JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.224.244.97

52.224.244.97 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 51%: ?

51%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.224.244.97

Whois 52.224.244.97

IP Abuse Reports for 52.224.244.97:

This IP address has been reported a total of 18 times from 15 distinct sources. 52.224.244.97 was first reported on April 27th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Admins@FBN	2026-06-13 09:36:25 (8 hours ago)	FW-PortScan: Traffic Blocked srcport=49925 dstport=8000	Port Scan
🇺🇸 MPL	2026-06-13 08:07:27 (9 hours ago)	tcp port scan (44 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-13 06:28:45 (11 hours ago)	Blocked by UFW on MVI [3000/tcp] \| SPT: 49160 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [3000/tcp] \| SPT: 49160 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-13 05:32:32 (12 hours ago)	(mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 01:32:28.276074 2026] [security2:error] [pid 24285:tid 24285] [client 52.224.244.97:49161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.143"] [uri "/.git/HEAD"] [unique_id "aizrbGfpCofqE7WIPBJ-nQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2026-05-08 01:31:44 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2026-04-27 23:05:04 (1 month ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 22:51:58 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 18:51:55.243065 2026] [security2:error] [pid 335:tid 335] [client 52.224.244.97:53275] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "femdomchatbot.com"] [uri "/.git/config"] [unique_id "ae_oi6Pf3dzSle2PTjyjjQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-04-27 22:22:21 (1 month ago)	Honeypot access: Git configuration file access attempt. Path: /.git/config	Web App Attack
🇺🇸 Alvino	2026-04-27 22:09:11 (1 month ago)	Blocked due to using a VPN or data center IP with abuse: 41	Web Spam VPN IP
Anonymous	2026-04-27 22:03:02 (1 month ago)		Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-27 22:00:52 (1 month ago)	Auto-ban: >3000 req/min op 2026-04-27	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-04-27 21:39:05 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 17:38:59.837966 2026] [security2:error] [pid 25584:tid 25584] [client 52.224.244.97:53339] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ads.cruisingforsex.com"] [uri "/.git/config"] [unique_id "ae_Xc5yc5drVFZy6-63zOAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-04-27 21:36:23 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.git/config \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇳🇿 Antinson	2026-04-27 20:16:33 (1 month ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-27 19:49:48 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.224.244.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 15:49:44.498093 2026] [security2:error] [pid 27841:tid 27882] [client 52.224.244.97:53279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yakamengen.com"] [uri "/.git/config"] [unique_id "ae-92Bj7gOqu8SfD05UbHgAAAMw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇦 160.179.177.104

🇨🇳 123.129.245.249

🇷🇴 80.94.92.168

🇨🇳 59.52.103.169

🇺🇸 34.208.194.230

🇸🇬 193.37.32.110

🇺🇸 147.185.132.161

🇺🇸 107.172.88.206

🇮🇩 103.191.14.210

🇮🇩 202.145.0.61

🇳🇱 185.136.15.10

🇩🇪 167.94.146.53

🇨🇳 116.167.93.149

🇷🇴 92.118.39.225

🇨🇳 39.163.17.178

🇮🇳 34.93.241.217

🇮🇳 27.123.114.190

🇺🇸 209.87.149.26

🇩🇪 185.220.101.139

🇨🇳 115.231.78.11