JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.190.141.32

52.190.141.32 was found in our database!

This IP was reported 70 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.190.141.32

Whois 52.190.141.32

IP Abuse Reports for 52.190.141.32:

This IP address has been reported a total of 70 times from 51 distinct sources. 52.190.141.32 was first reported on August 8th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 gadix	2026-06-02 10:03:37 (2 days ago)	[02/Jun/2026:12:03:32.952855 +0200] ah6qdPj3Q8JzVm961XbZCQAAAA0 52.190.141.32 36292 127.0.0.1 7080 [ ... show more [02/Jun/2026:12:03:32.952855 +0200] ah6qdPj3Q8JzVm961XbZCQAAAA0 52.190.141.32 36292 127.0.0.1 7080 [02/Jun/2026:12:03:36.007829 +0200] ah6qeMSIGMLe3uigS90d2gAAAEQ 52.190.141.32 42154 127.0.0.1 7080 [02/Jun/2026:12:03:37.205327 +0200] ah6qeVu-XoY-R-M-0OLPrgAAAJI 52.190.141.32 42162 127.0.0.1 7080 ... show less	Web App Attack
🇺🇸 eber965	2026-06-02 09:52:07 (2 days ago)	[Tue Jun 02 05:51:48 2026] [authz_core:error] [pid 178250:tid 140064898139904] [client 52.190.141.32 ... show more [Tue Jun 02 05:51:48 2026] [authz_core:error] [pid 178250:tid 140064898139904] [client 52.190.141.32:11271] AH01630: client denied by server configuration: /var/www/html/.git [Tue Jun 02 05:51:54 2026] [authz_core:error] [pid 178411:tid 140065384687360] [client 52.190.141.32:11265] AH01630: client denied by server configuration: /var/www/html/.env.backup [Tue Jun 02 05:52:00 2026] [authz_core:error] [pid 178250:tid 140064889747200] [client 52.190.141.32:11291] AH01630: client denied by server configuration: /var/www/html/.env.save [Tue Jun 02 05:52:03 2026] [authz_core:error] [pid 178411:tid 140064537417472] [client 52.190.141.32:11268] AH01630: client denied by server configuration: /var/www/html/.aws [Tue Jun 02 05:52:06 2026] [authz_core:error] [pid 178411:tid 140065897010944] [client 52.190.141.32:11280] AH01630: client denied by server configuration: /var/www/html/server-status ... show less	Brute-Force
🇺🇸 xmission.com	2026-06-02 09:03:10 (2 days ago)	Blocked by UFW (TCP on 8080) Source port: 11467 TTL: 52 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8080) Source port: 11467 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 52.190.141.32) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 MPL	2026-06-02 08:54:58 (2 days ago)	tcp/2087	Port Scan
🇬🇧 PeravixGroup	2026-06-02 07:18:39 (2 days ago)	Honeypot detection: Web admin panel / CMS brute-force probe on port 8080. Severity: HIGH. Aaran.clou ... show more Honeypot detection: Web admin panel / CMS brute-force probe on port 8080. Severity: HIGH. Aaran.cloud show less	Web App Attack
🇺🇸 MPL	2026-06-02 06:53:04 (2 days ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 sumnone	2026-06-02 06:41:25 (2 days ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
🇹🇼 kk_it_man	2026-06-02 06:00:12 (2 days ago)		Port Scan
🇩🇪 Roper123	2026-06-02 05:27:10 (2 days ago)	Web exploits	Web App Attack
🇹🇷 SeczarSecureOps	2026-06-02 05:19:49 (2 days ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (5 events in 10min) at 2026-06-02 05:19	Port Scan
🇹🇷 Threat.live	2026-06-02 04:05:06 (2 days ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 SSP	2026-06-02 03:30:01 (2 days ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking
🇺🇸 octageeks.com	2026-05-15 04:09:51 (2 weeks ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
Anonymous	2026-05-14 22:00:14 (2 weeks ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-05-14 21:55:46 (2 weeks ago)	(mod_security) mod_security (id:240335) triggered by 52.190.141.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 52.190.141.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 17:55:39.628722 2026] [security2:error] [pid 13884:tid 13884] [client 52.190.141.32:38150] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 52.190.141.32 (+1 hits since last alert)\|steinrauffamilylaw.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "steinrauffamilylaw.com"] [uri "/wp/xmlrpc.php"] [unique_id "agZE28ju2CS9BxTGZt_nWAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 70 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.95.191.47

🇺🇸 24.177.167.138

🇩🇪 213.209.159.56

🇹🇼 198.235.24.54

🇹🇼 114.32.151.97

🇺🇸 65.60.61.173

🇺🇸 44.197.196.98

🇺🇸 20.221.72.115

🇺🇸 216.158.231.210

🇧🇷 186.248.197.178

🇪🇨 181.196.253.198

🇬🇧 165.227.234.140

🇺🇸 86.38.216.148

🇩🇪 213.209.159.158

🇺🇸 205.210.31.94

🇹🇼 198.235.24.97

🇩🇪 185.242.3.230

🇺🇸 162.216.150.122

🇭🇰 118.193.44.184

🇨🇦 20.220.200.248