JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.123.160.154

52.123.160.154 was found in our database!

This IP was reported 2 times. Confidence of Abuse is 5%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.123.160.154

Whois 52.123.160.154

IP Abuse Reports for 52.123.160.154:

This IP address has been reported a total of 2 times from 1 distinct source. 52.123.160.154 was first reported on April 18th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-16 11:06:30 (1 day ago)	(mod_security) mod_security (id:210730) triggered by 52.123.160.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.160.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 07:06:26.067918 2026] [security2:error] [pid 6420:tid 6420] [client 52.123.160.154:9226] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.ji-technovation.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.ji-technovation.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "ajEuMhAdkFE-7X7WqoEHTgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-18 10:36:24 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 52.123.160.154 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.160.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 18 06:36:16.393715 2026] [security2:error] [pid 258556:tid 258556] [client 52.123.160.154:9216] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.ji-technovation.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.ji-technovation.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aeNeoE186CllOX3P40QQkwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 2 of 2 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:fd:f0::235

🇺🇸 195.184.76.149

🇺🇸 195.184.76.92

🇩🇪 193.36.84.205

🇺🇸 152.32.183.31

🇧🇷 138.122.140.200

🇸🇬 138.75.89.139

🇳🇱 91.92.40.12

🇳🇱 77.83.39.55

🇳🇱 45.148.10.151

🇮🇳 40.81.233.86

🇦🇷 186.123.145.198

🇸🇪 155.212.110.37

🇺🇸 151.240.109.14

🇳🇱 91.92.40.10

🇰🇿 89.107.99.63

🇨🇦 65.111.20.97

🇺🇸 64.62.156.63

🇹🇷 31.145.131.202

🇪🇸 217.154.106.153