JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 154.94.14.217

154.94.14.217 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 0%: ?

ISP	Cloud Innovation Ltd
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20326
Domain Name	cloudinnovation.org
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 154.94.14.217

Whois 154.94.14.217

IP Abuse Reports for 154.94.14.217:

This IP address has been reported a total of 20 times from 13 distinct sources. 154.94.14.217 was first reported on November 5th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 diego	2025-09-26 06:33:17 (8 months ago)	[rede-164-29] Port Scan detected from 154.94.14.217 (-). 11 hits in the last 161 seconds; Ports: * ... show more [rede-164-29] Port Scan detected from 154.94.14.217 (-). 11 hits in the last 161 seconds; Ports: ; Direction: in; Trigger: PS_LIMIT; Logs: Sep 26 03:32:55 kernel: [12332133.265507] Firewall: TCP_IN Blocked* IN=ethX OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx00 SRC=154.94.14.217 DST=0.0.0.x LEN=60 TOS=0x00 PREC=0x00 TTL=52 ID=30088 DF PROTO=TCP SPT=52433 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 Sep 26 03:32:56 kernel: [12332133.434383] Firewall: TCP_IN Blocked IN=ethX OUT= MAC=xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx:xx00 SRC=154.94.14.217 DST=143.0.19.44 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=33111 DF PROTO=TCP SPT=1400 show less	Port Scan
🇮🇩 BPS-StatisticsIndonesia	2025-09-26 00:03:18 (8 months ago)	WP Login Scan Activities	Web App Attack
🇮🇹 alph44	2025-09-10 13:18:47 (8 months ago)	(mod_security) mod_security (id:949110) triggered by 154.94.14.217 (ES/Spain/-): 5 in the last 3600 ... show more (mod_security) mod_security (id:949110) triggered by 154.94.14.217 (ES/Spain/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2025-09-10 09:21:29 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 05:21:26.099969 2025] [security2:error] [pid 1883:tid 1883] [client 154.94.14.217:30499] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.bgraph.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.bgraph.com"] [uri "/s3cmd.ini"] [unique_id "aMFDFtiEdvOEedS3tbAAaAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Bytemark	2025-09-08 04:03:42 (9 months ago)	154.94.14.217 - - [08/Sep/2025:05:03:40 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.goog ... show more 154.94.14.217 - - [08/Sep/2025:05:03:40 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.94.14.217 - - [08/Sep/2025:05:03:40 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 154.94.14.217 - - [08/Sep/2025:05:03:41 +0100] "GET /wp-login.php HTTP/1.1" 404 47 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 22:33:38 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 18:33:30.262219 2025] [security2:error] [pid 21500:tid 21500] [client 154.94.14.217:33659] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.angelsofrhodeisland.com.alanmariotti.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.angelsofrhodeisland.com.alanmariotti.com"] [uri "/s3cmd.ini"] [unique_id "aLy2ugQmHxeYnDLJ9Ssi5AAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-08-31 22:44:45 (9 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 154.94.14.217 (-): 1 in the last 360 ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 154.94.14.217 (-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-08-31 18:19:35 (9 months ago)	(mod_security) mod_security (id:210492) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 154.94.14.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Aug 31 14:19:27.848145 2025] [security2:error] [pid 3692964:tid 3693021] [client 154.94.14.217:40633] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.charlottesvilleclosets.windowtailors.com"] [uri "/config.php%7C/.env%7Csettings.py"] [unique_id "aLSSL7ilD4Gsbc-DodD9bwAAAFU"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2025-08-31 16:42:59 (9 months ago)	[Sun Aug 31 18:42:57.926140 2025] [proxy_fcgi:error] [pid 2833812:tid 2833828] [remote 154.94.14.217 ... show more [Sun Aug 31 18:42:57.926140 2025] [proxy_fcgi:error] [pid 2833812:tid 2833828] [remote 154.94.14.217:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Sun Aug 31 18:42:58.727114 2025] [proxy_fcgi:error] [pid 2810578:tid 2811603] [remote 154.94.14.217:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
Anonymous	2025-05-02 15:03:49 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇮🇹 Rosh	2025-03-29 04:13:20 (1 year ago)	[03/29/25 05:13:20] Unauthorized request HTTP/1.0 400 on port 80	Hacking Web App Attack
🇩🇪 nyuuzyou	2025-03-14 18:33:18 (1 year ago)	Intensive scraping: /web?s=%22Submit%20wallpaper%22&lang=ko&scraper=google_cse	Bad Web Bot
🇩🇪 nyuuzyou	2025-02-11 22:13:44 (1 year ago)	Intensive scraping: /web?s=%22%2Fblog%2F%22%20%22Powered%20by%20SocialGO%22&country=it&scraper=yep	Bad Web Bot
🇩🇪 nyuuzyou	2025-02-11 22:09:08 (1 year ago)	Intensive scraping: /web?s=%22Speak%20Your%20Mind%22%20Website&lang=tr&scraper=yandex	Bad Web Bot
🇩🇪 nyuuzyou	2025-02-11 21:54:11 (1 year ago)	Intensive scraping: /web?s=%22Most%20Viewed%20Stories%22%20%22Story%20Votes%22&lang=kk&scraper=yande ... show more Intensive scraping: /web?s=%22Most%20Viewed%20Stories%22%20%22Story%20Votes%22&lang=kk&scraper=yandex show less	Bad Web Bot

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 82.102.18.190

🇰🇷 218.157.163.203

🇧🇪 198.235.24.195

🇹🇼 198.235.24.109

🇺🇸 172.245.226.119

🇰🇷 165.154.52.159

🇮🇪 54.170.59.61

🇧🇷 205.210.31.174

🇲🇽 186.96.145.241

🇸🇪 162.158.182.189

🇨🇳 112.28.234.157

🇭🇰 103.146.158.57

🇬🇧 89.37.172.144

🇺🇸 67.207.84.8

🇰🇷 42.82.237.139

🇰🇷 8.230.31.86

🇮🇪 18.201.12.252

🇺🇸 2607:f8b0:4023:100f::129

🇫🇮 147.185.133.134

🇵🇰 144.48.121.126