JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.160.213

154.213.160.213 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Unknown
ASN	Unknown
Domain Name	cloudinnovation.org
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.160.213

Whois 154.213.160.213

IP Abuse Reports for 154.213.160.213:

This IP address has been reported a total of 52 times from 16 distinct sources. 154.213.160.213 was first reported on April 8th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Epimetheus	2026-01-15 10:04:39 (5 months ago)	Unauthorized access attempts: From: 154.213.160.213 Method: HTTP GET URI Path: /.git/HEAD UA: ... show more Unauthorized access attempts: From: 154.213.160.213 Method: HTTP GET URI Path: /.git/HEAD UA: "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:121.0) Gecko/20100101 Firefox/121.0" show less	Web App Attack
🇮🇹 VHosting	2025-12-24 01:45:25 (5 months ago)	Detected attack and reported by a human	DDoS Attack Brute-Force Bad Web Bot Exploited Host Web App Attack SSH
🇺🇸 TPI-Abuse	2025-11-26 10:54:55 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 05:54:48.486636 2025] [security2:error] [pid 21852:tid 21852] [client 154.213.160.213:25355] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.redlandssprinkler.com"] [uri "/.svn/wc.db"] [unique_id "aSbceGquTJ_SppOmCP-tuwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 04:11:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 23:11:23.573132 2025] [security2:error] [pid 13221:tid 13221] [client 154.213.160.213:30399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.billhoy.com"] [uri "/.svn/wc.db"] [unique_id "aSZ968MRtQrrvob4J8qhRQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 01:42:51 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 20:42:46.217411 2025] [security2:error] [pid 10504:tid 10504] [client 154.213.160.213:50537] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jeffjastro.com"] [uri "/.git/HEAD"] [unique_id "aSZbFgRhRJKQNB9B7y6aQAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-25 09:47:30 (6 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-25 02:03:50 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:03:43.185625 2025] [security2:error] [pid 19579:tid 19579] [client 154.213.160.213:46463] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.writebetweenthelines.com"] [uri "/.svn/wc.db"] [unique_id "aSUOf7r5YzxHqvgPW4Hs1gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Swiptly	2025-11-24 04:06:16 (6 months ago)	Bot scanning for environment files .env .env/\* ...	Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 19:33:53 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.160.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 14:33:47.034625 2025] [security2:error] [pid 27299:tid 27299] [client 154.213.160.213:18863] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.versahealthcare.com"] [uri "/.git/config"] [unique_id "aSNhmxbkhUgv8Sb4jz7QogAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 applemooz	2025-11-01 10:49:08 (7 months ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack
🇳🇱 Mangelot Hosting	2025-10-31 13:47:19 (7 months ago)	(bad_user_agent) srv101 Bad User-Agent 154.213.160.213 (FR/France/-): 10 in the last 3600 secs; Port ... show more (bad_user_agent) srv101 Bad User-Agent 154.213.160.213 (FR/France/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 neckaralb-admin.de	2025-10-29 17:59:47 (7 months ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇦🇺 AWW-Admin	2025-10-29 16:07:23 (7 months ago)	(wordpress) Failed wordpress login from 154.213.160.213 (SC/Seychelles/-)	Brute-Force
Anonymous	2025-09-25 13:09:39 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.25 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.25 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 fbarela	2025-09-25 05:02:22 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 45.207.221.17

🇳🇱 45.198.224.115

🇧🇴 186.121.201.67

🇻🇳 180.93.98.232

🇺🇸 162.216.149.104

🇺🇸 135.119.89.68

🇺🇸 107.170.247.81

🇱🇹 45.227.254.170

🇺🇸 34.195.248.30

🇧🇷 191.8.2.119

🇧🇷 187.51.208.158

🇩🇪 165.227.163.140

🇺🇸 152.32.206.64

🇮🇳 136.232.11.10

🇳🇱 45.156.128.5

🇧🇪 34.140.124.10

🇺🇸 185.223.152.50

🇺🇸 185.213.193.234

🇮🇩 182.253.64.11

🇮🇳 122.173.27.201