JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.197.57.214

154.197.57.214 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 100%: ?

100%

ISP	UCLOUD INFORMATION TECHNOLOGY HK LIMITEDIMITED
Usage Type	Data Center/Web Hosting/Transit
ASN	AS135377
Domain Name	ucloud.cn
Country	🇺🇸 United States of America
City	Los Angeles, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.197.57.214

Whois 154.197.57.214

IP Abuse Reports for 154.197.57.214:

This IP address has been reported a total of 102 times from 52 distinct sources. 154.197.57.214 was first reported on June 3rd 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 SOC [GOLINE SA]	2026-06-12 13:02:36 (2 hours ago)	FortiGate detected IPS attack from IPv4 address 154.197.57.214	Hacking
Anonymous	2026-06-12 12:11:54 (2 hours ago)	154.197.57.214 - - [12/Jun/2026:14:11:53 +0200] "GET /.env HTTP/1.1" 403 5796 "-" "Mozilla/5.0 (X11; ... show more 154.197.57.214 - - [12/Jun/2026:14:11:53 +0200] "GET /.env HTTP/1.1" 403 5796 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-12 10:27:25 (4 hours ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-1)	Hacking Bad Web Bot
🇨🇭 Ribeye375	2026-06-12 10:00:23 (5 hours ago)	HIPS nginx-anti-botnet - Block tcp/0:65535	Bad Web Bot
🇳🇱 myip.foo	2026-06-12 09:41:34 (5 hours ago)	[myip.foo] 154.197.57.214 - - [12/Jun/2026:09:41:33 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla ... show more [myip.foo] 154.197.57.214 - - [12/Jun/2026:09:41:33 +0000] "GET /.env HTTP/1.1" 404 181 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-12 07:44:24 (7 hours ago)	"GET /.env HTTP/1.1"	Hacking Web App Attack
🇺🇸 gu-alvareza	2026-06-12 07:05:07 (7 hours ago)	AndroxGh0st.Malware	Hacking Exploited Host
Anonymous	2026-06-12 06:47:28 (8 hours ago)	fail2ban: Sensitive web probes detected	Web App Attack
🇮🇹 Inartis	2026-06-12 05:48:23 (9 hours ago)	154.197.57.214 - - [12/Jun/2026:07:48:22 +0200] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; ... show more 154.197.57.214 - - [12/Jun/2026:07:48:22 +0200] "GET /.env HTTP/1.1" 302 445 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 vtchost.com	2026-06-12 03:41:28 (11 hours ago)	minux.cc:80 154.197.57.214 - - [12/Jun/2026:05:41:27 +0200] "GET /.env HTTP/1.1" 418 215 "-" "Mozill ... show more minux.cc:80 154.197.57.214 - - [12/Jun/2026:05:41:27 +0200] "GET /.env HTTP/1.1" 418 215 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-11 23:52:22 (15 hours ago)	154.197.57.214 - - [11/Jun/2026:23:52:21 +0000] "GET /.env HTTP/1.1" 404 7010 "-" "Mozilla/5.0 (X11; ... show more 154.197.57.214 - - [11/Jun/2026:23:52:21 +0000] "GET /.env HTTP/1.1" 404 7010 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force Web App Attack
🇺🇸 anon333	2026-06-11 20:36:08 (18 hours ago)	Invalid HTTP port 80 probes to server T1636	Hacking Exploited Host
Anonymous	2026-06-11 20:14:10 (18 hours ago)	[Thu Jun 11 22:14:09.105016 2026] [access_compat:error] [pid 178935:tid 178935] [client 154.197.57.2 ... show more [Thu Jun 11 22:14:09.105016 2026] [access_compat:error] [pid 178935:tid 178935] [client 154.197.57.214:49745] AH01797: client denied by server configuration: /var/www/html/.env [Thu Jun 11 22:14:10.018698 2026] [access_compat:error] [pid 173559:tid 173559] [client 154.197.57.214:50455] AH01797: client denied by server configuration: /var/www/html/.env ... show less	Bad Web Bot Web App Attack
🇺🇸 aks4226	2026-06-11 19:57:11 (19 hours ago)	Bot search, attacking common web applications.	Web App Attack
🇹🇼 tyetriiix	2026-06-11 19:40:52 (19 hours ago)	Wazuh Alert Evidence: 154.197.57.214 - - [11/Jun/2026:19:40:48 +0000] "GET /.env HTTP/1.1" 404 548 " ... show more Wazuh Alert Evidence: 154.197.57.214 - - [11/Jun/2026:19:40:48 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" "-" Origin: "-" CORS_Header: "-" Sent_allow_origin: "-" show less	Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:fb54:1a00::94

🇺🇸 208.84.100.215

🇧🇷 190.115.84.25

🇮🇩 163.7.9.55

🇵🇭 120.28.109.102

🇨🇳 113.221.77.2

🇺🇸 70.167.111.242

🇺🇸 64.62.156.161

🇳🇱 45.148.10.147

🇺🇸 20.84.153.170

🇰🇷 218.149.157.240

🇲🇽 187.191.48.24

🇮🇩 163.7.3.220

🇫🇮 147.185.133.197

🇨🇳 49.235.121.118

🇸🇬 47.84.230.69

🇳🇱 45.148.10.141

🇳🇱 34.13.226.109

🇳🇱 5.61.209.96

🇦🇷 209.99.239.229