JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.159.224.232

52.159.224.232 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 91%: ?

91%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Hostname(s)	aztswse7hfe1.t.stretchoid.com
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.159.224.232

Whois 52.159.224.232

IP Abuse Reports for 52.159.224.232:

This IP address has been reported a total of 16 times from 16 distinct sources. 52.159.224.232 was first reported on June 9th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇴 Bots.go.to.hell	2026-06-09 17:40:01 (1 hour ago)	This IP was detected by CrowdSec triggering custom/http-bad-crawler-ban	Web App Attack Bad Web Bot
🇮🇩 Burayot	2026-06-09 15:49:59 (3 hours ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.159.224.232 (US/United States/azt ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 52.159.224.232 (US/United States/aztswse7hfe1.t.stretchoid.com): 1 in the last 3600 secs show less	Web App Attack
🇧🇷 chronos	2026-06-09 13:16:40 (6 hours ago)	2026-06-09 09:53:28 UTC-3\|\|Unauthorized connection attempt detected for port scanning	Port Scan
🇩🇪 Yachiyo Runami	2026-06-09 12:01:15 (7 hours ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 42 \| Len: 52B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 42 \| Len: 52B \| Win: 65535(1) \| rDNS: aztswse7hfe1.t.stretchoid.com \| F2B/ufw-honeypot@2026-06-09T12:01:14Z show less	Port Scan Hacking
Anonymous	2026-06-09 11:54:02 (7 hours ago)	unsolicited connect TCP dport 80 (sport 39309)	Hacking
🇺🇸 itsnixk	2026-06-09 10:11:44 (9 hours ago)	(mod_security) mod_security (id:913100) triggered by 52.159.224.232 (US/United States/aztswse7hfe1.t ... show more (mod_security) mod_security (id:913100) triggered by 52.159.224.232 (US/United States/aztswse7hfe1.t.stretchoid.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 09 06:11:40.867363 2026] [security2:error] [pid 100720:tid 100818] [client 52.159.224.232:53208] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity.d/REQUEST-913-SCANNER-DETECTION.conf"] [line "56"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [redacted] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/SCANNER-DETECTION"] [tag "capec/1000/118/224/541/310"] [redacted] [uri "/mcp"] [unique_id "aifm3EQ3V5bBCHkigpVC3AAAAA8"] show less	Port Scan
🇦🇱 router.al	2026-06-09 09:22:16 (9 hours ago)	06/09/2026-09:22:16.559966 52.159.224.232 Protocol: 6 ET SCAN Zmap User-Agent (Inbound)	Hacking
🇳🇱 StopAbuse	2026-06-09 08:59:47 (10 hours ago)	tcp/80	Port Scan
Anonymous	2026-06-09 08:46:40 (10 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 BlueWire Hosting	2026-06-09 07:03:52 (12 hours ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇹🇷 NotThePerpetrator	2026-06-09 06:12:00 (13 hours ago)	zgrab	Web App Attack
🇵🇱 Roper123	2026-06-09 05:57:16 (13 hours ago)	Web app exploits	Web App Attack
Anonymous	2026-06-09 05:20:30 (14 hours ago)	Fail2Ban triggered	Web App Attack
🇦🇺 afleventoffice.com.au	2026-06-09 04:52:09 (14 hours ago)	GET /mcp HTTP/1.1	Web App Attack
🇳🇱 soverin	2026-06-09 04:05:00 (15 hours ago)	Network scan on port 80	Email Spam

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.73.162.117

🇨🇳 203.76.241.18

🇹🇼 198.235.24.95

🇷🇺 178.216.165.187

🇧🇷 177.36.214.46

🇺🇸 162.216.149.18

🇺🇸 162.216.149.16

🇺🇸 147.185.132.183

🇮🇳 110.225.255.179

🇿🇦 102.129.56.147

🇳🇱 185.242.226.103

🇵🇰 139.135.41.154

🇻🇳 123.20.139.168

🇳🇱 77.91.71.10

🇫🇮 62.238.27.170

🇷🇴 2.57.121.25

🇺🇸 2607:f8b0:400c:c05::120

🇩🇪 213.209.159.158

🇨🇳 182.43.164.191

🇰🇷 175.203.23.245