JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.154.117.33

68.154.117.33 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.154.117.33

Whois 68.154.117.33

IP Abuse Reports for 68.154.117.33:

This IP address has been reported a total of 34 times from 29 distinct sources. 68.154.117.33 was first reported on March 5th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ValtonTahiri	2026-06-09 15:29:49 (2 days ago)	UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ... show more UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=68.154.117.33; proto=TCP; source_port=40595; target_port=8443; flags=ACK,RST show less	Port Scan
Anonymous	2026-06-09 15:26:49 (2 days ago)	68.154.117.33 - - [09/Jun/2026:17:26:48 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Window ... show more 68.154.117.33 - - [09/Jun/2026:17:26:48 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" show less	Web App Attack
🇺🇸 xmission.com	2026-06-09 15:02:47 (2 days ago)	Blocked by UFW (TCP on 2087) Source port: 40453 TTL: 48 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 40453 TTL: 48 Packet length: 60 TOS: 0x00 This report (for 68.154.117.33) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇷 Halux	2026-06-09 13:23:48 (2 days ago)	68.154.117.33 Probing protected path or service	Web App Attack
🇺🇸 RAP	2026-06-09 11:54:34 (2 days ago)	2026-06-09 11:54:34 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-09 11:15:01 (2 days ago)	Imunify360 WAF block (graylisted)	Web App Attack
🇹🇭 Sawasdee	2026-06-09 11:06:04 (2 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 Justin F. \| AS204464	2026-06-09 10:46:35 (2 days ago)	Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2087 [4], 2086 [1], 2082 [1], 20 ... show more Honeypot [nx-infrastructure]: Empty payload (likely service probe); 2087 [4], 2086 [1], 2082 [1], 2083 [1] TCP Reported by: Justin F. show less	Port Scan
🇺🇸 gu-alvareza	2026-06-09 07:05:35 (2 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇳🇱 Selckie	2026-06-03 03:35:39 (1 week ago)	fail2ban: NGINX unusual impact	Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 Al Coholic	2026-06-02 22:14:34 (1 week ago)	Detected By Fail2ban	Hacking Bad Web Bot Web App Attack
🇦🇹 begou.dev	2026-06-02 21:24:36 (1 week ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/8080	Port Scan
Anonymous	2026-06-02 20:42:05 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-02 19:57:02 (1 week ago)	Bot / scanning and/or hacking attempts: GET /config.php HTTP/1.1, GET /wp-config.php HTTP/1.1, GET / ... show more Bot / scanning and/or hacking attempts: GET /config.php HTTP/1.1, GET /wp-config.php HTTP/1.1, GET /.env.backup HTTP/1.1, GET /phpinfo.php HTTP/1.1, GET /.env.production HTTP/1.1, GET /backup.sql HTTP/1.1, GET /wp-config.php.bak HTTP/1.1, GET /.env HTTP/1.1, GET /app/config/parameters.yml HTTP/1.1, GET /dump.sql HTTP/1.1 show less	Hacking Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 170.245.120.109

🇨🇳 101.96.202.48

🇮🇳 49.207.243.206

🇭🇰 45.196.236.141

🇺🇸 20.65.193.136

🇨🇳 222.73.56.10

🇩🇪 213.209.159.56

🇳🇱 192.253.248.23

🇺🇸 162.216.150.18

🇺🇸 162.216.149.26

🇷🇺 94.242.168.95

🇨🇦 85.217.149.50

🇩🇪 69.5.169.133

🇺🇸 66.240.205.34

🇺🇸 23.95.55.215

🇲🇽 201.140.123.130

🇧🇴 200.105.172.184

🇺🇸 162.216.150.207

🇷🇴 80.94.92.206

🇺🇸 67.207.84.8