JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.217.180.136

48.217.180.136 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 97%: ?

97%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.217.180.136

Whois 48.217.180.136

IP Abuse Reports for 48.217.180.136:

This IP address has been reported a total of 19 times from 17 distinct sources. 48.217.180.136 was first reported on June 9th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-15 17:06:15 (10 hours ago)	Blocked by UFW on PL02 [2082/tcp] \| SPT: 3011 \| TTL: 44 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on PL02 [2082/tcp] \| SPT: 3011 \| TTL: 44 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 Domainhizmetleri.com	2026-06-15 15:06:24 (12 hours ago)	[honeypot] - MS-SQL-PROBE	Port Scan Hacking
🇺🇸 Mainpine	2026-06-15 14:44:56 (13 hours ago)	probing for vulnerable web apps	Web App Attack
🇺🇸 aks4226	2026-06-15 14:22:52 (13 hours ago)	Bot search, attacking common web applications.	Web App Attack
🇫🇷 polido	2026-06-15 13:18:16 (14 hours ago)	Unauthorized connection attempt to port 443 from 48.217.180.136	Port Scan
🇺🇸 Axel	2026-06-15 12:53:06 (14 hours ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 2114 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 2114 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-15 12:31:27 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 48.217.180.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.180.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:31:23.211113 2026] [security2:error] [pid 20069:tid 20069] [client 48.217.180.136:2035] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.21"] [uri "/.git/HEAD"] [unique_id "ai_wm5LMcPD0fkaeXSVbiAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 sthoyer.de	2026-06-15 12:31:18 (15 hours ago)	Jun 15 14:31:18 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 15 14:31:18 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=48.217.180.136 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=33643 DF PROTO=TCP SPT=2047 DPT=2078 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 15 14:31:18 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=48.217.180.136 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=42126 DF PROTO=TCP SPT=1988 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 15 14:31:18 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=48.217.180.136 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=30901 DF PROTO=TCP SPT=2020 DPT=2095 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 15 14:31:18 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=48.217.180.136 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=63808 DF PROTO=TCP SPT=2045 DPT=2087 WINDOW ... show less	Port Scan
🇩🇪 ISPLtd	2026-06-15 12:16:59 (15 hours ago)	Jun 15 09:16:59 48.217.180.136 TCP SPT=1659 DPT=2087 SYN Jun 15 09:16:59 48.217.180.136 TCP SPT=1608 ... show more Jun 15 09:16:59 48.217.180.136 TCP SPT=1659 DPT=2087 SYN Jun 15 09:16:59 48.217.180.136 TCP SPT=1608 DPT=2078 SYN Jun 15 09:16:59 48.217.180.136 TCP SPT=1633 DPT=2082 ... show less	Port Scan
🇫🇷 masterguru	2026-06-15 12:06:37 (15 hours ago)	Host header is a numeric IP address. Pattern match "^ (920350-131)	Hacking Bad Web Bot
🇺🇸 anon333	2026-06-11 00:36:16 (5 days ago)	Invalid HTTP port 80 probes to server T2036	Hacking Exploited Host
🇺🇸 doll.gl	2026-06-10 22:34:38 (5 days ago)	48.217.180.136 - - [10/Jun/2026:22:34:37 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5 ... show more 48.217.180.136 - - [10/Jun/2026:22:34:37 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇬🇧 Interceptor_HQ	2026-06-10 21:54:02 (5 days ago)	request_uri: /.git/HEAD -- automatic report --	Brute-Force Hacking
🇳🇱 soverin	2026-06-10 21:47:31 (5 days ago)	Network scan on port 80	Email Spam
🇺🇸 TPI-Abuse	2026-06-10 21:44:26 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.180.136 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.180.136 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 17:44:20.933274 2026] [security2:error] [pid 22573:tid 22573] [client 48.217.180.136:1356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.171"] [uri "/.git/HEAD"] [unique_id "ainatFMMOiaqQVuQO08MLQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 146.70.194.230

🇮🇳 122.168.194.41

🇩🇪 213.209.159.238

🇷🇴 193.46.255.86

🇩🇪 178.105.1.255

🇩🇪 178.27.90.142

🇺🇸 172.253.83.94

🇺🇸 162.216.149.54

🇲🇿 160.242.35.147

🇷🇺 95.215.108.47

🇳🇱 91.92.40.204

🇳🇱 91.92.40.58

🇮🇳 34.100.248.63

🇨🇦 20.104.198.19

🇧🇴 190.129.122.12

🇺🇸 104.207.43.49

🇬🇧 92.60.127.186

🇬🇧 80.1.51.168

🇵🇰 72.255.32.222

🇺🇸 65.111.6.239