JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 48.217.251.176

48.217.251.176 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 48.217.251.176

Whois 48.217.251.176

IP Abuse Reports for 48.217.251.176:

This IP address has been reported a total of 20 times from 16 distinct sources. 48.217.251.176 was first reported on April 13th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-08 18:26:20 (1 day ago)	GET /.git/HEAD (Tarpitted for 1d15h8m30s, wasted 8.06MB)	Web App Attack
Anonymous	2026-06-08 14:47:00 (1 day ago)	The following intrusion was observed: Spring.Boot.Actuator.Unauthorized.Access.	IoT Targeted
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-07 06:56:58 (3 days ago)	48.217.251.176 46.39.185.24 - [07/Jun/2026:08:56:57 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Mo ... show more 48.217.251.176 46.39.185.24 - [07/Jun/2026:08:56:57 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:17:58 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:17:45.037880 2026] [security2:error] [pid 28605:tid 28605] [client 48.217.251.176:29203] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.117"] [uri "/.git/HEAD"] [unique_id "aiUNCR4j99RREs1ccRpAAAAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 04:46:15 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:46:07.097954 2026] [security2:error] [pid 30699:tid 30699] [client 48.217.251.176:28654] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.64"] [uri "/.git/HEAD"] [unique_id "aiT3j5zzPIHzRgmeiSEJMAAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 04:22:16 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 00:22:10.228936 2026] [security2:error] [pid 3036:tid 3036] [client 48.217.251.176:28844] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.15"] [uri "/.git/HEAD"] [unique_id "aiTx8sl6xw6vipCPFeywMwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cybsecaoccol	2026-06-07 04:11:55 (3 days ago)	unauthorized connection or malicious port scan attempted on tcp port 8080 - dr	Port Scan Hacking
🇧🇷 SOC PR	2026-06-07 04:03:02 (3 days ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇺🇸 TPI-Abuse	2026-06-07 03:31:36 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:31:30.997853 2026] [security2:error] [pid 6792:tid 6816] [client 48.217.251.176:29442] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.85"] [uri "/.git/HEAD"] [unique_id "aiTmElLAv4XPCas_rCWSYQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 vtchost.com	2026-06-07 03:17:07 (3 days ago)	Jun 7 05:17:07 vtchost kernel: [158333.426395] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:1 ... show more Jun 7 05:17:07 vtchost kernel: [158333.426395] PORTSCAN: IN=eth0 OUT= MAC=00:50:56:41:75:31:c0:69:11:cd:2a:b3:08:00 SRC=48.217.251.176 DST=161.97.181.152 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=33523 DF PROTO=TCP SPT=29145 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-07 03:09:28 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 48.217.251.176 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 23:09:25.694617 2026] [security2:error] [pid 9563:tid 9563] [client 48.217.251.176:29179] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.181"] [uri "/.git/HEAD"] [unique_id "aiTg5fiGKPY7DcFG_Jb60QAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Rom74	2026-06-07 03:07:11 (3 days ago)	[Sun Jun 07 05:07:08.132386 2026] [security2:error] [pid 2423361:tid 134019194799808] [client 48.217 ... show more [Sun Jun 07 05:07:08.132386 2026] [security2:error] [pid 2423361:tid 134019194799808] [client 48.217.251.176:27670] [client 48.217.251.176] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.5"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "86.205.229.132"] [uri "/.git/HEAD"] [unique_id "aiTgXL1uK4ylI3BxEkHxYwAAAJI"] [Sun Jun 07 05:07:09.627300 2026] [security2:error] [pid 2423361:tid 134020251657920] [client 48.217.251.176:27694] [client 48.217.251.176] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceed ... show less	Web App Attack
🇺🇸 cwytech	2026-06-07 01:37:07 (3 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-high.	Bad Web Bot Web App Attack
Anonymous	2026-06-07 01:33:58 (3 days ago)	...	Bad Web Bot

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇴 190.167.237.191

🇨🇳 182.204.179.25

🇮🇳 68.233.116.124

🇨🇳 39.156.169.181

🇨🇳 220.181.108.105

🇺🇸 198.44.167.133

🇱🇹 188.69.225.188

🇺🇸 165.154.162.126

🇨🇳 119.41.148.245

🇺🇸 100.49.117.77

🇷🇺 91.79.116.82

🇫🇷 85.217.140.24

🇺🇸 75.67.203.172

🇦🇺 58.6.206.239

🇧🇷 45.236.226.112

🇺🇸 15.204.187.243

🇯🇵 8.216.7.200

🇩🇴 200.124.69.179

🇨🇳 182.92.113.39

🇳🇱 176.65.139.216