JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.125.129.14

52.125.129.14 was found in our database!

This IP was reported 116 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.125.129.14

Whois 52.125.129.14

IP Abuse Reports for 52.125.129.14:

This IP address has been reported a total of 116 times from 23 distinct sources. 52.125.129.14 was first reported on April 18th 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2023-12-11 00:12:10 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2023-12-06 18:34:35 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 06 13:34:28.555211 2023] [security2:error] [pid 1778902] [client 52.125.129.14:9171] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.willowstick-carbon.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.willowstick-carbon.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZXC-tP1Ca31s13IrlElfZQAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-12-05 16:52:20 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 05 11:52:15.902199 2023] [security2:error] [pid 114374] [client 52.125.129.14:7306] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.unpluggedfurniture.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.unpluggedfurniture.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZW9VP82STqMKGc4LAcry1gAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2023-12-05 00:01:17 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2023-12-03 06:44:35 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 03 01:44:29.949781 2023] [security2:error] [pid 2302695] [client 52.125.129.14:8520] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.shirtzz.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.shirtzz.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZWwjzVwMSYSt8InULSLUBQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-12-02 23:23:05 (2 years ago)	Excessive crawling/scraping	Hacking Brute-Force
🇺🇸 TPI-Abuse	2023-12-01 15:31:44 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 01 10:31:38.068189 2023] [security2:error] [pid 24883] [client 52.125.129.14:12849] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.gervais-family.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.gervais-family.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZWn8WtfXuj8-0Syb3fUz6AAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2023-12-01 01:10:05 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2023-11-28 18:07:15 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 28 13:07:11.384772 2023] [security2:error] [pid 17733] [client 52.125.129.14:12495] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.controvac.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.controvac.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZWYsT8YF0qZ1sFZqkUAUgwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2023-11-27 16:26:16 (2 years ago)	tcp ports: 80,443 (102 or more attempts)	Port Scan
Anonymous	2023-11-25 21:56:17 (2 years ago)	Excessive crawling/scraping	Hacking Brute-Force
🇺🇸 TPI-Abuse	2023-11-22 19:38:02 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 22 14:37:56.127578 2023] [security2:error] [pid 421578] [client 52.125.129.14:3075] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.linzylyne.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.linzylyne.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZV5YlER_Os99mO-R8b0QeAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-21 00:30:07 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 20 19:29:57.011761 2023] [security2:error] [pid 11217] [client 52.125.129.14:3776] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.tucsondivorcelawyer.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.tucsondivorcelawyer.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZVv6BSlMlvipUD-yOqSmSAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2023-11-20 19:23:27 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 52.125.129.14 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 20 14:23:23.348015 2023] [security2:error] [pid 13072] [client 52.125.129.14:4103] [client 52.125.129.14] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|autodiscover.jamesclarklaw.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "autodiscover.jamesclarklaw.com"] [uri "/autodiscover/autodiscover.json/v1.0/[email protected]"] [unique_id "ZVuyK2b5Ai_rgmCKI19liAAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2023-11-19 00:48:13 (2 years ago)	Excessive crawling/scraping	Hacking Brute-Force

Showing 1 to 15 of 116 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 211.43.13.49

🇮🇷 193.151.140.91

🇺🇸 192.241.156.252

🇲🇽 187.191.48.4

🇨🇳 182.242.169.26

🇮🇳 182.76.107.16

🇵🇰 153.117.32.174

🇷🇴 92.118.39.62

🇺🇸 66.132.186.244

🇺🇸 54.92.176.214

🇸🇬 43.156.247.77

🇺🇦 213.111.148.227

🇬🇧 193.163.125.230

🇩🇪 193.124.20.250

🇺🇸 192.227.225.134

🇨🇴 190.156.135.102

🇺🇸 173.234.225.136

🇺🇸 165.154.36.102

🇩🇿 154.121.43.155

🇫🇷 140.248.41.25