JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.233.87.87

52.233.87.87 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 67%: ?

67%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.233.87.87

Whois 52.233.87.87

IP Abuse Reports for 52.233.87.87:

This IP address has been reported a total of 14 times from 14 distinct sources. 52.233.87.87 was first reported on March 25th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 bescared	2026-06-10 04:23:02 (4 days ago)	F2B - Malicious activity detected. Excessive port scans. -8ff06ede-	Port Scan
🇩🇪 Lino Project	2026-06-10 03:37:47 (4 days ago)	52.233.87.87 - - [10/Jun/2026:05:37:44 +0200] "GET /.git/HEAD HTTP/1.1" 404 360 "-" "Mozilla/5.0 (X1 ... show more 52.233.87.87 - - [10/Jun/2026:05:37:44 +0200] "GET /.git/HEAD HTTP/1.1" 404 360 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Nightreaver	2026-06-10 03:37:19 (4 days ago)	52.233.87.87 - - [10/Jun/2026:05:37:10 0200] "GET /.env.local HTTP/1.1" 404 457 "-" "Mozilla/5.0 (M ... show more 52.233.87.87 - - [10/Jun/2026:05:37:10 0200] "GET /.env.local HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.233.87.87 - - [10/Jun/2026:05:37:12 0200] "GET /.env.production HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 52.233.87.87 - - [10/Jun/2026:05:37:14 0200] "GET /.env.backup HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.233.87.87 - - [10/Jun/2026:05:37:16 0200] "GET /.env.save HTTP/1.1" 404 457 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" 52.233.87.87 - - [10/Jun/2026:05:37:19 0200] "GET /wp-config.php HTTP/1.1" 404 457 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0"[...] show less	Bad Web Bot Web App Attack
🇺🇸 donarev419	2026-06-10 03:34:32 (4 days ago)	Port scan detected on port 2083 (connection without data transfer)	Port Scan
Anonymous	2026-06-10 03:10:33 (4 days ago)	Port Scan	Port Scan
🇧🇪 voormedia	2026-06-10 02:56:37 (4 days ago)	Accessed trap at '/___proxy_subdomain_whm/login/'	Web App Attack
🇺🇸 sumnone	2026-06-10 01:27:45 (4 days ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
Anonymous	2026-06-10 00:50:02 (4 days ago)	suspicious request in access.log	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-10 00:48:54 (4 days ago)	Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 52.233.87.87 - - [10/Jun/2026:01: ... show more Web App Attack (ModSecurity Block). Evidence: [REDACTED_DOMAIN]:80 52.233.87.87 - - [10/Jun/2026:01:48:52 +0100] GET /wp-config.php HTTP/1.1 403 177 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 show less	Web App Attack
🇷🇸 Scan	2026-06-10 00:20:53 (4 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-09 23:57:22 (4 days ago)	52.233.87.87 - - [10/Jun/2026:01:57:20 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Wi ... show more 52.233.87.87 - - [10/Jun/2026:01:57:20 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 52.233.87.87 - - [10/Jun/2026:01:57:21 +0200] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" ... show less	Bad Web Bot Web App Attack
🇯🇵 demonsword	2026-05-09 17:13:20 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: finance.sina.com.cn:443 show less	Open Proxy Port Scan
🇺🇸 Rayulcifer	2026-04-25 21:38:17 (1 month ago)	52.233.87.87 - - [25/Apr/2026:16:38:15 -0500] "GET http://clients2.google.com/time/1/current?cup2key ... show more 52.233.87.87 - - [25/Apr/2026:16:38:15 -0500] "GET http://clients2.google.com/time/1/current?cup2key=9:4R5Hgc26bJr43sV321YsuzDIooiDO8e0xlAWDI3AHSY&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1" 200 855 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" 52.233.87.87 - - [25/Apr/2026:16:38:15 -0500] "CONNECT www.google.com:443 HTTP/1.1" 502 488 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇬🇧 OptimusGO	2026-03-25 19:46:41 (2 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-03-25 19:46:40 UTC Log evidence: 03/25/2026-19:46:40.077860 [wDrop] [] [1:1000002:1] SECURITY SSH Port Scanner Blocked [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 52.233.87.87:40964 -> 185.127.18.66:22 03/25/2026-19:46:40.077860 [wDrop] [] [1:7000501:1] FINSERV CRITICAL: Critical Service Scan [] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 52.233.87.87:40964 -> 185.127.18.66:22 show less	Port Scan Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 151.240.205.184

🇺🇸 104.234.208.113

🇫🇮 170.168.31.213

🇺🇸 143.198.127.97

🇺🇸 47.77.180.67

🇭🇰 45.142.154.47

🇺🇸 23.95.62.90

🇧🇷 186.233.103.8

🇧🇷 177.185.66.41

🇺🇸 162.216.149.158

🇭🇰 154.221.17.137

🇲🇦 154.146.240.123

🇳🇱 85.11.167.7

🇬🇧 77.68.83.86

🇺🇸 66.132.172.100

🇸🇬 47.128.117.4

🇳🇱 45.148.10.120

🇹🇼 34.81.71.5

🇬🇧 2a06:4880::20

🇺🇸 198.199.70.194