JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.211.210.116

48.211.210.116 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 69%: ?

69%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.211.210.116

Whois 48.211.210.116

IP Abuse Reports for 48.211.210.116:

This IP address has been reported a total of 27 times from 23 distinct sources. 48.211.210.116 was first reported on October 15th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 service Informatique	2026-06-19 04:00:37 (1 day ago)	/___proxy_subdomain_whm/login	Web App Attack
🇺🇦 RatCommander	2026-06-18 19:57:30 (1 day ago)	CrowdSec: crowdsecurity/http-probing	Port Scan Web App Attack
Anonymous	2026-06-18 18:08:24 (2 days ago)	Port Scan	Port Scan
🇩🇪 febrian.de	2026-06-18 15:42:34 (2 days ago)	Malicious HTTP(S) probing detected by Fail2Ban	Web App Attack
🇩🇪 femboy.cat	2026-06-18 15:23:13 (2 days ago)	Port scan to tcp/2087 from 48.211.210.116	Brute-Force
🇧🇾 lns.bz	2026-06-15 00:01:37 (5 days ago)	.env scanning [BY]	Web App Attack
🇧🇾 lns.bz	2026-06-14 14:33:21 (6 days ago)	Too many 404 requests [BY]	Web App Attack
🇹🇷 ycoskun41	2026-06-14 13:56:35 (6 days ago)	fail2ban: plesk-modsecurity jail on genckocaeli.com	Web App Attack
🇦🇺 FireGuard Server	2026-06-14 11:50:09 (6 days ago)	Blocked by OPNsense firewall; 8 hits, proto=tcp, ports=2077,2078,2082,2083,2086,2087,2095,2096	Port Scan Hacking
🇺🇸 Axel	2026-06-14 11:21:08 (6 days ago)	Blocked by UFW on MVI [2082/tcp] \| SPT: 20616 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2082/tcp] \| SPT: 20616 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 Threat.live	2026-06-14 11:10:05 (6 days ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 11:02:56 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 48.211.210.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.211.210.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 07:02:53.066555 2026] [security2:error] [pid 27476:tid 27476] [client 48.211.210.116:21109] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.6"] [uri "/.git/HEAD"] [unique_id "ai6KXeunvlebKP9Mp_aVvgAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 micropedro	2026-06-14 09:49:46 (6 days ago)	3 incidents: port scanning. Ports: 2077/TCP(1), 2078/TCP(1), 2082/TCP(1), 2086/TCP(1), 2087/TCP(1). ... show more 3 incidents: port scanning. Ports: 2077/TCP(1), 2078/TCP(1), 2082/TCP(1), 2086/TCP(1), 2087/TCP(1). First: 2026-06-14 05:49, Last: 2026-06-14 05:49 UTC. Triggers: non-public-port,ufw-repeater,firewall-tcp. show less	Port Scan
🇳🇱 ipoac.nl	2026-06-14 09:18:45 (6 days ago)	ipoac.nl:80 48.211.210.116 - - [14/Jun/2026:11:18:44 +0200] 84.27.222.8 "GET /.git/HEAD HTTP/1.1" 40 ... show more ipoac.nl:80 48.211.210.116 - - [14/Jun/2026:11:18:44 +0200] 84.27.222.8 "GET /.git/HEAD HTTP/1.1" 404 1679 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" show less	Bad Web Bot
🇺🇸 mw	2026-06-12 02:00:03 (1 week ago)	POST /wp-admin/admin-ajax.php HTTP/1.1	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.167.128.203

🇷🇺 45.91.64.7

🇺🇸 129.213.117.99

🇨🇳 115.190.165.51

🇳🇱 91.92.40.5

🇧🇷 20.226.88.145

🇺🇸 18.189.74.1

🇨🇳 175.6.247.41

🇨🇳 113.44.248.149

🇺🇸 13.86.117.139

🇯🇵 210.231.185.22

🇭🇰 199.45.154.123

🇨🇦 138.197.164.175

🇮🇩 114.10.149.190

🇺🇸 74.114.28.210

🇲🇾 60.53.125.136

🇳🇱 195.178.110.30

🇺🇸 162.216.150.214

🇸🇬 74.114.31.149

🇺🇸 73.108.17.81