AbuseIPDB » 52.169.9.217

52.169.9.217 was found in our database!

This IP was reported 58 times. Confidence of Abuse is 71%: ?

71%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	Ireland
City	Dublin, Leinster

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated biweekly.

Report 52.169.9.217

Whois 52.169.9.217

IP Abuse Reports for 52.169.9.217:

This IP address has been reported a total of 58 times from 30 distinct sources. 52.169.9.217 was first reported on June 14th 2025, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp in UTC	Comment	Categories
penjaga BRIN	2025-06-16 08:27:29 (4 weeks ago)	-111	Web App Attack
Murazaki	2025-06-15 22:02:25 (4 weeks ago)	www.mehdibenadel.com 52.169.9.217 - - [15/Jun/2025:12:24:13 +0200] "GET /.well-known/acme-challenge/ ... show morewww.mehdibenadel.com 52.169.9.217 - - [15/Jun/2025:12:24:13 +0200] "GET /.well-known/acme-challenge/index.php HTTP/1.1" 404 146 "-" "-" "-" ... show less	Hacking
Vegascosmetics	2025-06-15 21:50:41 (4 weeks ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
Trueforce Threat Report	2025-06-15 17:57:03 (4 weeks ago)	Automated report, trolling for resource vulnerabilities	Bad Web Bot Web App Attack
Ba-Yu	2025-06-15 17:02:17 (4 weeks ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
neckaralb-admin.de	2025-06-15 16:49:54 (4 weeks ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
TPI-Abuse	2025-06-15 16:40:21 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 12:40:14.855561 2025] [security2:error] [pid 2037159:tid 2037159] [client 52.169.9.217:1140] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|scoretopicturenetwork.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "scoretopicturenetwork.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE73bp9xlqwH4__i-5aAXwAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
penjaga BRIN	2025-06-15 16:10:29 (4 weeks ago)	apache-alfa-111	Web App Attack
TPI-Abuse	2025-06-15 15:47:28 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 11:47:24.173074 2025] [security2:error] [pid 3643855:tid 3643855] [client 52.169.9.217:11389] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|valerieohayon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "valerieohayon.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE7rDAVXgEjngWGdryMQxgAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
tentwentyfour	2025-06-15 15:29:37 (4 weeks ago)	Blocked for probing for web application vulnerabilities	Brute-Force Web App Attack
TPI-Abuse	2025-06-15 15:14:46 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 11:14:38.515848 2025] [security2:error] [pid 2931349:tid 2931349] [client 52.169.9.217:3545] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|competitivethread.athletestandard.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "competitivethread.athletestandard.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE7jXp3J4FvZTHwvug60sgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Francio	2025-06-15 12:36:19 (4 weeks ago)	abuser	Brute-Force
TPI-Abuse	2025-06-15 11:44:15 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 07:44:08.868689 2025] [security2:error] [pid 1505080:tid 1505080] [client 52.169.9.217:9594] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|greenanvilfarrier.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "greenanvilfarrier.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE6yCKKa4sIzRzE4TU3TkwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
strefapi_com	2025-06-15 09:49:55 (4 weeks ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
TPI-Abuse	2025-06-15 09:17:26 (4 weeks ago)	(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports ... show more(mod_security) mod_security (id:240000) triggered by 52.169.9.217 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 15 05:17:18.594614 2025] [security2:error] [pid 824485:tid 824485] [client 52.169.9.217:11534] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|randomgroovemusic.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "randomgroovemusic.com"] [uri "/images/stories/admin-post.php"] [unique_id "aE6Pnjfw5TV3seZXg6BPCgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 58 reports

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩

Recently Reported IPs:

103.175.163.192

35.207.200.77

92.118.39.56

176.65.148.55

195.178.110.160

178.128.119.212

91.134.90.11

103.76.120.90

147.185.132.168

138.197.117.59

14.103.170.148

27.254.235.1

62.197.146.25

112.220.250.19

77.92.151.138

216.55.146.45

185.209.82.80

116.98.165.234

170.64.166.144