JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.213.195.56

154.213.195.56 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS328608
Domain Name	cloudinnovation.org
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.213.195.56

Whois 154.213.195.56

IP Abuse Reports for 154.213.195.56:

This IP address has been reported a total of 33 times from 12 distinct sources. 154.213.195.56 was first reported on November 5th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-09-29 12:18:39 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇦🇺 oncord	2025-09-28 09:32:02 (8 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-09-08 07:00:13 (9 months ago)	Form spam	Web Spam
🇫🇷 COMAITE	2025-09-05 19:48:36 (9 months ago)	SQL injection attempt from 154.213.195.56.	Web App Attack
🇻🇳 Xuan Can	2025-08-30 12:39:46 (9 months ago)	(mod_security) mod_security (id:981242) triggered by 154.213.195.56 (FR/France/-): 1 in the last 360 ... show more (mod_security) mod_security (id:981242) triggered by 154.213.195.56 (FR/France/-): 1 in the last 3600 secs; Ports: 80,443; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Aug 30 19:39:40.717530 2025] [security2:error] [pid 36312:tid 36358] [client 154.213.195.56:0] ModSecurity: Access denied with code 406 (phase 2). Pattern match "(?i:(?:[\\"'`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98]\\\\s?(x?or\|div\|like\|between\|and)\\\\s?[\\"'`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98]?\\\\d)\|(?:\\\\\\\\x(?:23\|27\|3d))\|(?:^.?[\\"'`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98]$)\|(?:(?:^[\\"'`\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98\\\\\\\\]*?(?:[\\\\ ..." at ARGS:sort. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "823"] [id "981242"] [msg "Detects classic SQL injection probings 1/2"] [data "Matched Data: ' found within ARGS:sort: '"] [severity "CRITICAL"] [tag "OWASP_CRS/WEB_ATTACK/SQL_INJECTION"] [hostname "www.diendanmaychu.vn"] [uri "/memberlist.php"] [unique_id "aLLxDHiuQZFH1iChgvEarwAAARM"] show less	Brute-Force SSH
🇦🇺 oncord	2025-08-28 17:09:11 (9 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-08-23 15:23:45 (10 months ago)	Form spam	Web Spam
🇬🇧 oncord	2025-08-20 09:38:36 (10 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-08-18 19:21:33 (10 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-08-13 22:31:25 (10 months ago)	Form spam	Web Spam
🇿🇦 maximonline.co.za	2025-08-13 17:50:10 (10 months ago)	Contact form spam.	Web Spam
🇦🇺 oncord	2025-08-07 04:53:55 (10 months ago)	Form spam	Web Spam
🇺🇸 TPI-Abuse	2025-08-03 14:57:38 (10 months ago)	(mod_security) mod_security (id:217280) triggered by 154.213.195.56 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:217280) triggered by 154.213.195.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 03 10:57:35.981685 2025] [security2:error] [pid 16761:tid 16761] [client 154.213.195.56:37587] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|mathewsdental.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "mathewsdental.com"] [uri "/index.php/contact-bottom"] [unique_id "aI9437yAORefPTwM7FzrfgAAAAc"], referer: http://mathewsdental.com/index.php/contact-bottom show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 oncord	2025-08-02 20:30:42 (10 months ago)	Form spam	Web Spam
🇦🇺 oncord	2025-08-01 19:32:56 (10 months ago)	Form spam	Web Spam

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.240

🇲🇴 182.93.7.194

🇨🇳 180.102.110.158

🇺🇸 172.245.43.228

🇺🇸 167.99.109.205

🇨🇦 165.22.225.218

🇨🇳 112.86.225.83

🇺🇿 94.158.61.176

🇫🇷 51.159.149.103

🇸🇬 47.84.139.171

🇨🇳 112.84.121.10

🇭🇺 79.139.56.13

🇨🇳 36.111.150.151

🇫🇷 2.21.243.135

🇨🇳 223.90.187.11

🇮🇳 182.66.193.212

🇺🇦 176.36.139.231

🇺🇸 147.185.132.183

🇺🇸 141.11.88.108

🇨🇳 115.53.122.69