JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.211.210.115

48.211.210.115 was found in our database!

This IP was reported 50 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.211.210.115

Whois 48.211.210.115

IP Abuse Reports for 48.211.210.115:

This IP address has been reported a total of 50 times from 38 distinct sources. 48.211.210.115 was first reported on September 18th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-25 23:58:55 (1 day ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
Anonymous	2026-06-24 09:51:52 (2 days ago)	"GET /.git/HEAD HTTP/1.1"	Hacking Web App Attack
🇵🇱 sledzik1984	2026-06-24 07:52:02 (2 days ago)	48.211.210.115 - - [24/Jun/2026:09:51:59 +0200] "GET /config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 ... show more 48.211.210.115 - - [24/Jun/2026:09:51:59 +0200] "GET /config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 48.211.210.115 - - [24/Jun/2026:09:52:01 +0200] "GET /config/config.php HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 48.211.210.115 - - [24/Jun/2026:09:52:02 +0200] "GET /includes/config.php HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" ... show less	Web App Attack
Anonymous	2026-06-23 05:26:53 (3 days ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇳🇱 Selckie	2026-06-23 04:16:17 (3 days ago)	fail2ban: NGINX unusual impact	Web App Attack
🇯🇵 demonsword	2026-06-18 13:03:28 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.eastmoney.com:443 show less	Open Proxy Port Scan
🇹🇭 Sawasdee	2026-06-17 02:48:10 (1 week ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇬🇧 andypiper	2026-06-17 01:02:32 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇷🇸 Scan	2026-06-17 00:32:22 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Axel	2026-06-17 00:12:38 (1 week ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 59796 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 59796 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 cwytech	2026-06-13 14:32:31 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/pf-scan-multi_ports_slow-high.	Port Scan
🇺🇸 MPL	2026-06-13 13:33:56 (1 week ago)	tcp port scan (17 or more attempts)	Port Scan
🇺🇸 sumnone	2026-06-13 11:38:00 (1 week ago)	Port probing on unauthorized port 8090	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-06-13 11:12:27 (1 week ago)	2026-06-13 11:12:27 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇯🇵 SentinalX by uzumaru	2026-06-12 04:09:01 (2 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ptlogin.4399.com:443 show less	Open Proxy Port Scan

Showing 1 to 15 of 50 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.223

🇺🇸 162.216.150.92

🇺🇸 147.185.132.141

🇰🇷 112.186.112.55

🇳🇱 91.92.42.195

🇷🇺 85.175.198.196

🇺🇸 57.141.20.65

🇨🇳 43.226.38.71

🇺🇸 205.210.31.13

🇺🇸 167.172.30.13

🇰🇷 150.109.241.177

🇨🇳 119.53.253.2

🇻🇳 116.99.168.247

🇹🇷 78.163.182.16

🇯🇵 66.225.193.7

🇲🇾 47.254.196.98

🇺🇸 47.77.233.104

🇳🇱 34.12.69.101

🇯🇵 8.216.17.61

🇨🇳 220.197.85.81