JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.176.18.36

52.176.18.36 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.176.18.36

Whois 52.176.18.36

IP Abuse Reports for 52.176.18.36:

This IP address has been reported a total of 27 times from 22 distinct sources. 52.176.18.36 was first reported on April 25th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-06-02 06:20:45 (3 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.176.18.36 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.176.18.36 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇵🇱 WinnieHoneypots	2026-06-02 05:50:15 (3 days ago)	Crappy bot probing nonexistent /.env	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 05:37:52 (3 days ago)	Honeypot hit: Empty payload (likely service probe); 2087 [17] TCP Reported by: https://github.com/se ... show more Honeypot hit: Empty payload (likely service probe); 2087 [17] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 05:37:44 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 01:37:38.470848 2026] [security2:error] [pid 21134:tid 21134] [client 52.176.18.36:6297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.107"] [uri "/.git/HEAD"] [unique_id "ah5sIpabglyfemCqOPCOpAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 _ArminS_	2026-06-02 05:24:20 (3 days ago)	SP-Scan 21536:6379 detected 2026.06.02 07:24:20 blocked until 2026.07.22 00:27:07	Port Scan
Anonymous	2026-06-02 05:00:00 (3 days ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇫🇷 dynamix	2026-06-02 04:23:05 (3 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 03:30:34 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:30:27.934296 2026] [security2:error] [pid 12252:tid 12266] [client 52.176.18.36:6341] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.23"] [uri "/.git/HEAD"] [unique_id "ah5OU2ov85AsZRbiC2QwEgAAAYs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 03:02:42 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.176.18.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 01 23:02:36.969372 2026] [security2:error] [pid 7079:tid 7079] [client 52.176.18.36:5405] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.237"] [uri "/.git/HEAD"] [unique_id "ah5HzPCrwsFH8AOtiUEaIgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 eselpcore.com	2026-06-02 03:01:34 (3 days ago)	Requests to non‑existent PHP scripts (web‑shell probing)	Web App Attack
🇺🇸 xmission.com	2026-06-02 02:22:40 (3 days ago)	Blocked by UFW (TCP on 2087) Source port: 4977 TTL: 52 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 2087) Source port: 4977 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 52.176.18.36) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇸🇪 donarev419	2026-06-02 01:40:40 (3 days ago)	Port scan detected on port 2087 (connection without data transfer)	Port Scan
🇫🇷 ISPLtd	2026-06-02 01:26:16 (3 days ago)	Jun 1 22:26:15 52.176.18.36 TCP SPT=3301 DPT=8080 SYN Jun 1 22:26:15 52.176.18.36 TCP SPT=3295 DPT ... show more Jun 1 22:26:15 52.176.18.36 TCP SPT=3301 DPT=8080 SYN Jun 1 22:26:15 52.176.18.36 TCP SPT=3295 DPT=8443 SYN Jun 1 22:26:15 52.176.18.36 TCP SPT=3302 DPT=2083 ... show less	Port Scan
🇹🇭 Sawasdee	2026-06-02 01:24:07 (3 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 Axel	2026-06-02 01:20:59 (3 days ago)	[2026-06-02 01:20:59 UTC] Honeypot HTTPS-Alt connection attempt \| AXFRA HONEYPOT	Web App Attack

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.192

🇳🇱 176.65.148.132

🇫🇷 149.202.60.80

🇫🇷 45.84.88.32

🇸🇬 43.133.61.254

🇬🇧 5.226.140.123

🇩🇪 2.27.20.28

🇺🇸 205.210.31.46

🇸🇬 188.166.183.201

🇩🇪 167.94.146.56

🇸🇬 152.32.218.149

🇺🇸 75.127.15.105

🇲🇾 47.250.179.142

🇺🇸 38.148.249.2

🇧🇷 200.166.238.17

🇵🇪 190.81.117.162

🇲🇽 187.190.35.163

🇳🇱 185.223.235.41

🇨🇳 182.43.164.191

🇺🇸 172.234.25.61