JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 94.154.127.93

94.154.127.93 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 18%: ?

18%

ISP	Quality Network US LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	traffictransitsolution.us
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 94.154.127.93

Whois 94.154.127.93

IP Abuse Reports for 94.154.127.93:

This IP address has been reported a total of 23 times from 18 distinct sources. 94.154.127.93 was first reported on January 15th 2022, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-21 16:57:33 (4 weeks ago)	(mod_security) mod_security (id:210730) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 12:57:25.235306 2026] [security2:error] [pid 26287:tid 26287] [client 94.154.127.93:48943] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|eye7graphics.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "eye7graphics.com"] [uri "/wp-config.inc"] [unique_id "ag85dR_gtndC2zVbwxLMsgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-21 07:06:25 (4 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
Anonymous	2026-05-18 20:35:54 (1 month ago)	Forum/form spam	Web Spam
🇫🇮 YF	2026-05-16 11:05:31 (1 month ago)	WordPress author enumeration	Web App Attack
🇩🇪 LRob.fr	2026-04-16 16:15:09 (2 months ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 Séfora Srl	2026-04-16 03:01:49 (2 months ago)	Failed attempt detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
Anonymous	2026-04-15 08:09:00 (2 months ago)	94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php.txt HTTP/1.0" 404 463 "-" "Mozill ... show more 94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php.txt HTTP/1.0" 404 463 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php.txt HTTP/1.1" 404 247 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php.old HTTP/1.1" 404 247 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php.old HTTP/1.0" 404 463 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" 94.154.127.93 - - [15/Apr/2026:10:08:59 +0200] "GET /wp-config.php~ HTTP/1.1" 404 247 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) ... show less	Brute-Force Web App Attack
🇩🇪 HandyTreff.de	2026-03-16 11:29:46 (3 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -58.822 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -58.822 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3650.6 show less	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-14 11:48:32 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 07:48:24.961479 2026] [security2:error] [pid 31529:tid 31529] [client 94.154.127.93:45333] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Amia/Thumbs.db"] [unique_id "abVLCBUpG57pjwkHdz5LwAAAAAc"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Amia/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-03-12 05:27:00 (3 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇫🇷 tilellit.pro	2026-02-13 16:41:15 (4 months ago)	Fail2Ban banned 94.154.127.93 for security violations in jail wp-armour. Log: 2026/02/13 16:41:13 [e ... show more Fail2Ban banned 94.154.127.93 for security violations in jail wp-armour. Log: 2026/02/13 16:41:13 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 94.154.127.93 \| Target: wplogin" , client: 94.154.127.93, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇨🇭 backslash	2026-01-12 08:40:10 (5 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2025-12-27 09:01:42 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -46.93 (Bad < -10 / Very Bad < -20 / ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -46.93 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.778.14 show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-02 09:04:28 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 94.154.127.93 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 02 04:04:20.995390 2025] [security2:error] [pid 20524:tid 20524] [client 94.154.127.93:62391] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thomasgardner.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thomasgardner.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQcelLWv2anrPrNkeu9hKgAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dpsbs	2025-11-01 23:11:36 (7 months ago)	multiple ips intrustions detected	Hacking

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 92.63.197.5

🇮🇪 54.228.173.73

🇨🇳 220.250.52.75

🇺🇸 216.73.217.154

🇺🇸 194.62.107.164

🇺🇸 194.62.107.155

🇧🇷 187.87.38.131

🇺🇸 150.107.38.182

🇺🇸 147.185.132.46

🇨🇳 124.88.113.185

🇨🇳 122.51.156.129

🇺🇸 104.171.28.45

🇲🇳 103.229.177.85

🇳🇱 91.92.42.133

🇯🇵 54.199.32.34

🇸🇬 52.221.253.11

🇬🇧 35.203.210.61

🇺🇸 35.91.72.230

🇺🇸 34.148.68.91

🇺🇸 18.216.199.161