JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.173.162.33

52.173.162.33 was found in our database!

This IP was reported 73 times. Confidence of Abuse is 50%: ?

50%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.173.162.33

Whois 52.173.162.33

IP Abuse Reports for 52.173.162.33:

This IP address has been reported a total of 73 times from 50 distinct sources. 52.173.162.33 was first reported on October 20th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇷🇸 Scan	2026-06-03 02:22:30 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 RAP	2026-06-03 01:53:50 (2 weeks ago)	2026-06-03 01:53:50 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-03 01:46:26 (2 weeks ago)	Blocked by UFW (TCP on 2087) Source port: 55531 TTL: 52 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 55531 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 52.173.162.33) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 01:34:22 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 52.173.162.33 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.173.162.33 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:34:15.712791 2026] [security2:error] [pid 22884:tid 22884] [client 52.173.162.33:55499] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.13"] [uri "/.git/config"] [unique_id "ah-El_oQCpbR1hsZOSL6NgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇳 WMK965	2026-06-03 01:04:30 (2 weeks ago)	52.173.162.33 - - [03/Jun/2026:09:04:25 +0800] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Win ... show more 52.173.162.33 - - [03/Jun/2026:09:04:25 +0800] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "-" 52.173.162.33 - - [03/Jun/2026:09:04:28 +0800] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" 52.173.162.33 - - [03/Jun/2026:09:04:29 +0800] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" show less	Port Scan Web App Attack
🇦🇺 aranguren.org	2026-06-03 00:14:22 (2 weeks ago)	52.173.162.33 - - [03/Jun/2026:10:14:10 +1000] "GET /.git/config HTTP/1.1" 404 986 "-" "Mozilla/5.0 ... show more 52.173.162.33 - - [03/Jun/2026:10:14:10 +1000] "GET /.git/config HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.173.162.33 - - [03/Jun/2026:10:14:14 +1000] "GET /.env.backup HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 52.173.162.33 - - [03/Jun/2026:10:14:15 +1000] "GET /.env.save HTTP/1.1" 404 986 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.173.162.33 - - [03/Jun/2026:10:14:17 +1000] "GET /wp-config.php HTTP/1.1" 404 16 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 52.173.162.33 - - [03/Jun/2026:10:14:18 +1000] "GET /.aws/credentials HTTP/1.1" 404 986 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0. ... show less	Bad Web Bot
🇹🇷 SeczarSecureOps	2026-06-02 23:59:34 (2 weeks ago)	Seczar SecureOps — Port Scan Detection (5 events) — quarantined 43200m on fgdcapi	Port Scan
🇬🇧 PeravixGroup	2026-06-02 23:43:43 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 MakoWish	2026-06-02 23:34:54 (2 weeks ago)	Fuzzing for misconfigured web servers.	Hacking Web App Attack
Anonymous	2026-06-02 23:32:00 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 Cyber Crusader	2026-06-02 18:59:32 (2 weeks ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇯🇵 SentinalX by uzumaru	2026-05-28 01:32:08 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: mega.nz:443 show less	Open Proxy Port Scan
🇺🇸 Rayulcifer	2026-04-12 19:22:59 (2 months ago)	52.173.162.33 - - [12/Apr/2026:14:22:58 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 874 "-" "axi ... show more 52.173.162.33 - - [12/Apr/2026:14:22:58 -0500] "GET http://httpbin.org/ip HTTP/1.1" 200 874 "-" "axios/1.14.0" 52.173.162.33 - - [12/Apr/2026:14:22:58 -0500] "GET http://httpbin.org/get HTTP/1.1" 200 874 "-" "axios/1.14.0" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇹🇷 rtbh.com.tr	2026-03-02 20:11:51 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force

Showing 1 to 15 of 73 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.180

🇳🇱 132.243.121.237

🇺🇸 50.6.197.105

🇮🇩 36.68.186.7

🇺🇸 35.151.110.53

🇯🇵 8.216.8.217

🇺🇸 3.231.171.53

🇬🇧 193.163.125.249

🇺🇸 172.71.153.149

🇺🇸 172.69.133.118

🇺🇸 156.227.242.126

🇩🇪 152.53.22.30

🇻🇳 103.78.1.33

🇫🇷 91.231.89.244

🇺🇸 65.49.1.167

🇫🇷 37.66.170.63

🇺🇸 20.65.152.136

🇩🇪 185.242.3.39

🇩🇪 178.16.52.74

🇺🇸 172.71.157.156