JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.220.59.116

68.220.59.116 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 99%: ?

99%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.220.59.116

Whois 68.220.59.116

IP Abuse Reports for 68.220.59.116:

This IP address has been reported a total of 58 times from 45 distinct sources. 68.220.59.116 was first reported on July 18th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 09:53:24 (2 days ago)	Reported from Nginx log analysis 17. Log: 68.220.59.116 - - [11/Jun/2026:xx:xx:xx 0200] "GET /.git/ ... show more Reported from Nginx log analysis 17. Log: 68.220.59.116 - - [11/Jun/2026:xx:xx:xx 0200] "GET /.git/config HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "US United States San Jose" "AS8075" "Microsoft Corporation" show less	Port Scan Brute-Force SSH
🇺🇸 Matthew Ping	2026-06-11 08:30:02 (2 days ago)	ModSecurity rule 949110 triggered on server. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇺🇸 xmission.com	2026-06-11 07:38:45 (2 days ago)	Blocked by UFW (TCP on 2087) Source port: 37837 TTL: 52 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 37837 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 68.220.59.116) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 ITSNF	2026-06-11 07:20:11 (2 days ago)	Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=2082,2083,2086,2087,443,80,8080,8443	Port Scan Hacking
🇵🇱 Marcin Stepien	2026-06-11 07:06:53 (2 days ago)	Hit honeypot endpoint /.git/config. Automated scanner/bot detected.	Bad Web Bot Web App Attack
🇺🇸 gu-alvareza	2026-06-11 07:05:43 (2 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 07:05:15 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 68.220.59.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 68.220.59.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 03:05:11.471332 2026] [security2:error] [pid 6347:tid 6347] [client 68.220.59.116:35923] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.37"] [uri "/.env.local"] [unique_id "aipeJ-Q4Eh9YAWagtB6h_QAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 AetherFox	2026-06-11 06:51:26 (2 days ago)	AetherFox VoidGuard detected: [Thu Jun 11 06:51:23.554152 2026] [authz_core:error] [pid 87405:tid 87 ... show more AetherFox VoidGuard detected: [Thu Jun 11 06:51:23.554152 2026] [authz_core:error] [pid 87405:tid 87418] [client 68.220.59.116:36191] AH01630: client denied by server configuration: proxy:http://[MASKED]/.git/config [Thu Jun 11 06:51:23.554347 2026] [authz_core:error] [pid 87405:tid 87418] [client 68.220.59.116:36191] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Thu Jun 11 06:51:24.486879 2026] [authz_core:error] [pid 25958:tid 25989] [client 68.220.59.116:36171] AH01630: client denied by server configuration: proxy:http://[MASKED]/.env [Thu Jun 11 06:51:24.487067 2026] [authz_core:error] [pid 25958:tid 25989] [client 68.220.59.116:36171] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Thu Jun 11 06:51:25.570879 2026] [authz_core:error] [pid 25958:tid 25996] [client 68.220.59.116:36186] AH01630: client denied by server configuration: proxy:http://[MASKED]/.env.local ... show less	Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-11 06:31:50 (2 days ago)	Sensitive File Probe	Web App Attack
🇫🇷 masterguru	2026-06-11 06:29:39 (2 days ago)	Host header is a numeric IP address. Pattern match "^ (920350-131)	Hacking Bad Web Bot
🇫🇷 polido	2026-06-03 06:34:04 (1 week ago)	Unauthorized connection attempt to port 443 from 68.220.59.116	Port Scan
🇺🇸 ShadowWhisperer	2026-06-03 05:38:20 (1 week ago)	HTTP GET /.git/HEAD UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/201001	Web App Attack
🇩🇪 Roper123	2026-06-03 04:41:49 (1 week ago)	Web exploits	Web App Attack
🇩🇪 big-cloud.nl	2026-06-03 04:37:35 (1 week ago)	Try to access /.git/config	Web App Attack
🇺🇸 anon333	2026-06-03 00:36:25 (1 week ago)	Invalid HTTP port 80 probes to server T2036	Hacking Exploited Host

Showing 1 to 15 of 58 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.46

🇷🇴 80.94.92.184

🇬🇷 79.107.220.166

🇳🇱 45.142.193.10

🇺🇸 205.210.31.38

🇸🇪 171.25.158.70

🇺🇸 147.185.132.45

🇺🇸 147.185.132.37

🇮🇳 134.209.157.61

🇳🇱 45.148.10.151

🇳🇱 45.148.10.147

🇳🇱 45.148.10.141

🇦🇹 45.137.172.116

🇺🇸 43.166.242.149

🇺🇸 23.234.114.69

🇩🇪 5.45.102.92

🇺🇸 4.227.174.177

🇬🇧 194.164.91.60

🇬🇧 185.170.111.209

🇺🇸 162.216.150.10