JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 57.154.217.179

57.154.217.179 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 57.154.217.179

Whois 57.154.217.179

IP Abuse Reports for 57.154.217.179:

This IP address has been reported a total of 29 times from 25 distinct sources. 57.154.217.179 was first reported on May 27th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Mark--	2026-06-02 23:38:30 (2 days ago)	Unauthorized connection attempt detected port 8080	Hacking
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇩🇪 ITSNF	2026-06-02 21:30:04 (2 days ago)	Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=2082,2083,2086,2087,443,80,8080,8443	Port Scan Hacking
🇺🇸 technash	2026-06-02 21:25:00 (2 days ago)	Port scanning detection [Fortinet/Sentinel]. Deny/drop traffic.	Port Scan
🇨🇦 polycoda	2026-06-02 20:45:53 (2 days ago)	📡 Port scan	Hacking Web App Attack
🇺🇸 RAP	2026-06-02 19:38:46 (2 days ago)	2026-06-02 19:38:46 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-02 16:48:59 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 PeravixGroup	2026-06-02 13:24:39 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 RAP	2026-06-02 09:41:46 (3 days ago)	2026-06-02 09:41:46 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 09:19:21 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 57.154.217.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.154.217.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:19:17.273368 2026] [security2:error] [pid 357:tid 357] [client 57.154.217.179:10565] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.97"] [uri "/.git/HEAD"] [unique_id "ah6gFShOpBZqHwpybi1D8AAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 sthoyer.de	2026-06-02 09:14:53 (3 days ago)	Jun 2 11:14:52 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 2 11:14:52 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=57.154.217.179 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=59213 DF PROTO=TCP SPT=10576 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 11:14:52 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=57.154.217.179 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=34331 DF PROTO=TCP SPT=10600 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 11:14:52 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=57.154.217.179 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=51531 DF PROTO=TCP SPT=10600 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 11:14:53 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=57.154.217.179 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=47781 DF PROTO=TCP SPT=10609 DPT=8080 WI ... show less	Port Scan
🇺🇸 mnsf	2026-06-02 09:07:20 (3 days ago)	Too many Status 50X (25)	Brute-Force Web App Attack
🇺🇸 crooze.net	2026-06-02 08:26:29 (3 days ago)	57.154.217.179 - - [02/Jun/2026:04:26:28 -0400] "GET /wp-config.php.bak HTTP/1.1" 444 0 "-" "Mozilla ... show more 57.154.217.179 - - [02/Jun/2026:04:26:28 -0400] "GET /wp-config.php.bak HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 08:25:45 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 57.154.217.179 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 57.154.217.179 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 04:25:41.968615 2026] [security2:error] [pid 28240:tid 28240] [client 57.154.217.179:11244] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.168"] [uri "/.git/HEAD"] [unique_id "ah6ThR0nf9bYv5u60eaATAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-02 08:16:13 (3 days ago)	Blocked by UFW (TCP on 2087) Source port: 10638 TTL: 47 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 10638 TTL: 47 Packet length: 60 TOS: 0x00 This report (for 57.154.217.179) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2001:4490:4031:3ac2:79ed:a297:c694:a92a

🇲🇾 175.138.19.187

🇬🇷 145.224.119.189

🇦🇺 101.0.106.166

🇺🇸 75.81.26.181

🇺🇸 173.49.251.157

🇺🇸 172.239.51.109

🇺🇸 49.51.204.105

🇯🇵 45.135.161.17

🇹🇼 45.43.37.254

🇯🇵 43.167.157.80

🇮🇱 40.223.165.117

🇯🇵 8.216.15.11

🇺🇸 3.95.37.97

🇲🇽 186.96.145.241

🇺🇸 147.185.132.254

🇮🇳 103.179.0.100

🇧🇬 91.191.209.198

🇺🇸 73.230.25.111

🇮🇳 59.89.91.158