JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.163.254

154.213.163.254 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Unknown
ASN	Unknown
Domain Name	cloudinnovation.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.163.254

Whois 154.213.163.254

IP Abuse Reports for 154.213.163.254:

This IP address has been reported a total of 58 times from 17 distinct sources. 154.213.163.254 was first reported on April 8th 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Origon	2026-02-13 09:21:30 (4 months ago)	http-sensitive-files - IP: 154.213.163.254 - time="2026-02-13T10:21:30+01:00" level=info msg="(555f ... show more http-sensitive-files - IP: 154.213.163.254 - time="2026-02-13T10:21:30+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 154.213.163.254 (DE/200373) : 4h ban on Ip 154.213.163.254" module=db show less	Web App Attack
🇮🇩 Burayot	2026-02-13 06:06:37 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 154.213.163.254 (DE/Germany/-): 1 i ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 154.213.163.254 (DE/Germany/-): 1 in the last 3600 secs show less	Web App Attack
🇷🇺 DZBOT	2026-02-12 20:42:27 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-01-05 20:36:11 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-12-10 11:42:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 06:42:21.503897 2025] [security2:error] [pid 17458:tid 17458] [client 154.213.163.254:29577] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "rapidheatprocesses.com"] [uri "/.git/HEAD"] [unique_id "aTlcnSCTuxF40fi2CYH5KgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 09:57:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 04:56:43.198783 2025] [security2:error] [pid 9411:tid 9411] [client 154.213.163.254:23015] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-croatia.com"] [uri "/.env"] [unique_id "aTfyW9T19pysO0kaJkJb6QAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-06 23:01:24 (6 months ago)	Auto-ban: >3000 req/min op 2025-12-06	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2025-12-06 11:02:21 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 06 06:02:15.520824 2025] [security2:error] [pid 18897:tid 18897] [client 154.213.163.254:52513] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ictsl.net"] [uri "/.git/HEAD"] [unique_id "aTQNN11G59aKgq-wWLpIWgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 09:27:06 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 04:27:02.840095 2025] [security2:error] [pid 29686:tid 29686] [client 154.213.163.254:22269] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "sawted.com"] [uri "/.svn/wc.db"] [unique_id "aTKlZpxRB1AgIDfOrSYHnwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 06:48:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 05 01:48:20.377546 2025] [security2:error] [pid 32529:tid 32544] [client 154.213.163.254:10951] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "registeredprojectmanager.com"] [uri "/.svn/wc.db"] [unique_id "aTKANLBZQAL1ozgXiKToBgAAAQw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-05 02:57:45 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.163.254 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:57:40.107198 2025] [security2:error] [pid 12103:tid 12103] [client 154.213.163.254:60159] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "herzlo.com"] [uri "/.env"] [unique_id "aTJKJGkjG44xTMnsEMtMFAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-02 13:23:38 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/02 07:16:22	Port Scan Brute-Force Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2025-10-13 05:22:56 (8 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇧🇷 hostseries	2025-09-24 19:06:05 (9 months ago)	Distributed Brute-Force attack	Brute-Force
Anonymous	2025-09-22 02:07:09 (9 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.22 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.09.22 is noted in report timestamp show less	Hacking Brute-Force

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇶 194.31.220.230

🇳🇱 192.42.116.44

🇳🇱 82.174.207.142

🇺🇸 64.227.7.28

🇺🇸 45.156.129.62

🇮🇩 36.66.16.233

🇻🇳 14.191.43.143

🇺🇸 3.87.250.68

🇬🇧 194.164.91.60

🇺🇸 165.22.141.4

🇵🇰 160.187.180.175

🇧🇷 136.248.121.226

🇷🇺 94.230.136.33

🇳🇱 45.148.10.240

🇯🇵 207.56.231.29

🇰🇭 203.223.41.114

🇳🇱 185.223.235.6

🇲🇾 180.74.64.23

🇷🇺 95.108.213.116

🇺🇸 87.58.199.37