JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.162.48

154.213.162.48 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Unknown
ASN	Unknown
Domain Name	cloudinnovation.org
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.162.48

Whois 154.213.162.48

IP Abuse Reports for 154.213.162.48:

This IP address has been reported a total of 52 times from 15 distinct sources. 154.213.162.48 was first reported on April 8th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 000rosiu	2026-02-11 17:07:09 (4 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK ASN: 200373 (DREI-K-TECH-GMBH) Protocol: HTTP/1.1 (GET method) Endpoint: /config/.env Timestamp: 2026-02-11T17:03:12Z Ray ID: 9cc56b153ddbdbce UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Report generated by Cloudflare-WAF-To-AbuseIPDB: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-12-30 09:34:20 (5 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇬🇧 openstrike.co.uk	2025-12-10 08:48:18 (6 months ago)	9 packets to port 2083	Port Scan
🇸🇪 KIDOS	2025-12-07 21:52:47 (6 months ago)	malicious activity	Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 20:22:31 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.162.48 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 154.213.162.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 15:22:22.341116 2025] [security2:error] [pid 18892:tid 18892] [client 154.213.162.48:19723] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/.git/HEAD"] [unique_id "aSiy_qH_NmhCZqobyKSzCgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-25 03:41:53 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-41.154.213.162.48.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-41.154.213.162.48.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇱🇻 garmtech.com	2025-11-24 02:24:53 (6 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-24.154.213.162.48.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 04-24.154.213.162.48.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2025-10-02 11:27:15 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 154.213.162.48 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 154.213.162.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 02 07:27:10.175960 2025] [security2:error] [pid 12437:tid 12437] [client 154.213.162.48:21839] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dbq.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dbq.us"] [uri "/wp-json/wp/v2/users"] [unique_id "aN5hjvA6lC7qCoENN_Jn2gAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-01 02:56:43 (8 months ago)	2025-10-01T04:56:39.801501 localhost.localdomain sshd[227314]: pam_unix(sshd:auth): authentication f ... show more 2025-10-01T04:56:39.801501 localhost.localdomain sshd[227314]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=154.213.162.48 2025-10-01T04:56:42.087393 localhost.localdomain sshd[227314]: Failed password for invalid user [email protected] from 154.213.162.48 port 27499 ssh2 ... show less	Brute-Force SSH
Anonymous	2025-09-20 22:02:26 (8 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-09-20 08:43:17 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.20 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.09.20 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-18 20:28:14 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.18 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.18 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-16 05:15:07 (8 months ago)	Attempted brute force login to web vpn 3 time(s); last attempt for 2025.09.16 is noted in report tim ... show more Attempted brute force login to web vpn 3 time(s); last attempt for 2025.09.16 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-14 02:21:48 (8 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.14 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.14 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2025-09-11 13:38:03 (9 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.11 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.11 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇷 201.206.191.42

🇧🇴 181.188.176.242

🇺🇸 137.184.212.212

🇩🇪 43.165.3.187

🇺🇸 216.244.83.58

🇺🇸 172.212.224.44

🇮🇷 94.184.177.71

🇺🇸 76.38.170.3

🇺🇸 52.176.211.73

🇳🇱 45.148.10.183

🇷🇺 194.176.114.36

🇰🇿 193.31.200.85

🇧🇷 177.174.0.3

🇨🇳 171.105.76.65

🇧🇬 151.237.79.243

🇨🇳 124.117.195.86

🇺🇬 102.218.89.110

🇺🇸 74.125.17.254

🇩🇪 4.184.246.230

🇧🇷 200.192.97.179