JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.123.186.197

52.123.186.197 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 3%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.123.186.197

Whois 52.123.186.197

IP Abuse Reports for 52.123.186.197:

This IP address has been reported a total of 9 times from 1 distinct source. 52.123.186.197 was first reported on November 30th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-11 16:17:27 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 12:17:22.253517 2026] [security2:error] [pid 17594:tid 17594] [client 52.123.186.197:4097] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.cbcconsult.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "airfktnmuUsGkZaj-Qro9gAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 13:55:44 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 09:55:40.218253 2026] [security2:error] [pid 23823:tid 23823] [client 52.123.186.197:21000] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.feaverslane.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "ahb33AQB3tYQjV_ObwbwEgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-06 12:34:22 (3 months ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 06 07:34:16.007567 2026] [security2:error] [pid 18031:tid 18031] [client 52.123.186.197:10753] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.feaverslane.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com"] [unique_id "aarJyB2EwTLYv8Pm63oVuwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-23 17:00:00 (6 months ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 23 11:59:53.220602 2025] [security2:error] [pid 3141747:tid 3141758] [client 52.123.186.197:22024] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.sasintegrated.com\|F\|2"] [data ".com#[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.sasintegrated.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected]"] [unique_id "aSM9iYseFKIbO0ae8OVQrAAAAYk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-14 13:13:32 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 14 09:13:25.234635 2025] [security2:error] [pid 18545:tid 18545] [client 52.123.186.197:29704] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.feaverslane.com\|F\|2"] [data ".com#[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected]"] [unique_id "aO5MdT9in-E8pijtEDr35AAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-10 14:58:12 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Sep 10 10:58:08.914842 2025] [security2:error] [pid 16966:tid 16966] [client 52.123.186.197:10305] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.cbcconsult.com\|F\|2"] [data ".com#[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cbcconsult.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected]"] [unique_id "aMGSAI4wwrM9lzb1Ufi61QAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-04 21:00:03 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Sep 04 16:59:58.068546 2025] [security2:error] [pid 6270:tid 6270] [client 52.123.186.197:10818] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.cmcnow.com\|F\|2"] [data ".com#[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.cmcnow.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected]"] [unique_id "aLn9zkhcMKHfECErh-70BAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-07 22:13:50 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 07 18:13:42.349802 2025] [security2:error] [pid 2974807:tid 2974807] [client 52.123.186.197:27650] [client 52.123.186.197] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.feaverslane.com\|F\|2"] [data ".com#[email protected]"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.feaverslane.com"] [uri "/autodiscover/autodiscover.json/v1.0/live.com#[email protected]"] [unique_id "aBvbFuMGjEFYcKGZEIodHwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-30 20:05:49 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 52.123.186.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Nov 30 15:05:44.762736 2024] [security2:error] [pid 20190:tid 20190] [client 52.123.186.197:10240] [client 52.123.186.197] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.johnrobinsonconsulting.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.johnrobinsonconsulting.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "Z0twGNWwzDl_nyAcblpxqAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 38.14.235.254

🇬🇧 35.203.211.82

🇺🇸 34.172.198.112

🇺🇸 3.83.245.221

🇵🇪 2a02:6ea0:5501::24

🇺🇸 203.88.119.100

🇲🇾 175.137.226.167

🇺🇸 172.255.93.202

🇺🇸 172.59.184.68

🇮🇳 103.158.138.179

🇪🇬 41.239.131.184

🇪🇬 41.40.222.208

🇺🇸 18.218.118.203

🇮🇳 157.45.240.210

🇨🇳 120.48.32.130

🇸🇬 101.127.101.225

🇺🇸 45.156.129.70

🇳🇱 45.148.10.141

🇺🇸 31.57.40.107

🇺🇸 3.134.216.108