JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.214.54.50

48.214.54.50 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.214.54.50

Whois 48.214.54.50

IP Abuse Reports for 48.214.54.50:

This IP address has been reported a total of 48 times from 34 distinct sources. 48.214.54.50 was first reported on September 10th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 /dev/null	2026-06-15 22:01:38 (2 days ago)	RouterOS: Portscanner detected.	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 17:01:03 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:00:59.038769 2026] [security2:error] [pid 8209:tid 8209] [client 48.214.54.50:10945] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.11"] [uri "/app/config/parameters.yml"] [unique_id "ai7eSytbnO6kaaXvXnlpowAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 13:57:30 (4 days ago)	2026-06-14T14:57:29.563351+01:00 vps kernel: [43185606.240065] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-06-14T14:57:29.563351+01:00 vps kernel: [43185606.240065] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=48.214.54.50 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=5993 DF PROTO=TCP SPT=10944 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 itsnixk	2026-06-14 13:36:21 (4 days ago)	(mod_security) mod_security (id:920350) triggered by 48.214.54.50 (US/United States/-): 1 in the las ... show more (mod_security) mod_security (id:920350) triggered by 48.214.54.50 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 14 09:36:18.694681 2026] [security2:error] [pid 331542:tid 332020] [client 48.214.54.50:10945] ModSecurity: Access denied with code 406 (phase 1). Pattern match "(?:^([\\\\d.]+\|\\\\[[\\\\da-f:]+\\\\]\|[\\\\da-f:]+)(:[\\\\d]+)?$)" at REQUEST_HEADERS:Host. [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [redacted] [severity "WARNING"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL-ENFORCEMENT"] [tag "capec/1000/210/272"] [redacted] [uri "/.git/config"] [unique_id "ai6uUo2e_uTU7ykGxjL_kwAAAFk"] show less	Port Scan
🇩🇪 iNetWorker	2026-06-14 13:08:21 (4 days ago)	trying to access non-authorized port	Port Scan
Anonymous	2026-06-14 11:21:49 (4 days ago)	Port Scan Attack.	Port Scan
🇹🇷 SeczarSecureOps	2026-06-14 09:19:21 (4 days ago)	Seczar SecureOps — Port Scan Detection (5 events) — quarantined 43200m on optimumofis	Port Scan
🇺🇸 TPI-Abuse	2026-06-14 08:37:00 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 04:36:54.850211 2026] [security2:error] [pid 20443:tid 20443] [client 48.214.54.50:58953] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.187"] [uri "/.git/HEAD"] [unique_id "ai5oJsAI6_4fgPHS9ayMvAAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-14 07:22:03 (4 days ago)	Connection atttempts against closed TCP ports Jun 14 09:22:03 BLOCK SRC=48.214.54.50 LEN=60 TOS=0x00 ... show more Connection atttempts against closed TCP ports Jun 14 09:22:03 BLOCK SRC=48.214.54.50 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=42609 DF PROTO=TCP SPT=58870 DPT=2087 WINDOW=64240 RES=0x00 SYN Jun 14 09:22:03 BLOCK SRC=48.214.54.50 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=13517 DF PROTO=TCP SPT=58846 DPT=8443 WINDOW=64240 RES=0x00 SYN Jun 14 09:22:03 BLOCK SRC=48.214.54.50 LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=8403 DF PROTO=TCP SPT=58834 DPT=2083 WINDOW=64240 RES=0x00 SYN show less	Port Scan
🇺🇸 Axel	2026-06-14 07:07:00 (4 days ago)	Blocked by UFW on MVI [2087/tcp] \| SPT: 58498 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2087/tcp] \| SPT: 58498 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 cwytech	2026-06-14 05:43:21 (4 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: crowdsecurity/http-sensitive-files.	Bad Web Bot Web App Attack
🇩🇪 acadeova	2026-06-14 04:09:43 (4 days ago)	🚨 Recon detected (nft drop) SRC=48.214.54.50 Observed=TCP dpt=2083 in=enp0s6 ttl=49 Time=recent(jour ... show more 🚨 Recon detected (nft drop) SRC=48.214.54.50 Observed=TCP dpt=2083 in=enp0s6 ttl=49 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇩🇪 Darki1962	2026-06-14 04:00:02 (4 days ago)	10 hits, proto=tcp, ports=2082,2083,2086,2087,8080,8443	Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-14 03:59:46 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.54.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:59:39.942948 2026] [security2:error] [pid 28202:tid 28202] [client 48.214.54.50:59866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.git/config"] [unique_id "ai4nK-gZEET4oqEyW7jQagAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 171.244.61.79

🇫🇷 91.231.89.91

🇵🇱 83.219.248.100

🇺🇸 66.175.212.77

🇺🇸 35.188.112.111

🇧🇷 20.226.73.88

🇭🇰 223.197.178.95

🇩🇪 213.209.159.227

🇭🇰 199.45.155.74

🇲🇦 196.74.146.190

🇨🇿 178.249.209.168

🇫🇮 172.217.37.144

🇩🇪 167.94.145.24

🇺🇸 134.209.120.216

🇳🇱 91.92.40.5

🇺🇸 47.45.19.244

🇧🇷 45.229.91.34

🇳🇱 45.198.224.5

🇨🇳 36.140.123.73

🇺🇸 20.119.99.184