JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.188.86.144

52.188.86.144 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.188.86.144

Whois 52.188.86.144

IP Abuse Reports for 52.188.86.144:

This IP address has been reported a total of 26 times from 25 distinct sources. 52.188.86.144 was first reported on June 1st 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Yachiyo Runami	2026-06-14 18:34:55 (5 days ago)	Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 47 \| Len: 60B \| Win: ... show more Port Scan on Honeypot \| Ports: 80/HTTP \| Proto: TCP(1) \| Flags: all SYN \| TTL: 47 \| Len: 60B \| Win: 64240(1) \| F2B/ufw-honeypot@2026-06-14T18:34:54Z show less	Port Scan Hacking
🇧🇷 ludarkstar99	2026-06-14 17:20:02 (5 days ago)	Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=2077,2078,2082,2083,2086,2087,443,80	Port Scan Hacking
🇺🇸 ISPLtd	2026-06-14 16:33:30 (5 days ago)	Jun 14 10:33:29 52.188.86.144 TCP SPT=50892 DPT=2096 SYN Jun 14 10:33:29 52.188.86.144 TCP SPT=50883 ... show more Jun 14 10:33:29 52.188.86.144 TCP SPT=50892 DPT=2096 SYN Jun 14 10:33:29 52.188.86.144 TCP SPT=50883 DPT=2087 SYN Jun 14 10:33:29 52.188.86.144 TCP SPT=50880 DPT=2082 ... show less	Port Scan
🇺🇸 hyena	2026-06-14 15:34:08 (5 days ago)	Repeated mod_security events.	Web App Attack
🇫🇷 dynamix	2026-06-14 14:23:13 (5 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Axel	2026-06-14 13:12:42 (5 days ago)	Blocked by UFW on MVI [443/tcp] \| SPT: 50368 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [443/tcp] \| SPT: 50368 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 14:53:35 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 52.188.86.144 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.188.86.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 10:53:32.661317 2026] [security2:error] [pid 29786:tid 29786] [client 52.188.86.144:4211] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.139"] [uri "/.git/config"] [unique_id "ail6bB96IRMBvLaBVAZjGwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Carltonfsck	2026-06-10 14:29:07 (1 week ago)	52.188.86.144 - - [10/Jun/2026:14:29:00 +0000] "GET /.git/HEAD HTTP/1.1" 404 49 52.188.86.144 - - [1 ... show more 52.188.86.144 - - [10/Jun/2026:14:29:00 +0000] "GET /.git/HEAD HTTP/1.1" 404 49 52.188.86.144 - - [10/Jun/2026:14:29:05 +0000] "GET /.git/config HTTP/1.1" 404 49 52.188.86.144 - - [10/Jun/2026:14:29:06 +0000] "GET /.env HTTP/1.1" 404 49 ... show less	Hacking Web App Attack
🇺🇸 n2nguyenn2nguyen	2026-06-10 13:38:24 (1 week ago)	Blocked by YFC Security on https://1904.brixzly.com — type: directory_scan_attempts	Web App Attack
🇩🇪 maxpower	2026-06-10 13:03:55 (1 week ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 52.188.86.144 (US/United States/-): 2 in ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 52.188.86.144 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 52.188.86.144 - - [10/Jun/2026:15:03:48 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 146 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" "-" host=51.89.2.97 52.188.86.144 - - [10/Jun/2026:15:03:51 +0200] "GET /.aws/credentials HTTP/1.1" 404 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" host=51.89.2.97 show less	Port Scan
🇧🇷 diego	2026-06-10 12:50:19 (1 week ago)	[probe-168-134] 2026-06-10 12:32:06, Client: 52.188.86.144, Protocol: 6, Unauthorized activity to HT ... show more [probe-168-134] 2026-06-10 12:32:06, Client: 52.188.86.144, Protocol: 6, Unauthorized activity to HTTP: POST /___proxy_subdomain_whm/login/ show less	Web App Attack
🇹🇷 sgonul71	2026-06-10 12:44:03 (1 week ago)	Web app attacks (IIS logs)	Web App Attack
🇩🇪 iNetWorker	2026-06-10 11:45:15 (1 week ago)	trying to access non-authorized port	Port Scan
🇩🇪 ghostwarriors	2026-06-10 11:20:26 (1 week ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.236.130.182

🇨🇳 180.76.174.73

🇺🇸 148.72.22.85

🇨🇳 119.53.253.2

🇳🇱 109.172.93.14

🇵🇱 20.215.210.167

🇪🇸 212.227.149.238

🇮🇳 202.141.38.206

🇳🇱 91.92.42.61

🇺🇸 47.251.70.129

🇷🇺 46.161.50.109

🇧🇷 20.206.89.89

🇺🇸 20.84.144.171

🇨🇳 14.103.117.105

🇮🇹 5.91.56.163

🇰🇷 222.108.100.117

🇯🇵 153.217.143.100

🇨🇳 115.59.138.18

🇨🇳 111.61.177.3

🇨🇦 85.217.149.5