JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.217.107.116

48.217.107.116 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.217.107.116

Whois 48.217.107.116

IP Abuse Reports for 48.217.107.116:

This IP address has been reported a total of 34 times from 25 distinct sources. 48.217.107.116 was first reported on April 12th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Selckie	2026-06-13 19:53:02 (2 days ago)	fail2ban: NGINX unusual impact	Web App Attack
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (5 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 14:13:36 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.107.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.107.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:13:29.756575 2026] [security2:error] [pid 1040:tid 1078] [client 48.217.107.116:45194] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.23"] [uri "/.git/HEAD"] [unique_id "ailxCYwpBHYAXkIXYiVBbQAAARg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-10 13:13:38 (5 days ago)	Too many 404 requests [BY]	Web App Attack
🇫🇷 TheHoneyPotter	2026-06-10 12:30:03 (5 days ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 2082 [1], 2086 [1], 2083 [1] TCP Repor ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 2082 [1], 2086 [1], 2083 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 alecj.com	2026-06-10 11:39:28 (5 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇦🇺 clapper	2026-06-10 11:11:31 (5 days ago)	(mod_security) mod_security (id:949110) triggered by 48.217.107.116 (US/United States/-): 3 in the l ... show more (mod_security) mod_security (id:949110) triggered by 48.217.107.116 (US/United States/-): 3 in the last 3600 secs; ID: LUC show less	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 11:06:56 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.107.116 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.107.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:06:50.609517 2026] [security2:error] [pid 18124:tid 18124] [client 48.217.107.116:46084] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.28"] [uri "/.git/HEAD"] [unique_id "ailFSrU6QwGIScavYIuREAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-10 10:24:03 (5 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 xmission.com	2026-06-10 09:50:55 (5 days ago)	Blocked by UFW (TCP on 8443) Source port: 45767 TTL: 47 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8443) Source port: 45767 TTL: 47 Packet length: 60 TOS: 0x00 This report (for 48.217.107.116) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 gu-alvareza	2026-06-10 07:06:07 (6 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇯🇵 VXG-NET	2026-06-03 08:26:14 (1 week ago)	port=80, indicator_type=info-leak	Hacking
🇮🇪 AutosOnShow	2026-06-03 08:26:05 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 08:25:29.313 \|	Web App Attack
🇬🇧 PeravixGroup	2026-06-03 08:08:28 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-02 05:00:00 (2 weeks ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.159.55.163

🇨🇮 160.154.84.190

🇨🇳 124.251.110.186

🇭🇰 103.210.21.178

🇦🇺 20.5.130.110

🇰🇷 222.120.176.6

🇬🇧 195.140.214.30

🇲🇴 182.93.50.90

🇭🇰 180.131.168.114

🇷🇺 178.176.229.36

🇮🇩 178.83.181.156

🇺🇸 174.35.25.178

🇨🇳 123.129.245.249

🇨🇳 120.238.23.168

🇻🇳 116.118.44.131

🇧🇩 103.183.62.0

🇺🇸 76.132.238.43

🇩🇪 69.5.169.227

🇻🇳 58.187.51.3

🇩🇪 44.156.50.59