JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.234.40.192

52.234.40.192 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 79%: ?

79%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.234.40.192

Whois 52.234.40.192

IP Abuse Reports for 52.234.40.192:

This IP address has been reported a total of 51 times from 39 distinct sources. 52.234.40.192 was first reported on August 15th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 sc user	2026-06-10 05:42:00 (1 week ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇬🇧 sc user	2026-06-09 05:27:23 (1 week ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇬🇧 sc user	2026-06-07 08:57:32 (1 week ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇩🇪 Da_tschek	2026-06-06 18:58:16 (1 week ago)	Port scanning	Port Scan Hacking
🇩🇪 kexol	2026-06-06 13:43:24 (1 week ago)	multiport scan, 2 ports scanned: 8080, 8443	Port Scan
🇩🇪 Blexyel	2026-06-06 13:34:35 (1 week ago)	52.234.40.192 - - [06/Jun/2026:15:34:35 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 ... show more 52.234.40.192 - - [06/Jun/2026:15:34:35 +0200] "GET /.git/config HTTP/1.1" 200 264 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "136.243.2.38" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-06 13:03:53 (1 week ago)	PORT & IP Scan.	Port Scan Brute-Force
🇩🇪 Dominik Lysiak	2026-06-06 11:59:42 (1 week ago)	52.234.40.192 - - [06/Jun/2026:13:59:38 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (W ... show more 52.234.40.192 - - [06/Jun/2026:13:59:38 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 52.234.40.192 - - [06/Jun/2026:13:59:40 +0200] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.234.40.192 - - [06/Jun/2026:13:59:42 +0200] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇺🇸 RAP	2026-06-06 11:02:30 (1 week ago)	2026-06-06 11:02:30 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 ThreatHunter7	2026-06-06 11:00:02 (1 week ago)	Malicious scanning/attack activity detected. 8 suspicious requests from this IP.	Web App Attack
🇺🇸 MPL	2026-06-06 10:46:53 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 rellim.com	2026-06-06 10:23:33 (1 week ago)	Jun 6 03:23:33 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 6 03:23:33 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.234.40.192 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=41728 DF PROTO=TCP SPT=40197 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 6 03:23:33 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.234.40.192 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=79 DF PROTO=TCP SPT=40205 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 6 03:23:33 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=52.234.40.192 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=1897 DF PROTO=TCP SPT=40203 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-06 10:10:33 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 52.234.40.192 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.234.40.192 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 06:10:25.479994 2026] [security2:error] [pid 18011:tid 18011] [client 52.234.40.192:38027] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.43"] [uri "/.git/HEAD"] [unique_id "aiPyEdOyTdVMrFkhBXPPHwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 SysAdmin Dylan	2026-06-06 10:06:09 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 52.234.40.192 (US/United States/-): 10 in the l ... show more (mod_security) mod_security (id:210730) triggered by 52.234.40.192 (US/United States/-): 10 in the last 3600 secs show less	Brute-Force
🇹🇭 Sawasdee	2026-06-06 09:42:08 (1 week ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 194.5.48.191

🇹🇿 169.255.185.110

🇸🇬 168.144.101.167

🇨🇳 58.210.34.74

🇧🇪 34.156.211.214

🇺🇸 2604:a940:302:118:0:40::

🇮🇳 103.25.47.94

🇲🇦 102.53.15.17

🇺🇸 52.20.198.190

🇷🇺 46.163.174.216

🇪🇸 37.134.163.51

🇺🇸 24.229.22.106

🇮🇷 212.80.9.235

🇲🇽 200.68.173.41

🇳🇱 195.178.110.30

🇲🇽 187.216.224.85

🇧🇷 164.152.250.192

🇩🇪 151.242.147.40

🇨🇳 122.13.25.186

🇵🇭 113.19.181.127