JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.159.227.44

52.159.227.44 was found in our database!

This IP was reported 164 times. Confidence of Abuse is 2%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.159.227.44

Whois 52.159.227.44

IP Abuse Reports for 52.159.227.44:

This IP address has been reported a total of 164 times from 14 distinct sources. 52.159.227.44 was first reported on April 3rd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nodepile	2026-05-28 19:10:29 (1 week ago)	UA claims known bot but FCrDNS checks do not match official ranges (tenant=82 method=GET path=/ ua=' ... show more UA claims known bot but FCrDNS checks do not match official ranges (tenant=82 method=GET path=/ ua='Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot') show less	Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2025-12-03 16:30:05 (6 months ago)	Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 44.227.159.52.rbl.malwa ... show more Malware host (X-Forwarded-For) detected by rbl.malware.expert. RBL lookup of 44.227.159.52.rbl.malware.expert succeeded at REQUEST_HEADERS:x-forwarded-for. (1001000-mnz6-3) show less	Hacking
🇺🇸 nodepile	2025-11-16 15:38:37 (6 months ago)	UA claims known bot but reverse & forward DNS checks do not match official ranges (tenant=82 method= ... show more UA claims known bot but reverse & forward DNS checks do not match official ranges (tenant=82 method=GET path=/fits-01-05-honda-civic-sedan-factory-style-trunk-spoiler-painted-b92p-black.html ua='Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot') show less	Bad Web Bot Web App Attack
🇺🇸 nodepile	2025-11-11 02:50:46 (6 months ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/w838-black-machined-face-18x8-5-et ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/w838-black-machined-face-18x8-5-et35-5x112-cb66-6.html ua='Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot') show less	Open Proxy VPN IP
🇺🇸 nodepile	2025-11-03 18:38:09 (7 months ago)	Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/chevrolet-corvette-2005-2013-c6-he ... show more Requests denied due to proxy/VPN risk (tenant=82 method=GET path=/chevrolet-corvette-2005-2013-c6-headlight-lenses-zen6.html ua='Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot') show less	Open Proxy VPN IP
🇺🇸 nodepile	2025-10-31 14:01:51 (7 months ago)	Requests denied due to proxy/VPN risk	Open Proxy VPN IP
🇦🇺 MAGIC	2025-10-29 02:18:58 (7 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 hermawan	2025-10-26 22:53:32 (7 months ago)	[Mon Oct 27 05:52:20.508137 2025] [security2:error] [pid 1617497:tid 140450726831808] [client 52.159 ... show more [Mon Oct 27 05:52:20.508137 2025] [security2:error] [pid 1617497:tid 140450726831808] [client 52.159.227.44:26489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/profil/meteorologi/list-all-categories/551-klimatologi/prakiraan-klimatologi/peringatan-dini/555562472-press-release-kewaspadaan-cuaca-ekstrim-di-jawa-timur-20-29-oktober-2025 HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/profil/meteorologi/list-all-categories/551-klimatologi/prakiraan-klimatologi/peringatan-dini/555562472-press-release-kewaspadaan-cuaca-ekstrim-di-jawa-timur-20-29-ok ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-10-01 11:11:13 (8 months ago)	[Wed Oct 01 18:10:27.530015 2025] [security2:error] [pid 266753:tid 140566766544576] [client 52.159. ... show more [Wed Oct 01 18:10:27.530015 2025] [security2:error] [pid 266753:tid 140566766544576] [client 52.159.227.44:59755] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "aN0MI0rSFJIVRz18qnk-wwACAQA"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[266754] [iMh16tYQjlw] [aN0MI0rSFJIVRz18qnk-wwACAQA] keep_alive=[1] [2025-10-01 18:10:27.530019] [R:aN0MI0rSFJIVRz18qnk-wwACAQA] UA:'Mo ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-09-25 20:35:45 (8 months ago)	[Fri Sep 26 03:35:14.339303 2025] [security2:error] [pid 1679722:tid 140606077560512] [client 52.159 ... show more [Fri Sep 26 03:35:14.339303 2025] [security2:error] [pid 1679722:tid 140606077560512] [client 52.159.227.44:43818] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/profil/meteorologi/list-of-all-tags/gempa-terkini HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/profil/meteorologi/list-of-all-tags/gempa-terkini"] [unique_id "aNWngt9UsIk3RuHLSjtdhwADQhg"] [staklim-jatim.bmkg.go.id] [staklim-jatim.bmkg.go.id] top=[1679747] [iTQ5G2ZE974] [aNWngt9UsIk3RuHLSjtdhwADQhg] keep_alive=[1] [2025-09-26 03:35:14.339312] [R:aNWngt9UsIk3RuHLSjtdhwADQhg] UA:' ... show less	Hacking Web App Attack
