JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.159.229.57

52.159.229.57 was found in our database!

This IP was reported 6 times. Confidence of Abuse is 38%: ?

38%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.159.229.57

Whois 52.159.229.57

IP Abuse Reports for 52.159.229.57:

This IP address has been reported a total of 6 times from 6 distinct sources. 52.159.229.57 was first reported on February 10th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 20:55:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 52.159.229.57 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.159.229.57 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 16:55:20.084315 2026] [security2:error] [pid 26123:tid 26123] [client 52.159.229.57:36866] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.git/HEAD"] [unique_id "ajxEOAvNlgr_ofRNZxiaxwAAABw"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Savvii	2026-06-24 20:49:13 (1 day ago)	15 attempts against mh-modsecurity-ban on hostbillst3	Brute-Force Web App Attack
🇺🇸 cwytech	2026-06-24 20:45:23 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/pf-geofence-high.	Hacking
Anonymous	2026-06-24 17:48:55 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇪 AutosOnShow	2026-06-24 16:58:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-24 16:57:39.281 \|	Web App Attack
🇬🇧 2048	2026-02-10 13:01:54 (4 months ago)	2026-02-10T14:01:50.311110+01:00 machodeer kernel: [79594.441894] [UFW BLOCK] IN=ens3 OUT= MAC=REDAC ... show more 2026-02-10T14:01:50.311110+01:00 machodeer kernel: [79594.441894] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.159.229.57 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=6642 DF PROTO=TCP SPT=5002 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-02-10T14:01:51.767047+01:00 machodeer kernel: [79595.898034] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.159.229.57 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=11750 DF PROTO=TCP SPT=4999 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-02-10T14:01:52.807144+01:00 machodeer kernel: [79596.938492] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.159.229.57 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=11751 DF PROTO=TCP SPT=4999 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan

Showing 1 to 6 of 6 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 176.88.34.74

🇮🇷 151.232.151.178

🇫🇷 92.157.28.153

🇯🇴 212.34.19.162

🇮🇳 152.59.54.104

🇫🇮 147.185.133.201

🇧🇷 138.186.173.10

🇳🇱 91.92.40.47

🇫🇷 85.217.140.51

🇳🇱 78.142.18.172

🇨🇳 58.221.60.25

🇧🇷 45.205.1.73

🇮🇳 45.40.57.172

🇨🇳 39.180.77.183

🇬🇧 34.142.110.144

🇺🇸 216.25.89.136

🇺🇸 195.184.76.136

🇷🇴 193.46.255.86

🇱🇦 183.182.99.30

🇺🇸 173.255.223.103