JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.215.239.215

172.215.239.215 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 74%: ?

74%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.215.239.215

Whois 172.215.239.215

IP Abuse Reports for 172.215.239.215:

This IP address has been reported a total of 22 times from 19 distinct sources. 172.215.239.215 was first reported on June 2nd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 lnklnx	2026-06-15 17:57:07 (1 week ago)	www.lnklnx.com:80 172.215.239.215 - - [15/Jun/2026:12:57:05 -0500] "GET /.git/HEAD HTTP/1.1" 301 591 ... show more www.lnklnx.com:80 172.215.239.215 - - [15/Jun/2026:12:57:05 -0500] "GET /.git/HEAD HTTP/1.1" 301 591 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Web App Attack
🇧🇷 diego	2026-06-15 15:10:27 (1 week ago)	[rede-188] 2026-06-15 14:54:05, Client: 172.215.239.215, Protocol: 6, Unauthorized activity to HTTP: ... show more [rede-188] 2026-06-15 14:54:05, Client: 172.215.239.215, Protocol: 6, Unauthorized activity to HTTP: GET /.git/HEAD show less	Web App Attack
🇺🇸 Al Coholic	2026-06-15 14:20:34 (1 week ago)	Detected By Fail2ban	Hacking Bad Web Bot Web App Attack
🇦🇷 Bruno	2026-06-13 20:00:03 (1 week ago)	Port Scanner: 172.215.239.215	Port Scan
🇺🇸 ISPLtd	2026-06-13 19:44:28 (1 week ago)	Jun 13 13:44:27 172.215.239.215 TCP SPT=7116 DPT=2082 SYN Jun 13 13:44:27 172.215.239.215 TCP SPT=71 ... show more Jun 13 13:44:27 172.215.239.215 TCP SPT=7116 DPT=2082 SYN Jun 13 13:44:27 172.215.239.215 TCP SPT=7151 DPT=9000 SYN Jun 13 13:44:27 172.215.239.215 TCP SPT=7150 DPT=8443 WINDO ... show less	Port Scan
🇫🇮 TrafficAnalyser	2026-06-13 19:36:26 (1 week ago)	Port scanning	Port Scan
🇺🇸 MPL	2026-06-13 19:17:31 (1 week ago)	tcp port scan (15 or more attempts)	Port Scan
🇧🇷 opastorello	2026-06-13 15:17:34 (1 week ago)	Unsolicited inbound connection attempt / port scan detected by perimeter firewall. Automated report.	Port Scan
Anonymous	2026-06-03 19:04:02 (3 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
Anonymous	2026-06-03 08:00:00 (3 weeks ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-03 07:58:05 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.215.239.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.215.239.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 03:57:59.336360 2026] [security2:error] [pid 12912:tid 12912] [client 172.215.239.215:55362] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.git/config"] [unique_id "ah_ehygMSNbXUMaFGPI1pQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-03 07:23:23 (3 weeks ago)	2026-06-03 07:23:23 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (3 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 20:05:16 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 172.215.239.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 172.215.239.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 16:05:11.737008 2026] [security2:error] [pid 11600:tid 11600] [client 172.215.239.215:53391] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.122"] [uri "/.env.local"] [unique_id "ah83d6WvfnPjKM7FN-xNFgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 20:05:02 (3 weeks ago)	suspicious request in access.log	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.43.235.218

🇬🇧 172.239.114.120

🇨🇦 45.3.41.123

🇦🇪 37.245.230.108

🇧🇪 34.78.110.174

🇻🇳 27.72.98.85

🇫🇮 2a01:4f9:c012:834b::1

🇳🇱 195.178.110.30

🇩🇪 151.243.11.35

🇦🇺 74.91.200.217

🇳🇱 45.142.193.144

🇫🇷 37.66.80.209

🇺🇸 34.192.67.98

🇭🇰 199.45.154.184

🇨🇳 192.144.148.122

🇺🇸 162.216.149.250

🇺🇸 66.132.195.33

🇳🇱 45.148.10.152

🇺🇸 17.246.23.149

🇷🇴 2.57.122.150