.147

🇨🇦 20.151.2.122

🇨🇳 222.212.91.18

🇬🇧 195.206.182.222

🇮🇳 182.95.217.182

🇰🇭 175.100.42.36