JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.164.183

154.213.164.183 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Unknown
ASN	Unknown
Domain Name	cloudinnovation.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.164.183

Whois 154.213.164.183

IP Abuse Reports for 154.213.164.183:

This IP address has been reported a total of 77 times from 31 distinct sources. 154.213.164.183 was first reported on April 8th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-03-05 08:06:46 (3 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 05 03:06:39.185056 2026] [security2:error] [pid 2915:tid 2922] [client 154.213.164.183:64745] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.howardhallis.com"] [uri "/.git/objects/ba/c33a188aafdd87a018448633ab2fda5fd2d159"] [unique_id "aak5j2bdh7c6FWT9QFVLoAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 LRob.fr	2026-02-20 20:15:03 (3 months ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇬🇧 Shadymint	2026-02-15 12:37:53 (3 months ago)	url probing from IP marked as abusive	Web App Attack
🇺🇸 myagent.site	2026-02-15 06:28:35 (3 months ago)	Blocking for trying to access an exploit file: /backend/.env	Hacking
🇺🇸 mnsf	2026-02-15 06:05:59 (3 months ago)	Scanning/Probing (23)	Brute-Force Web App Attack
🇨🇭 Origon	2026-02-15 05:55:35 (3 months ago)	http-sensitive-files - IP: 154.213.164.183 - time="2026-02-15T06:55:35+01:00" level=info msg="(555f ... show more http-sensitive-files - IP: 154.213.164.183 - time="2026-02-15T06:55:35+01:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-sensitive-files by ip 154.213.164.183 (DE/200373) : 4h ban on Ip 154.213.164.183" module=db show less	Web App Attack
🇫🇷 dynamix	2026-02-15 03:42:42 (3 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 FABIO EGAS	2026-02-15 02:57:56 (3 months ago)	(mod_security) mod_security triggered on hostname [redacted] 154.213.164.183 (DE/Germany/-)	SQL Injection
🇵🇱 Nevex	2026-02-15 02:05:38 (3 months ago)	Access forbidden by rule 10 times for 10 URIs	Web App Attack
Anonymous	2026-01-05 20:25:17 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.05 is noted in report timestamp show less	Hacking Brute-Force
🇳🇱 homeshowdomain.nl	2025-11-25 22:59:37 (6 months ago)	Auto-ban: >3000 req/min op 2025-11-25	Hacking Web App Attack SSH
🇫🇮 Shaik Sai Meera	2025-11-25 18:10:12 (6 months ago)	IM360 WAF: Hidden file access	Brute-Force
🇺🇸 TPI-Abuse	2025-11-25 04:40:52 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:40:45.415235 2025] [security2:error] [pid 1735:tid 1735] [client 154.213.164.183:38403] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.thingstodonude.com"] [uri "/.env"] [unique_id "aSUzTSxCoFgGAfO7JH7ELAAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 03:54:11 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 22:53:56.983531 2025] [security2:error] [pid 11000:tid 11000] [client 154.213.164.183:30143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.onewithaudio.com"] [uri "/.env"] [unique_id "aSUoVPMQYujh8EbgPI5xqAAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:52:27 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:52:19.333407 2025] [security2:error] [pid 4457:tid 4457] [client 154.213.164.183:13429] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.vffv.com"] [uri "/.env"] [unique_id "aSUZ48-v8bHVzJ6vLenlcwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.56

🇧🇷 190.115.84.25

🇮🇩 163.7.0.179

🇵🇰 153.117.13.147

🇺🇸 103.203.57.11

🇺🇸 64.62.156.222

🇨🇳 1.85.219.151

🇧🇷 143.0.56.123

🇮🇳 103.84.236.222

🇺🇸 66.132.172.60

🇺🇸 65.49.20.85

🇬🇧 45.89.63.39

🇨🇳 36.110.172.218

🇻🇳 14.167.169.18

🇺🇸 2604:a880:400:d1:0:4:962f:9001

🇷🇺 188.17.148.221

🇩🇪 141.11.250.239

🇮🇩 140.213.11.126

🇷🇴 80.94.92.184

🇩🇪 69.5.169.62