JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.214.54.40

48.214.54.40 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.214.54.40

Whois 48.214.54.40

IP Abuse Reports for 48.214.54.40:

This IP address has been reported a total of 13 times from 10 distinct sources. 48.214.54.40 was first reported on August 15th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 21:08:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:08:19.464088 2026] [security2:error] [pid 23290:tid 23290] [client 48.214.54.40:38673] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.173"] [uri "/.git/config"] [unique_id "ah9GQ4VbVR0008S1N9bQ5gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 20:57:42 (1 day ago)		Web App Attack
🇫🇷 vincent_EUDIER	2026-06-02 20:20:00 (1 day ago)	SURICATA HTTP unable to match response to request	Hacking
🇺🇸 RAP	2026-06-02 20:14:36 (1 day ago)	2026-06-02 20:14:36 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 19:27:46 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:27:39.711850 2026] [security2:error] [pid 6242:tid 6242] [client 48.214.54.40:37474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.148"] [uri "/.git/HEAD"] [unique_id "ah8uq9jlZAZ7zHQze-NiWAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Enno	2026-06-02 19:18:07 (1 day ago)	X09::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-02 18:56:20 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.40 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 14:56:13.182467 2026] [security2:error] [pid 4792:tid 4792] [client 48.214.54.40:38972] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.172"] [uri "/.git/HEAD"] [unique_id "ah8nTev3XcSaufC1GsK7gQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 boxed-it	2026-06-02 18:25:49 (1 day ago)	GET /.env (Tarpitted for 48m18s, wasted 169.92kB)	Web App Attack
🇺🇸 RAP	2026-06-02 18:25:48 (1 day ago)	2026-06-02 18:25:48 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-02 18:23:15 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-02 16:48:00 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2025-08-15 18:13:04 (9 months ago)	Excessive crawling/scraping	Hacking Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 209.50.186.25

🇺🇸 173.252.70.49

🇺🇸 146.190.78.195

🇺🇸 74.7.230.50

🇩🇪 216.26.249.35

🇩🇪 216.26.247.38

🇹🇭 203.154.158.195

🇧🇪 198.235.24.198

🇹🇼 198.235.24.95

🇺🇸 162.216.150.28

🇧🇷 129.121.54.93

🇺🇸 104.23.211.4

🇺🇸 98.93.11.144

🇮🇹 93.69.80.93

🇺🇸 74.7.242.5

🇺🇸 74.7.241.6

🇺🇸 74.7.230.23

🇺🇸 74.7.228.32

🇺🇸 66.132.172.196

🇩🇪 65.111.26.230