JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.188.87.66

52.188.87.66 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.188.87.66

Whois 52.188.87.66

IP Abuse Reports for 52.188.87.66:

This IP address has been reported a total of 27 times from 23 distinct sources. 52.188.87.66 was first reported on May 24th 2026, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Hugopvigo	2026-06-15 01:13:53 (12 hours ago)	52.188.87.66 - - [15/Jun/2026:03:13:53 +0200] "GET /.git/HEAD HTTP/1.1" 403 7861 "-" "Mozilla/5.0 (M ... show more 52.188.87.66 - - [15/Jun/2026:03:13:53 +0200] "GET /.git/HEAD HTTP/1.1" 403 7861 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Hacking Brute-Force Web App Attack SSH
🇷🇸 Scan	2026-06-15 00:43:28 (12 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Axel	2026-06-15 00:03:50 (13 hours ago)	Blocked by UFW on MVI [2082/tcp] \| SPT: 13711 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2082/tcp] \| SPT: 13711 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇮 [email protected]	2026-06-14 23:47:22 (13 hours ago)	Attack attempt against Interwebbi servers; Port Scan detected from 52.188.87.66 (US/United States/ ... show more Attack attempt against Interwebbi servers; Port Scan detected from 52.188.87.66 (US/United States/-). 5 hits in the last 236 seconds; IP: 52.188.87.66; Ports: *; Direction: 0; Trigger: PS_LIMIT; show less	Brute-Force
🇨🇦 Slackin' Jack	2026-06-14 23:28:09 (13 hours ago)	Triggered honeypot on port 2082. (52.188.87.66)	Port Scan
🇺🇸 bulkvm.com	2026-06-14 22:55:28 (14 hours ago)	[bulkvm.com/honeypot] HTTP port scan. Port: 13653, Time: 2026-06-14 22:55:16 UTC	Port Scan
🇸🇪 Esko	2026-06-14 22:08:44 (15 hours ago)	52.188.87.66 - - [14/Jun/2026:22:08:44 +0000] "GET /.env.production HTTP/1.1" 488 0 "-" "Mozilla/5.0 ... show more 52.188.87.66 - - [14/Jun/2026:22:08:44 +0000] "GET /.env.production HTTP/1.1" 488 0 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Web App Attack
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-03 08:00:00 (1 week ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇸🇬 drewf.ink	2026-06-03 07:12:23 (1 week ago)	[07:12] Port scanning. Port(s) scanned: TCP/2087	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 06:44:25 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 52.188.87.66 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.188.87.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:44:20.382479 2026] [security2:error] [pid 12736:tid 12736] [client 52.188.87.66:4187] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.75"] [uri "/.git/config"] [unique_id "ah_NRHKXJ_VmYru3OhVGXQAAACs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 SOC [GOLINE SA]	2026-06-03 06:38:24 (1 week ago)	IDS Alert: GPL WEB_SERVER 403 Forbidden === ATTACK === Signature: GPL WEB_SERVER 403 Forbidden \| SID ... show more IDS Alert: GPL WEB_SERVER 403 Forbidden === ATTACK === Signature: GPL WEB_SERVER 403 Forbidden \| SID: 2101201 \| Severity: 2 \| Category: Attempted Information Leak === SOURCE === IP: 52.188.87.66 (IPv4) \| Port: 80 \| Country: United States \| ISP: MSFT \| rDNS: None === TARGET === Host: nextcloud.goline.ch \| IP: 52.188.87.66 \| Port: 4483 \| Protocol: TCP \| App: http === RESPONSE === Time: 2026-06-03 06:38:23 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇺🇸 MPL	2026-06-03 06:32:49 (1 week ago)	tcp port scan (5 or more attempts)	Port Scan
🇹🇷 Threat.live	2026-06-03 05:25:04 (1 week ago)	Suspicious Connection Attempts	Brute-Force
🇹🇭 Sawasdee	2026-06-03 05:00:17 (1 week ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 189.230.171.129

🇳🇱 176.65.139.56

🇺🇸 172.202.9.120

🇦🇹 159.100.25.183

🇸🇬 101.100.194.252

🇺🇸 71.104.69.198

🇫🇮 65.21.155.186

🇮🇳 49.204.29.71

🇳🇱 45.148.10.152

🇮🇳 42.104.210.159

🇸🇦 37.105.219.23

🇲🇾 202.165.29.123

🇮🇳 49.43.91.54

🇧🇷 45.164.251.67

🇫🇷 37.65.162.233

🇬🇧 217.43.52.136

🇩🇪 213.209.159.241

🇿🇦 197.185.140.10

🇨🇳 180.76.234.93

🇻🇳 125.235.229.41