JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.236.158.48

4.236.158.48 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 74%: ?

74%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.236.158.48

Whois 4.236.158.48

IP Abuse Reports for 4.236.158.48:

This IP address has been reported a total of 29 times from 22 distinct sources. 4.236.158.48 was first reported on August 9th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-10 05:22:12 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 01:22:05.462270 2026] [security2:error] [pid 393921:tid 393979] [client 4.236.158.48:51642] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "totheendsoftheearth.com"] [uri "/.git/config"] [unique_id "adiI_YC-Rp3110Vhm7XyDwAAABg"], referer: https://www.google.com/search?q= show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 04:44:23 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 10 00:44:18.682406 2026] [security2:error] [pid 4004169:tid 4004169] [client 4.236.158.48:50726] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "drlwr.com"] [uri "/.git/config"] [unique_id "adiAImaTXwHZX-Kei4XEmgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 Kitki30.com	2026-04-10 04:43:31 (1 month ago)	HTTP Probing. Log: 4.236.158.48 - - [10/Apr/2026:06:43:30 +0200] "GET /.git/config HTTP/1.1" 301 162 ... show more HTTP Probing. Log: 4.236.158.48 - - [10/Apr/2026:06:43:30 +0200] "GET /.git/config HTTP/1.1" 301 162 "https://mail.google.com/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36" show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 03:46:31 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 23:46:28.465807 2026] [security2:error] [pid 480640:tid 480640] [client 4.236.158.48:50553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eydebrothers.com"] [uri "/.git/config"] [unique_id "adhylDq6fCsKC_nYfN7GuAAAAAM"], referer: https://www.reddit.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 03:19:35 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 23:19:29.305427 2026] [security2:error] [pid 1512994:tid 1512994] [client 4.236.158.48:50472] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "airei.com"] [uri "/.git/config"] [unique_id "adhsQZ7H3MpEu2aniPg1GwAAABE"], referer: https://www.yahoo.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-04-10 02:28:15 (1 month ago)	435 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇺🇸 Charlesiv	2026-04-10 02:25:00 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 8075 (MICROSOFT-CORP-MSN ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) Protocol: HTTP/2 (GET method) Endpoint: /.git/config Timestamp: 2026-04-10T02:23:57Z Ray ID: 9e9e4ae25c4857e8 UA: Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36 show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-10 02:20:10 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 22:20:03.569263 2026] [security2:error] [pid 1165957:tid 1165957] [client 4.236.158.48:50453] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jessicalevant.com"] [uri "/.git/config"] [unique_id "adheU0iloQJvmeB3HZuoVQAAAAM"], referer: https://news.ycombinator.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 clamehost.it	2026-04-10 02:18:23 (1 month ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
🇪🇸 masterguru	2026-04-10 01:46:49 (1 month ago)	. Matched phrase "/.git/" at REQUEST_URI. (210492-123)	Web App Attack
🇺🇸 TPI-Abuse	2026-04-10 01:33:45 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 21:33:37.811157 2026] [security2:error] [pid 1670822:tid 1670822] [client 4.236.158.48:50190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gamedayteamwear.com.gamedayincentives.com"] [uri "/.git/config"] [unique_id "adhTcc-keLG9yqR9a_JGdQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 bontekoe.technology	2025-11-27 22:03:15 (6 months ago)	Port scan or Brute-Force detected. (src_port=9216, dst_port=443)	Brute-Force
🇮🇩 Incidents Response Neptus Team	2025-11-19 03:39:00 (6 months ago)	Report Abuse IP	Hacking Exploited Host Web App Attack
Anonymous	2025-08-09 04:47:58 (9 months ago)	Port Scanner	Port Scan

Showing 16 to 29 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 147.185.132.238

🇺🇸 192.253.209.14

🇸🇻 190.62.85.47

🇧🇷 189.37.74.64

🇲🇽 186.96.145.241

🇺🇸 185.180.141.5

🇺🇸 162.216.149.38

🇭🇰 103.243.26.174

🇸🇬 103.187.147.214

🇷🇴 92.118.39.236

🇸🇬 85.203.23.105

🇺🇸 74.82.47.39

🇺🇸 66.132.195.117

🇻🇪 66.9.161.234

🇺🇸 50.116.23.67

🇺🇸 40.112.183.29

🇩🇪 217.154.173.63

🇰🇷 211.254.212.59

🇳🇱 204.76.203.213

🇺🇸 193.37.33.203