JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.217.232.102

48.217.232.102 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.217.232.102

Whois 48.217.232.102

IP Abuse Reports for 48.217.232.102:

This IP address has been reported a total of 30 times from 15 distinct sources. 48.217.232.102 was first reported on June 6th 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ecs.ge	2026-06-13 02:23:15 (4 hours ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇬🇧 Smish	2026-06-12 23:52:58 (7 hours ago)	HONEYPOT HIT --> Fail2ban time=1781308377 log=2026-06-13T00:52:57+01:00 ip=48.217.232.102 host=mb7iv ... show more HONEYPOT HIT --> Fail2ban time=1781308377 log=2026-06-13T00:52:57+01:00 ip=48.217.232.102 host=mb7ivr-6m.ext.lon.44net.co.uk method=GET uri="/.env" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ref="-" rid=0fa0a840543f3440590362135ab9960d show less	Web App Attack
🇧🇪 sid3windr	2026-06-12 22:51:17 (8 hours ago)	GET /.env (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇲🇾 Rizzy	2026-06-12 17:26:45 (13 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇧🇪 sid3windr	2026-06-12 12:29:13 (18 hours ago)	GET /.env (Tarpitted for 1d15h8m29s, wasted 8.06MB)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 04:10:00 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 00:09:56.361259 2026] [security2:error] [pid 6770:tid 6770] [client 48.217.232.102:47062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.209"] [uri "/.env"] [unique_id "aiuGlHBQYQUr2RFpAF08bgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Gabriel Camargo	2026-06-11 18:04:08 (1 day ago)	48.217.232.102 - - [11/Jun/2026:13:04:08 -0500] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; ... show more 48.217.232.102 - - [11/Jun/2026:13:04:08 -0500] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 48.217.232.102 - - [11/Jun/2026:13:04:08 -0500] "POST / HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" 48.217.232.102 - - [11/Jun/2026:13:04:08 -0500] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Brute-Force SSH
🇬🇧 Shadymint	2026-06-11 17:41:51 (1 day ago)	url probing from IP marked as abusive	Web App Attack
🇦🇺 2000cn.com.au	2026-06-11 17:39:41 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 mnsf	2026-06-11 17:05:30 (1 day ago)	Abuse Detected (4)	Brute-Force Web App Attack
🇩🇪 ecs.ge	2026-06-11 16:59:59 (1 day ago)	Automatic Fail2Ban report from jail plesk-modsecurity: multiple matching events detected.	Web App Attack Hacking
🇺🇸 nyt	2026-06-11 16:58:08 (1 day ago)	Sensitive File Probe	Web App Attack
🇬🇧 Smish	2026-06-11 14:27:53 (1 day ago)	HONEYPOT HIT --> Fail2ban time=1781188067 log=2026-06-11T15:27:47+01:00 ip=48.217.232.102 host=mb7iv ... show more HONEYPOT HIT --> Fail2ban time=1781188067 log=2026-06-11T15:27:47+01:00 ip=48.217.232.102 host=mb7ivr-6m.ext.lon.44net.co.uk method=GET uri="/.env" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ref="-" rid=37706d6d07028c152ab8c634ed17a1a6 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:30:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:30:00.971743 2026] [security2:error] [pid 14914:tid 14914] [client 48.217.232.102:44506] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.cidv.net"] [uri "/.env"] [unique_id "aiqqSOudVKqiohQ5ylgJbgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 10:17:42 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.232.102 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 06:17:36.546254 2026] [security2:error] [pid 6036:tid 6036] [client 48.217.232.102:38326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "web103.dnchosting.com"] [uri "/.env"] [unique_id "aiqLQGvjSuxmDc2BRiybqAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 195.178.110.30

🇮🇳 103.241.171.175

🇺🇸 70.37.89.177

🇭🇰 45.142.154.98

🇺🇸 34.181.159.61

🇮🇩 175.176.162.195

🇺🇸 147.185.132.241

🇰🇷 112.217.188.122

🇧🇩 103.86.198.162

🇯🇴 91.186.248.67

🇭🇺 91.82.160.131

🇺🇸 72.14.147.183

🇺🇸 66.132.186.132

🇩🇪 65.111.31.251

🇺🇸 18.217.208.51

🇰🇷 211.253.10.61

🇺🇦 193.176.251.229

🇳🇱 192.42.116.115

🇧🇷 191.8.216.111

🇭🇰 190.92.239.22