JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.164.6

154.213.164.6 was found in our database!

This IP was reported 69 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Unknown
ASN	Unknown
Domain Name	cloudinnovation.org
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.164.6

Whois 154.213.164.6

IP Abuse Reports for 154.213.164.6:

This IP address has been reported a total of 69 times from 18 distinct sources. 154.213.164.6 was first reported on April 8th 2025, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-03-03 06:40:54 (3 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇫🇷 mrcrassi	2025-12-14 01:23:35 (6 months ago)	Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST meth ... show more Triggered Cloudflare WAF (firewallCustom) from DE. Action taken: BLOCK Protocol: HTTP/1.1 (POST method) Endpoint: /wp-login.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-11-27 21:59:24 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 16:59:15.275065 2025] [security2:error] [pid 18253:tid 18253] [client 154.213.164.6:50003] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "greatwesternfirearms.com"] [uri "/.git/HEAD"] [unique_id "aSjJs1lPUONGqV0OdQb30AAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-27 18:57:44 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 27 13:57:38.902561 2025] [security2:error] [pid 4085:tid 4085] [client 154.213.164.6:60399] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aandbnaturalfoods.com"] [uri "/.svn/wc.db"] [unique_id "aSifIsovhin3iNGenOchEgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 08:33:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 26 03:33:25.321575 2025] [security2:error] [pid 8471:tid 8471] [client 154.213.164.6:17053] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thekcpages.com.loudenlow.com"] [uri "/.env"] [unique_id "aSa7VZ0CNoOmX9qFkfVtEAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-26 02:25:25 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 25 21:25:19.791233 2025] [security2:error] [pid 8408:tid 8408] [client 154.213.164.6:57573] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.carterindustries.net"] [uri "/.git/HEAD"] [unique_id "aSZlD7OUPcNjNnZ6f9d1UAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 04:20:32 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 23:20:28.423207 2025] [security2:error] [pid 785255:tid 785255] [client 154.213.164.6:58131] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.angelonearth.net"] [uri "/.git/HEAD"] [unique_id "aSUujIuhJncFUGOL-ALl9QAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:27:17 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:27:13.669400 2025] [security2:error] [pid 17023:tid 17078] [client 154.213.164.6:20271] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.appraisalteam.net"] [uri "/.git/HEAD"] [unique_id "aSUUAb1hG8E8_fObGRhzjwAAARA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 02:11:04 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 21:10:59.540305 2025] [security2:error] [pid 32205:tid 32205] [client 154.213.164.6:37155] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.aprilparks.com"] [uri "/.env"] [unique_id "aSUQMz9q-KQq9iHQ-oXB1AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-25 01:37:23 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 20:37:17.202329 2025] [security2:error] [pid 25826:tid 25826] [client 154.213.164.6:25423] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.medcoarabia.com"] [uri "/.svn/wc.db"] [unique_id "aSUITQkb-4P5XAHcVtW3kgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-24 13:44:40 (7 months ago)	Attempted access to sensitive endpoint (/.env) detected. Automated scan or unauthorized probing.	Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 05:17:30 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 24 00:17:14.826047 2025] [security2:error] [pid 27132:tid 27132] [client 154.213.164.6:56719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cookerwars.com"] [uri "/.svn/wc.db"] [unique_id "aSPqWs9JOwozQtiPFMDYoQAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-24 02:14:25 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.213.164.6 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 21:14:12.500272 2025] [security2:error] [pid 10390:tid 10390] [client 154.213.164.6:56213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.pointandshootfilm.com"] [uri "/.git/HEAD"] [unique_id "aSO_dKxvWWI0TxNAIiD0HwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-11-21 18:27:39 (7 months ago)	This IP was involved in an brute force and password spray attack on 2025/11/21 12:25:01	Port Scan Brute-Force Exploited Host Web App Attack
🇦🇺 oncord	2025-11-17 08:45:41 (7 months ago)	Form spam	Web Spam

Showing 1 to 15 of 69 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇸 213.6.114.51

🇬🇧 193.163.125.47

🇺🇸 148.153.250.180

🇺🇸 141.11.88.106

🇮🇹 91.80.131.9

🇺🇸 72.90.88.128

🇪🇸 5.40.107.129

🇺🇸 65.49.1.169

🇨🇭 34.65.125.153

🇩🇪 213.209.159.242

🇧🇷 189.69.132.216

🇺🇸 107.151.202.100

🇳🇱 45.156.87.254

🇨🇳 218.17.217.141

🇺🇸 216.25.89.77

🇻🇳 210.211.122.97

🇺🇸 174.138.89.209

🇺🇸 159.112.244.40

🇧🇬 79.124.58.142

🇳🇱 45.148.10.152