JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.214.55.68

48.214.55.68 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.214.55.68

Whois 48.214.55.68

IP Abuse Reports for 48.214.55.68:

This IP address has been reported a total of 28 times from 24 distinct sources. 48.214.55.68 was first reported on October 28th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 PeravixGroup	2026-06-03 07:54:00 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 MPL	2026-06-03 07:21:18 (1 day ago)	tcp port scan (16 or more attempts)	Port Scan
Anonymous	2026-06-03 07:19:29 (1 day ago)	48.214.55.68 - [03/Jun/2026:00:19:11 -0700] 67.190.132.171 "GET /.git/HEAD HTTP/1.1" 404 3139 48.214 ... show more 48.214.55.68 - [03/Jun/2026:00:19:11 -0700] 67.190.132.171 "GET /.git/HEAD HTTP/1.1" 404 3139 48.214.55.68 - [03/Jun/2026:00:19:14 -0700] 67.190.132.171 "GET /.env HTTP/1.1" 404 3133 48.214.55.68 - [03/Jun/2026:00:19:18 -0700] 67.190.132.171 "GET /.env.production HTTP/1.1" 404 3143 48.214.55.68 - [03/Jun/2026:00:19:21 -0700] 67.190.132.171 "GET /.env.backup HTTP/1.1" 404 3141 48.214.55.68 - [03/Jun/2026:00:19:28 -0700] 67.190.132.171 "GET /wp-config.php.bak HTTP/1.1" 404 3145 ... show less	Web App Attack
🇧🇪 sid3windr	2026-06-03 06:49:36 (1 day ago)	GET /.git/config (Tarpitted for , wasted 120B)	Web App Attack
🇹🇷 SeczarSecureOps	2026-06-03 06:43:28 (1 day ago)	Seczar SecureOps — Port Scan Detection (7 events) — quarantined 43200m on fgdcapi	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-03 06:20:39 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-4)	Hacking Bad Web Bot
🇧🇷 somosbr	2026-06-03 05:50:19 (1 day ago)	[2026-06-03T05:50:19Z] Unsolicited scan from 48.214.55.68 to port 2086/tcp	Port Scan
🇧🇷 SOC PR	2026-06-03 05:40:40 (1 day ago)	IPS: Sensitive Configuration File Disclosure.	Hacking
🇳🇱 taivas.nl	2026-06-03 05:30:04 (1 day ago)	General_bad_requests	Bad Web Bot
🇺🇸 tedmichalik.com	2026-06-03 05:24:51 (1 day ago)	48.214.55.68 - - [03/Jun/2026:01:24:44 -0400] "GET /.git/HEAD HTTP/1.1" 404 496 "-" "Mozilla/5.0 (Ma ... show more 48.214.55.68 - - [03/Jun/2026:01:24:44 -0400] "GET /.git/HEAD HTTP/1.1" 404 496 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 MPL	2026-06-03 05:21:36 (1 day ago)	tcp port scan (6 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 04:58:53 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:58:49.249022 2026] [security2:error] [pid 31673:tid 31673] [client 48.214.55.68:57862] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.21"] [uri "/.git/HEAD"] [unique_id "ah-0icP_W4rDBziFXhCVKAAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 04:44:00 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-03 04:29:41 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:29:36.082014 2026] [security2:error] [pid 998:tid 998] [client 48.214.55.68:58959] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.120"] [uri "/.git/HEAD"] [unique_id "ah-tsABAb0UHSVVSho-U_AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:09:55 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 48.214.55.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:09:48.022895 2026] [security2:error] [pid 16948:tid 16948] [client 48.214.55.68:57742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.108"] [uri "/.git/config"] [unique_id "ah-pDNHm7xZszedBzZiI1wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.154

🇨🇳 182.92.119.182

🇺🇸 107.150.100.178

🇹🇼 104.199.176.250

🇷🇺 80.253.31.232

🇵🇰 175.107.1.154

🇫🇮 144.31.99.198

🇭🇰 123.58.212.28

🇧🇩 103.132.182.37

🇭🇰 103.43.191.43

🇮🇱 85.250.175.92

🇫🇷 79.137.33.241

🇨🇦 45.194.92.26

🇳🇱 45.148.10.147

🇷🇼 41.186.188.100

🇲🇽 189.150.35.161

🇬🇧 185.216.145.175

🇨🇳 123.191.147.197

🇭🇰 112.119.21.245

🇬🇧 92.40.177.191