JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.154.127.135

94.154.127.135 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 24%: ?

24%

ISP	Quality Network US LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	traffictransitsolution.us
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.154.127.135

Whois 94.154.127.135

IP Abuse Reports for 94.154.127.135:

This IP address has been reported a total of 28 times from 18 distinct sources. 94.154.127.135 was first reported on March 17th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 23:32:50 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 94.154.127.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 94.154.127.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 19:32:44.396260 2026] [security2:error] [pid 19271:tid 19271] [client 94.154.127.135:50303] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|beeswaxnews.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "beeswaxnews.com"] [uri "/"] [unique_id "aiC5nJI9vd9-j5TGEXAnoAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-28 12:26:41 (1 month ago)	WP Login Scan Activities: "2026-04-28T19:26:41.867+07:00" "/wp-login.php" "94.154.127.135" "Mozilla/ ... show more WP Login Scan Activities: "2026-04-28T19:26:41.867+07:00" "/wp-login.php" "94.154.127.135" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇧🇪 voormedia	2026-04-18 19:17:56 (1 month ago)	Accessed trap at '/wp-login.php'	Web App Attack
Anonymous	2026-04-17 21:52:19 (1 month ago)	Web App Attack	Brute-Force Web App Attack
🇨🇿 ptlab	2026-04-16 16:45:33 (1 month ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇳🇱 lid3rc	2026-04-06 06:56:40 (1 month ago)	/administrator	Web App Attack
🇪🇸 el-brujo	2026-04-02 13:09:47 (2 months ago)	[Thu Apr 02 15:09:41.622902 2026] [proxy_fcgi:error] [pid 2524818:tid 2525518] [remote 94.154.127.13 ... show more [Thu Apr 02 15:09:41.622902 2026] [proxy_fcgi:error] [pid 2524818:tid 2525518] [remote 94.154.127.135:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Thu Apr 02 15:09:47.667324 2026] [proxy_fcgi:error] [pid 2524818:tid 2525173] [remote 94.154.127.135:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇩🇪 SCHAPPY	2026-03-31 06:16:34 (2 months ago)	Brute-force attack to non-existent web resources, HTTP code 404.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-03-23 05:00:34 (2 months ago)	(mod_security) mod_security (id:210350) triggered by 94.154.127.135 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 94.154.127.135 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 01:00:29.903796 2026] [security2:error] [pid 22013:tid 22013] [client 94.154.127.135:46311] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|jonathanfriend.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "jonathanfriend.com"] [uri "/"] [unique_id "acDI7UhJxFhOarmBNrl0DAAAAAI"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2025-11-08 09:25:58 (6 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.602 (Bad < -10 / Very Bad < -20) ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -20.602 (Bad < -10 / Very Bad < -20) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.4729.9 show less	Bad Web Bot Web App Attack
Anonymous	2025-10-26 03:17:10 (7 months ago)	RdpGuard detected brute-force attempt on RD-WEB	Brute-Force
🇳🇱 exxos	2025-09-04 00:03:01 (9 months ago)	HTTP1.x attacks	DDoS Attack
Anonymous	2025-08-31 00:30:45 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-19 23:44:30 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇩 Burayot	2025-08-03 17:22:23 (10 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 94.154.127.135 (GB/United Kingdom/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 94.154.127.135 (GB/United Kingdom/-): 1 in the last 3600 secs show less	Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.108

🇧🇷 205.210.31.172

🇵🇪 200.107.163.195

🇳🇱 176.65.148.58

🇺🇸 156.239.253.250

🇨🇳 106.38.205.224

🇫🇷 91.231.89.8

🇺🇸 67.21.32.64

🇳🇱 45.148.10.157

🇧🇪 35.195.182.128

🇬🇧 5.181.124.131

🇷🇴 2.57.121.25

🇨🇳 219.135.211.110

🇨🇴 179.1.209.58

🇩🇪 165.232.125.188

🇺🇸 162.216.149.241

🇸🇬 142.91.102.187

🇮🇳 122.185.101.50

🇫🇷 91.231.89.181

🇨🇦 85.217.149.52