JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.234.40.200

52.234.40.200 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 57%: ?

57%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.234.40.200

Whois 52.234.40.200

IP Abuse Reports for 52.234.40.200:

This IP address has been reported a total of 19 times from 14 distinct sources. 52.234.40.200 was first reported on May 9th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 06:09:27 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 52.234.40.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.234.40.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 02:09:20.619427 2026] [security2:error] [pid 20089:tid 20100] [client 52.234.40.200:51149] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.86"] [uri "/.git/HEAD"] [unique_id "aiZckGcbYPLkOAqFxP_eZQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 EDSL	2026-06-08 04:17:46 (2 weeks ago)	[mail.edsl.fr] Banned by Fail2ban (Jail: syswarden-secretshunter)	Bad Web Bot Hacking Port Scan Web App Attack
🇺🇸 Rip	2026-06-08 03:58:10 (2 weeks ago)	Automated recon attempt targeting restricted and sensitive paths.	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 03:42:24 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 52.234.40.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:949110) triggered by 52.234.40.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 23:42:14.173884 2026] [security2:error] [pid 26225:tid 26225] [client 52.234.40.200:52250] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "192.64.150.240"] [uri "/.git/HEAD"] [unique_id "aiY6FptB-sZZy34Pw2WaiAAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 02:59:03 (2 weeks ago)	Bot / scanning and/or hacking attempts: GET /.htpasswd HTTP/1.1, GET /.git/HEAD HTTP/1.1, GET /confi ... show more Bot / scanning and/or hacking attempts: GET /.htpasswd HTTP/1.1, GET /.git/HEAD HTTP/1.1, GET /config.php HTTP/1.1, GET /.DS_Store HTTP/1.1, GET /.env.production HTTP/1.1, GET /config/database.yml HTTP/1.1, GET /phpinfo.php HTTP/1.1, GET /app/config/parameters.yml HTTP/1.1, GET /.env.backup HTTP/1.1, GET /.env.save HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /backup.sql HTTP/1.1, GET /wp-config.php HTTP/1.1, GET /actuator/env HTTP/1.1, GET /.env HTTP/1.1, GET /.git/config HTTP/1.1, GET /server-status HTTP/1.1, GET /dump.sql HTTP/1.1, GET /wp-config.php.bak HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-08 02:10:33 (2 weeks ago)	Port Scan	Port Scan
🇷🇸 Scan	2026-06-08 01:05:56 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇳🇱 Selckie	2026-06-03 16:34:57 (2 weeks ago)	fail2ban: NGINX unusual impact	Web App Attack
Anonymous	2026-06-03 04:26:18 (2 weeks ago)	fail2ban:piguard2:14,18	Port Scan Brute-Force
🇩🇪 MaxMeier	2026-06-03 03:25:27 (2 weeks ago)	52.234.40.200 - - [03/Jun/2026:05:24:21 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Lin ... show more 52.234.40.200 - - [03/Jun/2026:05:24:21 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 52.234.40.200 - - [03/Jun/2026:05:24:27 +0200] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 52.234.40.200 - - [03/Jun/2026:05:24:29 +0200] "GET /.env.production HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 52.234.40.200 - - [03/Jun/2026:05:24:32 +0200] "GET /.env.backup HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" 52.234.40.200 - - [03/Jun/2026:05:24:36 +0200] "GET /.env.save HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 52.234.40.200 - - [03/Jun/2026:05:24:39 +0200] "GET /wp-confi ... show less	Bad Web Bot Web App Attack
🇹🇷 Threat.live	2026-06-03 02:35:04 (2 weeks ago)	Suspicious Connection Attempts	Brute-Force
🇷🇸 Scan	2026-06-03 02:23:57 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇧🇷 diego	2026-06-03 01:55:20 (2 weeks ago)	[probe-44-49] 2026-06-03 01:36:40, Client: 52.234.40.200, Protocol: 6, Unauthorized activity to HTTP ... show more [probe-44-49] 2026-06-03 01:36:40, Client: 52.234.40.200, Protocol: 6, Unauthorized activity to HTTP: POST /___proxy_subdomain_whm/login/ show less	Web App Attack
Anonymous	2026-06-03 01:25:38 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇫🇷 ISPLtd	2026-06-03 00:40:12 (2 weeks ago)	Jun 2 21:40:11 52.234.40.200 TCP SPT=62605 DPT=2087 SYN Jun 2 21:40:11 52.234.40.200 TCP SPT=62592 ... show more Jun 2 21:40:11 52.234.40.200 TCP SPT=62605 DPT=2087 SYN Jun 2 21:40:11 52.234.40.200 TCP SPT=62592 DPT=2086 SYN Jun 2 21:40:11 52.234.40.200 TCP SPT=62602 DPT=8080 ... show less	Port Scan

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.189.205.85

🇺🇸 172.234.218.245

🇫🇷 158.220.121.73

🇰🇷 119.192.249.195

🇪🇪 109.206.241.199

🇺🇸 67.207.93.64

🇧🇷 45.205.1.240

🇨🇳 42.123.123.238

🇸🇦 8.213.37.231

🇧🇷 200.153.86.250

🇬🇧 185.99.29.97

🇺🇸 152.32.183.27

🇹🇭 147.50.231.135

🇮🇳 125.19.206.54

🇸🇬 116.88.116.62

🇺🇸 65.49.1.125

🇱🇺 64.89.160.164

🇱🇹 62.60.130.235

🇨🇳 59.46.193.187

🇧🇪 34.140.222.244