AbuseIPDB » 4.248.27.89

4.248.27.89 was found in our database!

This IP was reported 179 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	Canada
City	Quebec, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 4.248.27.89

Whois 4.248.27.89

IP Abuse Reports for 4.248.27.89:

This IP address has been reported a total of 179 times from 79 distinct sources. 4.248.27.89 was first reported on March 3rd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
MSZ	2025-04-25 21:16:02 (1 day ago)	Blocked by Fail2Ban (plesk-postfix)	Phishing Email Spam
NXTwoThou	2025-04-25 21:09:12 (1 day ago)	SMTP AUTH LOGIN	Brute-Force
FeG Deutschland	2025-04-25 20:46:32 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 147	Exploited Host Web App Attack
noxtec GmbH	2025-04-25 20:27:46 (1 day ago)	Port Scan detected from 4.248.27.89 (CA/Canada/-).	Port Scan
TheWojtek	2025-04-25 20:12:05 (1 day ago)	Apr 25 22:12:04 mail postfix/submission/smtpd[293693]: warning: unknown[4.248.27.89]: SASL PLAIN aut ... show moreApr 25 22:12:04 mail postfix/submission/smtpd[293693]: warning: unknown[4.248.27.89]: SASL PLAIN authentication failed: ... show less	Brute-Force Exploited Host
Anonymous	2025-04-25 19:12:24 (2 days ago)		Email Spam Brute-Force
TZNOC	2025-04-25 19:08:00 (2 days ago)	Mail credential brute-force attack (SM3) #2	Email Spam Brute-Force
Burayot	2025-04-25 18:53:49 (2 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 4.248.27.89 (CA/Canada/-): 1 in the ... show moreLF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 4.248.27.89 (CA/Canada/-): 1 in the last 3600 secs show less	Web App Attack
TZNOC	2025-04-25 18:44:43 (2 days ago)	Mail credential brute-force attack (SM3) #1	Email Spam Brute-Force
Study Bitcoin 🤗	2025-04-25 18:14:02 (2 days ago)	9 port probes: 3x tcp/2096 (nbx dir), 6x tcp/2083 [srv62]	Port Scan
Jean Valjean	2025-04-25 17:35:15 (2 days ago)	Fail2ban Caboom : xmlrpc.php Abuse	SQL Injection Web App Attack
Marc	2025-04-25 15:50:56 (2 days ago)		Brute-Force Web App Attack
Anonymous	2025-04-25 14:36:32 (2 days ago)	xmlrpc attack blocked attempt from fail2ban ...	Web App Attack
LRob.fr	2025-04-25 00:00:20 (2 days ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
Rizzy	2025-04-24 18:26:42 (3 days ago)	Multiple WAF Violations	Brute-Force Web App Attack

Showing 1 to 15 of 179 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

103.72.147.99

27.254.235.1

59.92.163.134

117.212.50.254

136.228.161.66

199.192.228.77

35.203.211.99

121.63.137.202

205.210.31.105

197.251.195.89

134.209.170.204

196.251.85.62

35.203.211.196

218.92.0.220

191.101.110.62

193.32.162.130

103.191.14.112

89.22.149.48

34.92.176.182

180.116.214.119