JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.159.247.67

52.159.247.67 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 41%: ?

41%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.159.247.67

Whois 52.159.247.67

IP Abuse Reports for 52.159.247.67:

This IP address has been reported a total of 77 times from 41 distinct sources. 52.159.247.67 was first reported on November 21st 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 12:03:44 (1 week ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 RAP	2026-06-02 10:33:11 (1 week ago)	2026-06-02 10:33:11 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-02 09:06:48 (1 week ago)	Blocked by UFW (TCP on 2087) Source port: 3072 TTL: 117 Packet length: 40 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 3072 TTL: 117 Packet length: 40 TOS: 0x00 This report (for 52.159.247.67) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-02 08:26:21 (1 week ago)	52.159.247.67 detected on srv01	Port Scan
🇹🇷 Threat.live	2026-06-02 07:30:04 (1 week ago)	Suspicious Connection Attempts	Brute-Force
Anonymous	2026-06-02 06:27:00 (1 week ago)	Shorewall log file match.	Port Scan
🇬🇧 Smish	2026-06-02 06:05:30 (1 week ago)	HONEYPOT HIT --> Fail2ban time=1780380328 log=2026-06-02T07:05:28+01:00 ip=52.159.247.67 host=89.39. ... show more HONEYPOT HIT --> Fail2ban time=1780380328 log=2026-06-02T07:05:28+01:00 ip=52.159.247.67 host=89.39.211.7 method=GET uri="/.env.save" status=404 ua="Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ref="-" rid=b8c6f824f27a6fe8c092d2049240dea9 show less	Web App Attack
🇯🇵 demonsword	2026-05-09 14:46:30 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: example.com:443 show less	Open Proxy Port Scan
🇮🇱 spd.co.il	2026-03-26 15:01:50 (2 months ago)	Unauthorized access attempts on ports: 22	Brute-Force SSH
🇳🇱 bazter.pro	2026-03-24 15:00:28 (2 months ago)	2026-03-24T14:56:45.176873+00:00 traccar-server sshd[3344787]: Failed password for root from 52.159. ... show more 2026-03-24T14:56:45.176873+00:00 traccar-server sshd[3344787]: Failed password for root from 52.159.247.67 port 38912 ssh2 2026-03-24T14:58:05.344977+00:00 traccar-server sshd[3344797]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.159.247.67 user=root 2026-03-24T14:58:07.821352+00:00 traccar-server sshd[3344797]: Failed password for root from 52.159.247.67 port 38912 ssh2 2026-03-24T15:00:25.217414+00:00 traccar-server sshd[3344872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.159.247.67 user=root 2026-03-24T15:00:27.247039+00:00 traccar-server sshd[3344872]: Failed password for root from 52.159.247.67 port 38912 ssh2 ... show less	Port Scan Brute-Force Bad Web Bot Web App Attack SSH
Anonymous	2026-03-24 14:53:25 (2 months ago)	SSH Brute Force (3 attempts). Evidence: sshd-session[1395621]: Connection closed by authenticating u ... show more SSH Brute Force (3 attempts). Evidence: sshd-session[1395621]: Connection closed by authenticating user root 52.159.247.67 port 38912 [preauth];sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.159.247.67 user=root show less	Brute-Force SSH
🇸🇪 Mailz1	2026-03-24 14:51:13 (2 months ago)	Mar 24 15:51:12 smtp sshd[1059269]: Failed password for invalid user root from 52.159.247.67 port 38 ... show more Mar 24 15:51:12 smtp sshd[1059269]: Failed password for invalid user root from 52.159.247.67 port 38912 ssh2 ... show less	Brute-Force SSH
🇦🇺 Epic29	2026-03-20 13:55:44 (2 months ago)	2026-03-21T00:53:20.519402+11:00 sleep-salami sshd[163359]: Connection closed by authenticating user ... show more 2026-03-21T00:53:20.519402+11:00 sleep-salami sshd[163359]: Connection closed by authenticating user root 52.159.247.67 port 53185 [preauth] 2026-03-21T00:54:33.638584+11:00 sleep-salami sshd[163382]: Connection closed by authenticating user root 52.159.247.67 port 53185 [preauth] 2026-03-21T00:55:01.789734+11:00 sleep-salami sshd[163384]: Connection closed by authenticating user root 52.159.247.67 port 53185 [preauth] 2026-03-21T00:55:22.949362+11:00 sleep-salami sshd[163393]: Connection closed by authenticating user root 52.159.247.67 port 53185 [preauth] 2026-03-21T00:55:42.947642+11:00 sleep-salami sshd[163396]: Connection closed by authenticating user root 52.159.247.67 port 53184 [preauth] ... show less	Brute-Force SSH
🇦🇺 ts_sre	2026-03-20 13:36:38 (2 months ago)	Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-03-20T13:35:33Z and 2026-03- ... show more Cowrie Honeypot: 10 unauthorised SSH/Telnet login attempts between 2026-03-20T13:35:33Z and 2026-03-20T13:36:38Z show less	Brute-Force SSH
🇦🇺 Epic29	2026-03-20 13:36:00 (2 months ago)	2026-03-21T00:35:32.159692+11:00 sleep-salami sshd[163218]: Connection closed by authenticating user ... show more 2026-03-21T00:35:32.159692+11:00 sleep-salami sshd[163218]: Connection closed by authenticating user root 52.159.247.67 port 53248 [preauth] 2026-03-21T00:35:37.483804+11:00 sleep-salami sshd[163220]: Connection closed by authenticating user root 52.159.247.67 port 53249 [preauth] 2026-03-21T00:35:45.500425+11:00 sleep-salami sshd[163222]: Connection closed by authenticating user root 52.159.247.67 port 53248 [preauth] 2026-03-21T00:35:52.425374+11:00 sleep-salami sshd[163224]: Connection closed by authenticating user root 52.159.247.67 port 53249 [preauth] 2026-03-21T00:35:59.534121+11:00 sleep-salami sshd[163226]: Connection closed by authenticating user root 52.159.247.67 port 53248 [preauth] ... show less	Brute-Force SSH

Showing 1 to 15 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9633:1

🇬🇧 217.154.61.249

🇧🇷 190.115.84.25

🇲🇽 187.212.10.12

🇳🇱 176.65.139.36

🇺🇸 165.154.36.218

🇺🇸 151.241.96.133

🇫🇷 85.217.140.2

🇱🇹 81.30.98.44

🇳🇱 45.148.10.152

🇨🇭 209.99.189.138

🇳🇱 192.142.24.39

🇧🇷 187.16.96.250

🇦🇴 102.213.34.99

🇨🇳 101.201.226.38

🇯🇴 91.186.251.201

🇬🇧 81.19.219.231

🇺🇸 66.132.172.43

🇰🇿 45.66.52.41

🇰🇷 14.63.217.28