JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.179.93.133

52.179.93.133 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.179.93.133

Whois 52.179.93.133

IP Abuse Reports for 52.179.93.133:

This IP address has been reported a total of 22 times from 19 distinct sources. 52.179.93.133 was first reported on March 21st 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-06-06 10:53:10 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: fapi.binance.com:443 show less	Open Proxy Port Scan
🇫🇷 evvsk	2026-06-04 06:39:02 (1 week ago)	9848/tcp	Port Scan
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-03 09:52:24 (1 week ago)	Reported from Nginx log analysis 6. Log: 52.179.93.133 - - [03/Jun/2026:xx:xx:xx 0200] "GET /.env.b ... show more Reported from Nginx log analysis 6. Log: 52.179.93.133 - - [03/Jun/2026:xx:xx:xx 0200] "GET /.env.backup HTTP/1.1" xxx xxx "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" "US United States Washington" "AS8075" "Microsoft Corporation" show less	Port Scan Brute-Force SSH
Anonymous	2026-06-03 06:03:46 (1 week ago)	PORT & IP Scan.	Port Scan Brute-Force
🇹🇷 SeczarSecureOps	2026-06-03 05:12:27 (1 week ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (8 events in 10min) at 2026-06-03 05:12	Port Scan
🇩🇪 ITSNF	2026-06-03 04:55:03 (1 week ago)	Blocked by os-abuseipdb; 16 hits, proto=tcp, ports=2082,2083,2086,2087,443,80,8080,8443	Port Scan Hacking
🇪🇪 Selckie	2026-06-03 03:34:21 (1 week ago)	fail2ban: NGINX unusual impact	Web App Attack
🇩🇪 gadix	2026-06-03 02:55:48 (1 week ago)	[03/Jun/2026:04:55:42.753413 +0200] ah-Xrujyv_-0krrP5l-AgQAAABE 52.179.93.133 34900 127.0.0.1 7080 [ ... show more [03/Jun/2026:04:55:42.753413 +0200] ah-Xrujyv_-0krrP5l-AgQAAABE 52.179.93.133 34900 127.0.0.1 7080 [03/Jun/2026:04:55:43.758215 +0200] ah-Xr1PH0bd8qZHimVu3OQAAAA0 52.179.93.133 34906 127.0.0.1 7080 [03/Jun/2026:04:55:46.048020 +0200] ah-Xsgw71NK1-FxqUoPMSQAAAA4 52.179.93.133 34918 127.0.0.1 7080 ... show less	Web App Attack
🇱🇹 NotACaptcha	2026-06-03 02:20:13 (1 week ago)	Unauthorised access (Jun 3 05:20) SRC=52.179.93.133 LEN=60 TTL=40 ID=7360 DF TCP DPT=8080 WINDOW=64 ... show more Unauthorised access (Jun 3 05:20) SRC=52.179.93.133 LEN=60 TTL=40 ID=7360 DF TCP DPT=8080 WINDOW=64240 SYN show less	Port Scan
🇷🇸 Scan	2026-06-03 02:09:20 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 01:51:27 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 52.179.93.133 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.179.93.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:51:22.878370 2026] [security2:error] [pid 22318:tid 22318] [client 52.179.93.133:64836] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.189"] [uri "/.git/HEAD"] [unique_id "ah-ImjzYciY8fLkyvkW7OgAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-03 01:36:04 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 01:33:39 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 52.179.93.133 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.179.93.133 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:33:35.858560 2026] [security2:error] [pid 16750:tid 16750] [client 52.179.93.133:64653] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.207"] [uri "/.git/HEAD"] [unique_id "ah-Eb7fGmY036ChBeJcBqwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-03 01:30:08 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 01:29:28.874 \|	Web App Attack

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.235

🇳🇱 176.65.139.103

🇨🇦 35.183.24.150

🇺🇸 3.16.151.235

🇩🇪 213.209.159.158

🇩🇪 213.209.159.11

🇺🇸 193.19.109.175

🇧🇷 191.233.234.186

🇺🇸 147.185.132.230

🇺🇸 64.225.60.187

🇦🇺 54.206.113.83

🇲🇾 47.254.213.222

🇷🇴 2.57.122.238

🇨🇳 124.89.89.146

🇱🇻 91.105.20.128

🇩🇪 77.64.178.219

🇺🇸 66.132.195.27

🇭🇰 43.161.217.219

🇦🇺 34.151.162.60

🇺🇸 2602:80d:1007::6d