JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.185.212.58

52.185.212.58 was found in our database!

This IP was reported 68 times. Confidence of Abuse is 39%: ?

39%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Antonio, Texas

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.185.212.58

Whois 52.185.212.58

IP Abuse Reports for 52.185.212.58:

This IP address has been reported a total of 68 times from 37 distinct sources. 52.185.212.58 was first reported on February 27th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 micropedro	2026-06-03 00:31:05 (2 days ago)	3 incidents: malicious activity. First: 2026-05-19 19:46, Last: 2026-06-02 20:31 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-19 19:46, Last: 2026-06-02 20:31 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-05-27 00:05:41 (1 week ago)	4 incidents: malicious activity. First: 2026-05-19 19:44, Last: 2026-05-26 20:05 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-05-19 19:44, Last: 2026-05-26 20:05 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 dmsec	2026-05-18 20:44:04 (2 weeks ago)	The IP 52.185.212.58 is scanning a server on port 6379. Attack at: 2026-05-18 17:44 (yyyy/MM/dd HH:m ... show more The IP 52.185.212.58 is scanning a server on port 6379. Attack at: 2026-05-18 17:44 (yyyy/MM/dd HH:mm) UTC -3. show less	Port Scan
🇺🇸 micropedro	2026-05-12 23:39:38 (3 weeks ago)	3 incidents: malicious activity. First: 2026-05-05 19:31, Last: 2026-05-12 19:39 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-05-05 19:31, Last: 2026-05-12 19:39 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-05-12 23:39:38 (3 weeks ago)	3 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-05-12 19:39 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-05-12 19:39 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-05-03 03:30:19 (1 month ago)	4 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-05-02 23:30 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-05-02 23:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇺🇸 micropedro	2026-04-30 18:15:42 (1 month ago)	3 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-04-30 14:15 UTC. Triggers: ufw- ... show more 3 incidents: malicious activity. First: 2026-04-25 22:30, Last: 2026-04-30 14:15 UTC. Triggers: ufw-repeater. show less	Port Scan
🇳🇱 donarev419	2026-04-22 04:48:07 (1 month ago)	Connection to port 6379 with data transfer. Data preview: *1 $4 info	Port Scan Hacking
🇸🇰 GOVCERT	2026-04-21 11:17:25 (1 month ago)	Sweep Scan	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-04-21 10:38:18 (1 month ago)	[RoutePulse \| 2026-04-21T10:38:18Z] ATTACK: port scan horizontal (port 6379) TARGET: 4 subnets: 185. ... show more [RoutePulse \| 2026-04-21T10:38:18Z] ATTACK: port scan horizontal (port 6379) TARGET: 4 subnets: 185.54.81.0/24, 185.54.82.0/24, 185.54.80.0/24 SOURCE: 52.185.212.58 · AS8075 Microsoft Corporation · United States EVIDENCE: severity=warning · 1026 flows · 1024 distinct targets · port 6379 INTEL: RoutePulse score 0/100 MITRE: T1018 Remote System Discovery, T1046 Network Service Scanning DETECTION: sFlow/IPFIX flow analysis + 18-model ML ensemble + threat-intel correlation ACTION: Pre-blackhole intelligence report (live monitoring continues) show less	Port Scan
🇺🇸 micropedro	2026-04-19 01:30:08 (1 month ago)	4 incidents: malicious activity. First: 2026-04-11 20:30, Last: 2026-04-18 21:30 UTC. Triggers: ufw- ... show more 4 incidents: malicious activity. First: 2026-04-11 20:30, Last: 2026-04-18 21:30 UTC. Triggers: ufw-repeater. show less	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-04-18 01:30:23 (1 month ago)	[HP01-SRV01-FR] Blocked by SysWarden Firewall (Database/Cache Attack)	Port Scan Hacking Brute-Force
🇺🇸 rellim.com	2026-04-18 00:08:47 (1 month ago)	Apr 17 13:38:20 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:0 ... show more Apr 17 13:38:20 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.185.212.58 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=24876 DF PROTO=TCP SPT=7178 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 Apr 17 15:51:26 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.185.212.58 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=46062 DF PROTO=TCP SPT=15178 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 Apr 17 17:08:46 alice kernel: HACK IN=enp3s0 OUT=enp1s0 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.185.212.58 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=17303 DF PROTO=TCP SPT=15177 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-04-17 20:52:08 (1 month ago)	2026-04-17T21:52:07.726806+01:00 vps kernel: [38199337.822434] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-04-17T21:52:07.726806+01:00 vps kernel: [38199337.822434] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=52.185.212.58 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=40 ID=31185 DF PROTO=TCP SPT=15173 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 xmission.com	2026-04-17 20:08:24 (1 month ago)	Blocked by UFW (TCP on 6379) Source port: 15176 TTL: 51 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 6379) Source port: 15176 TTL: 51 Packet length: 60 TOS: 0x00 This report (for 52.185.212.58) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 68 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.128.7.161

🇮🇩 156.230.187.30

🇳🇱 93.174.93.12

🇺🇸 66.175.213.4

🇮🇷 5.202.105.236

🇺🇸 2607:f8b0:4001:c74::129

🇺🇸 195.184.76.131

🇫🇷 135.125.2.121

🇧🇷 131.108.162.24

🇫🇷 91.231.89.254

🇮🇹 83.224.159.245

🇧🇷 43.157.151.226

🇻🇳 27.79.45.129

🇺🇸 2607:f8b0:4001:c0e::129

🇰🇷 222.239.251.12

🇳🇱 204.76.203.10

🇪🇹 196.189.155.89

🇬🇧 185.127.69.204

🇮🇶 185.24.61.26

🇺🇸 162.216.150.118