JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.158.160.230

52.158.160.230 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 28%: ?

28%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.158.160.230

Whois 52.158.160.230

IP Abuse Reports for 52.158.160.230:

This IP address has been reported a total of 18 times from 13 distinct sources. 52.158.160.230 was first reported on January 23rd 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-12 23:10:01 (3 hours ago)	tcp/4443 (4 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-12 21:32:17 (5 hours ago)	tcp/3002	Port Scan
Anonymous	2026-06-12 20:26:41 (6 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 JustMeHere	2026-05-27 17:08:00 (2 weeks ago)	[Wed May 27 13:07:56.281215 2026] [security2:error] [pid 148991:tid 149035] [client 52.158.160.230:4 ... show more [Wed May 27 13:07:56.281215 2026] [security2:error] [pid 148991:tid 149035] [client 52.158.160.230:4100] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/etc/httpd/modsecurity.d/activated_rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 45)"] [ver "OWASP_CRS/4.15.0"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "gateway.yorknation.com"] [uri "/"] [unique_id "ahck7AZtVKnh9Kz99BtT1wAAARA"] ... show less	Web App Attack
🇩🇪 4server	2026-05-27 07:09:18 (2 weeks ago)	[WedMay2709:09:12.1833292026][security2:error][pid2814992:tid2815086][client52.158.160.230:0]ModSecu ... show more [WedMay2709:09:12.1833292026][security2:error][pid2814992:tid2815086][client52.158.160.230:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\\\\\\\\\$\\|.\\)\\\\\\\\\)\\|\\\\\\\\{.\\\\\\\\\}\)\\|[\<\>]\\\\\\\\$.\\\\\\\\\$\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\${encodeuricomponent$string\(res$\)}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=$function\(${var_r=typeofrequire\!==undefined\?require:$process.mainmodule\?process.mainmodule.require.bind\(process.mainmodule$:$typeofglobalthis.require\!==undefined\?globalthis.require:null$\)returnvuln_check_success_69420}\)throwobject.assign\(newerror\(next_redirect...\"][tag\"attack-rc show less	Port Scan Brute-Force Web App Attack
🇦🇹 urnilxfgbez	2026-03-11 23:45:00 (3 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇩🇪 ps-center	2026-03-10 16:44:00 (3 months ago)	SS5-W: TCP-Scanner. Port: 23	Port Scan
🇺🇸 cybsecaoccol	2026-03-09 23:34:14 (3 months ago)	unauthorized connection or malicious port scan attempted on tcp port - corp	Port Scan Hacking
🇦🇹 urnilxfgbez	2026-03-08 23:45:00 (3 months ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇨🇳 ThreatBook.io	2026-03-07 01:17:29 (3 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/52.158.160.230	SSH
🇨🇭 TOCE	2026-03-06 09:32:59 (3 months ago)	40 hits seen on 2026-03-06, ports 23 (Telnet) on a honeypot from www.toce.ch	Brute-Force
Anonymous	2026-03-05 12:55:09 (3 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇹🇭 Sawasdee	2026-02-19 17:28:20 (3 months ago)	Port Scan ...	Port Scan
🇺🇸 RAP	2026-02-19 13:17:34 (3 months ago)	2026-02-19 13:17:34 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan
Anonymous	2026-02-19 09:42:38 (3 months ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 2a01:4f9:c013:53d7::1

🇧🇷 179.134.76.17

🇺🇸 162.216.149.112

🇨🇳 150.255.99.237

🇨🇳 118.196.119.108

🇹🇼 118.194.252.168

🇲🇲 103.59.163.133

🇸🇬 43.156.60.15

🇷🇴 2.57.122.238

🇷🇴 2.57.122.177

🇯🇵 210.156.0.132

🇧🇷 200.192.97.179

🇧🇪 198.235.24.176

🇧🇷 186.239.41.74

🇵🇭 120.28.137.240

🇬🇧 118.26.104.179

🇺🇸 69.133.184.182

🇭🇰 199.45.155.64

🇦🇷 181.116.220.140

🇺🇸 172.172.214.224