JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.236.158.53

4.236.158.53 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.236.158.53

Whois 4.236.158.53

IP Abuse Reports for 4.236.158.53:

This IP address has been reported a total of 24 times from 20 distinct sources. 4.236.158.53 was first reported on September 29th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC Blue Team	2026-06-02 13:27:54 (2 weeks ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇫🇷 ISPLtd	2026-06-02 12:19:41 (2 weeks ago)	Jun 2 09:19:40 4.236.158.53 TCP SPT=11138 DPT=8080 SYN Jun 2 09:19:40 4.236.158.53 TCP SPT=11139 D ... show more Jun 2 09:19:40 4.236.158.53 TCP SPT=11138 DPT=8080 SYN Jun 2 09:19:40 4.236.158.53 TCP SPT=11139 DPT=8443 SYN Jun 2 09:19:40 4.236.158.53 TCP SPT=11156 DPT=2083 ... show less	Port Scan
Anonymous	2026-06-02 11:30:10 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇱 Yachiyo Runami	2026-06-02 10:52:35 (2 weeks ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 47 \| ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 47 \| Len: 60B(2x) \| Win: 64240(2) \| F2B/ufw-honeypot@2026-06-02T10:52:35Z show less	Port Scan Hacking
🇺🇸 MPL	2026-06-02 10:35:36 (2 weeks ago)	tcp port scan (6 or more attempts)	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-02 10:32:31 (2 weeks ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-13)	Hacking Bad Web Bot
🇩🇪 nyt	2026-06-02 10:19:29 (2 weeks ago)	Sensitive File Probe	Web App Attack
🇺🇸 RAP	2026-06-02 10:17:07 (2 weeks ago)	2026-06-02 10:17:07 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
Anonymous	2026-06-02 10:03:42 (2 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-06-02 08:34:05 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 4.236.158.53 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.236.158.53 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 04:34:00.949971 2026] [security2:error] [pid 12685:tid 12685] [client 4.236.158.53:10954] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.4"] [uri "/.git/HEAD"] [unique_id "ah6VeA3w3hqvEqnlVSwEnwAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Starburst SysOp Team	2026-06-02 08:06:05 (2 weeks ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-2)	Hacking Bad Web Bot
🇬🇧 Nov	2026-06-02 08:03:25 (2 weeks ago)	Unauthorized HTTP access attempt (tcp/80)	Port Scan
🇺🇸 RAP	2026-06-02 07:22:37 (2 weeks ago)	2026-06-02 07:22:37 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-06-02 07:15:16 (2 weeks ago)	tcp/2083	Port Scan
Anonymous	2026-06-02 07:08:52 (2 weeks ago)	Honeypot hit: Empty payload (likely service probe); 2086 [3], 2082 [1], 2083 [1], 2087 [1] TCP Repor ... show more Honeypot hit: Empty payload (likely service probe); 2086 [3], 2082 [1], 2083 [1], 2087 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 152.32.205.7

🇺🇸 150.107.36.236

🇺🇸 146.190.41.214

🇺🇸 135.237.122.43

🇫🇷 51.159.7.14

🇫🇷 51.91.76.106

🇨🇳 223.198.86.194

🇭🇰 223.197.153.143

🇭🇰 223.197.153.135

🇰🇷 221.165.172.38

🇬🇧 193.176.29.24

🇮🇳 103.174.164.104

🇱🇹 81.30.98.62

🇱🇹 81.30.98.44

🇳🇱 45.148.10.152

🇭🇰 45.116.78.92

🇺🇸 24.129.251.180

🇹🇼 221.120.57.125

🇯🇵 218.219.193.151

🇺🇸 165.154.134.156