JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.238.24.35

52.238.24.35 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 91%: ?

91%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.238.24.35

Whois 52.238.24.35

IP Abuse Reports for 52.238.24.35:

This IP address has been reported a total of 35 times from 29 distinct sources. 52.238.24.35 was first reported on July 30th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Kepler-1649c	2026-06-19 22:05:15 (1 day ago)	Detected Attack: HTPasswd.Access	Hacking
🇺🇸 TPI-Abuse	2026-06-19 19:15:58 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 52.238.24.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.238.24.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 15:15:54.341998 2026] [security2:error] [pid 10451:tid 10451] [client 52.238.24.35:43041] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.91"] [uri "/.git/HEAD"] [unique_id "ajWVaheOlIw7kwp6dboUsgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-19 15:06:03 (1 day ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇩🇪 ghostwarriors	2026-06-19 14:20:20 (1 day ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 00:20:41 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 thetomtaylor.co.uk	2026-06-02 23:08:02 (2 weeks ago)	Fail2Ban - [RECIDIVE]Repeat offender across multiple jails on recidive ... [ice02]	Brute-Force Bad Web Bot Exploited Host Web App Attack
Anonymous	2026-06-02 22:20:48 (2 weeks ago)	Portscan: TCP/443, TCP/80, TCP/2083, TCP/2087, TCP/8443, TCP/8080, TCP/2082, TCP/2086	Port Scan
🇬🇧 thetomtaylor.co.uk	2026-06-02 22:06:02 (2 weeks ago)	Fail2Ban - [RECIDIVE]Repeat offender across multiple jails on recidive ... [ice01,wa01,wa02]	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇺🇸 kosada.com	2026-06-02 21:22:23 (2 weeks ago)	Web vulnerability probing: /wp-config.php (bogus vhost/SNI)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 21:09:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 52.238.24.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.238.24.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:09:40.694646 2026] [security2:error] [pid 22740:tid 22740] [client 52.238.24.35:9282] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.169"] [uri "/.git/HEAD"] [unique_id "ah9GlKUhWfqOfkHxG7uvIwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-02 20:05:02 (2 weeks ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-02 20:03:23 (2 weeks ago)	tcp port scan (32 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-06-02 19:53:50 (2 weeks ago)	Blocked by UFW (TCP on 80) Source port: 8656 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 5 ... show more Blocked by UFW (TCP on 80) Source port: 8656 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 52.238.24.35) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-02 19:47:10 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇮🇪 AutosOnShow	2026-06-02 19:41:06 (2 weeks ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-02 19:40:05.866 \|	Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.185

🇺🇸 161.35.108.151

🇨🇳 106.75.20.185

🇷🇺 91.202.233.115

🇸🇬 68.183.178.130

🇳🇱 45.148.10.230

🇺🇸 35.188.112.111

🇺🇸 3.219.216.1

🇳🇱 195.178.110.30

🇧🇷 191.176.168.186

🇩🇪 167.94.146.44

🇸🇬 148.72.209.74

🇳🇿 121.73.168.231

🇹🇭 117.121.214.50

🇮🇳 103.111.228.36

🇿🇦 102.64.41.98

🇭🇰 8.210.246.67

🇩🇪 213.209.159.225

🇹🇼 210.79.60.50

🇭🇰 199.45.155.80