JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.220.56.242

68.220.56.242 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 93%: ?

93%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.220.56.242

Whois 68.220.56.242

IP Abuse Reports for 68.220.56.242:

This IP address has been reported a total of 48 times from 42 distinct sources. 68.220.56.242 was first reported on July 20th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 SysAdmin Dylan	2026-06-16 05:44:07 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 68.220.56.242 (US/United States/-): 10 in the l ... show more (mod_security) mod_security (id:210492) triggered by 68.220.56.242 (US/United States/-): 10 in the last 3600 secs show less	Brute-Force
🇬🇧 sonot	2026-06-14 14:45:51 (2 days ago)	Blocked by UFW on tunneluk01 [2082/tcp] \| SPT: 29859 \| TTL: 104 \| LEN: 40 \| TOS: 0x00 • Reported by: ... show more Blocked by UFW on tunneluk01 [2082/tcp] \| SPT: 29859 \| TTL: 104 \| LEN: 40 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇪 sid3windr	2026-06-03 17:43:01 (1 week ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇬🇧 PeravixGroup	2026-06-02 06:31:23 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 poundawebsiteltd	2026-06-02 03:12:19 (2 weeks ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 68.220.56.242 - - [02/Jun/2026:04 ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 68.220.56.242 - - [02/Jun/2026:04:12:17 +0100] GET /wp-config.php HTTP/1.1 403 177 - Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 show less	Web App Attack
🇺🇸 LSPCCU	2026-06-02 03:02:33 (2 weeks ago)	TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, We ... show more TSEC Honeypot Network report. Threat score: 100/100. Categories: Port Scan, Hacking, Brute-Force, Web App Attack, SSH. Honeypot: cowrie, ssh-telnet. Context: Attacker IP 68. show less	Port Scan Hacking Brute-Force Web App Attack SSH
🇸🇬 serverutama	2026-06-02 03:00:07 (2 weeks ago)	Nginx scanner: 68.220.56.242 - - [02/Jun/2026:09:53:41 +0700] "GET /.env.production HTTP/1.1" 444 0 ... show more Nginx scanner: 68.220.56.242 - - [02/Jun/2026:09:53:41 +0700] "GET /.env.production HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" 68.220.56.242 - - [02/Jun/2026:09:53:42 +0700] "GET /.env.backup HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "-" show less	Web App Attack Bad Web Bot
🇪🇸 Z\|ntrueñigO	2026-06-02 02:55:39 (2 weeks ago)	Auto-report. Hits=34, Ports=443,2082,2083,2086,2087,8080,8443, Country=USA.	Brute-Force
🇧🇾 lns.bz	2026-06-02 01:50:07 (2 weeks ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 RAP	2026-06-02 00:58:22 (2 weeks ago)	2026-06-02 00:58:22 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-02 00:40:55 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 EnthecSolutions	2026-05-25 14:00:30 (3 weeks ago)	Detected by Enthec Solutions. \| Attempts: 362 in 24h \| Target port: 22	Brute-Force SSH
🇺🇸 ras07	2026-05-25 12:00:07 (3 weeks ago)	Brute force SSH login attempts.	Brute-Force SSH
🇬🇧 Mark Relf	2026-05-25 11:59:02 (3 weeks ago)	2026-05-25T12:46:51.456270 webhost1 sshd[730404]: Connection closed by authenticating user root 68.2 ... show more 2026-05-25T12:46:51.456270 webhost1 sshd[730404]: Connection closed by authenticating user root 68.220.56.242 port 25600 [preauth] 2026-05-25T12:58:58.903680 webhost1 sshd[730700]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=68.220.56.242 user=root 2026-05-25T12:59:01.347253 webhost1 sshd[730700]: Failed password for root from 68.220.56.242 port 25536 ssh2 ... show less	Brute-Force SSH
🇩🇪 ghostwarriors	2026-05-25 11:50:36 (3 weeks ago)	Unauthorized connection attempt detected, SSH Brute-Force	Brute-Force Port Scan SSH

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.199.32.174

🇨🇳 111.63.42.76

🇬🇧 81.19.219.199

🇳🇱 45.148.10.157

🇮🇷 2.183.164.227

🇩🇪 213.209.159.56

🇳🇱 195.178.110.204

🇦🇷 191.83.220.146

🇳🇱 172.94.9.120

🇯🇵 160.251.169.213

🇨🇳 121.229.13.210

🇺🇸 91.230.168.131

🇨🇦 85.217.149.17

🇸🇬 104.248.158.72

🇸🇮 95.176.205.67

🇫🇷 91.231.89.67

🇰🇷 58.229.141.26

🇳🇱 45.148.10.152

🇺🇸 20.169.53.8

🇩🇪 4.182.219.135