🇦🇺 MAGIC	2025-09-17 00:11:30 (8 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇮🇩 hermawan	2025-09-13 18:05:18 (8 months ago)	[Sun Sep 14 01:05:17.884319 2025] [security2:error] [pid 1032824:tid 140267207235264] [client 52.159 ... show more [Sun Sep 14 01:05:17.884319 2025] [security2:error] [pid 1032824:tid 140267207235264] [client 52.159.227.44:39413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-curah-hujan-bulanan/3-bulan-ke-depan/555561464-prakiraan-bulanan-curah-hujan-bulan-januari-tahun-2025-update-dari-analisis-bulan-september-tahun-2024-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-curah-hujan-bulanan/3-bulan-ke-depan/555561464-prakiraan-bulanan-curah-huja ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-09-04 13:09:49 (9 months ago)	[Thu Sep 04 20:08:37.872245 2025] [security2:error] [pid 328332:tid 139836248721088] [client 52.159. ... show more [Thu Sep 04 20:08:37.872245 2025] [security2:error] [pid 328332:tid 139836248721088] [client 52.159.227.44:41622] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/prakiraan-musim/4271-prakiraan-musim-hujan/prakiraan-curah-hujan-musim-hujan/prakiraan-curah-hujan-musim-hujan-di-propinsi-jawa-timur/prediksi-curah-hujan-musim-hujan-tahun-2024-2025-zona-musim-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prakiraan-musim/4271-prakiraan-musim-hujan/prakiraan-curah-hujan-musim-hujan/prakiraan-curah-hujan-musim-hujan-di-propin ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-09-03 07:52:07 (9 months ago)	[Wed Sep 03 14:50:38.611370 2025] [security2:error] [pid 355243:tid 140449395177152] [client 52.159. ... show more [Wed Sep 03 14:50:38.611370 2025] [security2:error] [pid 355243:tid 140449395177152] [client 52.159.227.44:59720] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/prediksi-iklim/prediksi-bulanan/curah-hujan/3-bulan-ke-depan/555561856-prediksi-bulanan-curah-hujan-bulan-mei-tahun-2025-update-dari-analisis-bulan-februari-tahun-2025-di-provinsi-jawa-timur HTTP/2.0"] [severity "NOTICE"] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php/prediksi-iklim/prediksi-bulanan/curah-hujan/3-bulan-ke-depan/555561856-prediksi-bulanan-curah-hujan-bulan-mei-tahun-2025-update-dari-analisis-bula ... show less	Hacking Web App Attack
🇮🇩 hermawan	2025-09-02 02:08:31 (9 months ago)	[Tue Sep 02 09:08:03.700100 2025] [security2:error] [pid 399513:tid 139890200053440] [client 52.159. ... show more [Tue Sep 02 09:08:03.700100 2025] [security2:error] [pid 399513:tid 139890200053440] [client 52.159.227.44:60797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "User" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity/coreruleset-4.16.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "228"] [id "440000"] [msg "BAD BOT - Detected and Blocked"] [data "Matched Data: User found within REQUEST_HEADERS:User-Agent: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko); compatible; ChatGPT-User/1.0; +https://openai.com/bot request_line = GET /index.php/prakiraan-musim/4312-prakiraan-musim-kemarau/prakiraan-curah-hujan-musim-kemarau/prakiraan-curah-hujan-musim-kemarau-di-propinsi-jawa-timur/prediksi-6-bulanan-curah-hujan-musim-kemarau-tahun-2025-zona-musim-di-provinsi-jawa-timur/555561827-prediksi-6-bulanan-curah-hujan-musim-kemarau-tahun-2025-zona-musim-di-pro..."] [severity "NOTICE"] [hostname "staklim-malang.info"] [uri "/index.php/prakiraan-musim/4312-prakiraan-mus ... show less	Hacking Web App Attack

Showing 1 to 15 of 164 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.173

🇬🇧 191.96.110.39

🇦🇷 186.22.19.183

🇨🇳 175.12.108.55

🇺🇸 104.243.41.89

🇨🇳 101.76.248.214

🇷🇺 91.185.75.244

🇱🇹 77.90.185.239

🇻🇳 58.186.20.143

🇮🇩 157.85.210.206

🇧🇪 91.86.88.24

🇨🇦 85.217.149.21

🇳🇱 80.82.77.48

🇺🇸 66.132.172.199

🇰🇷 43.164.132.92

🇳🇱 40.115.3.53

🇺🇸 20.57.77.193

🇮🇩 210.79.142.221

🇧🇷 189.6.79.65

🇨🇳 183.191.120.41