JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.141.57.167

52.141.57.167 was found in our database!

This IP was reported 211 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.141.57.167

Whois 52.141.57.167

IP Abuse Reports for 52.141.57.167:

This IP address has been reported a total of 211 times from 184 distinct sources. 52.141.57.167 was first reported on June 28th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 YF	2026-06-28 17:15:10 (2 hours ago)	WordPress directory enumeration	Web App Attack
🇫🇮 danskefilm.dk	2026-06-28 17:00:01 (2 hours ago)	wordpress login attempts	Web App Attack
🇧🇪 boxed-it	2026-06-28 16:59:19 (2 hours ago)	GET /wp-content/plugins/hellopress/wp_filemanager.php (Tarpitted for 2m10s, wasted 7.73kB)	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-28 16:57:50 (2 hours ago)	Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 52.141.57.167 - - [28/Jun/2026:17:57:48 ... show more Apache 403 Forbidden Access. Evidence: [REDACTED_DOMAIN]:80 52.141.57.167 - - [28/Jun/2026:17:57:48 +0100] GET /wp-content/uploads/ HTTP/1.1 301 529 - - show less	Web App Attack
🇺🇸 WizardsToolkit	2026-06-28 16:56:48 (2 hours ago)	attempted to access /404.php	Web App Attack
🇩🇪 Stefan Dreher	2026-06-28 16:50:39 (2 hours ago)	52.141.57.167 - - [28/Jun/2026:18:50:36 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 52.141.57.167 - - [28/Jun/2026:18:50:36 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 153 "-" "-" 52.141.57.167 - - [28/Jun/2026:18:50:37 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 153 "-" "-" 52.141.57.167 - - [28/Jun/2026:18:50:37 +0200] "GET /x.php HTTP/1.1" 404 153 "-" "-" 52.141.57.167 - - [28/Jun/2026:18:50:38 +0200] "GET /by.php HTTP/1.1" 404 153 "-" "-" 52.141.57.167 - - [28/Jun/2026:18:50:38 +0200] "GET /cxs.php HTTP/1.1" 404 153 "-" "-" ... show less	Hacking Brute-Force
🇦🇹 nomzamo	2026-06-28 16:47:02 (2 hours ago)	Fail2Ban reported: nginx-noscript	Brute-Force Bad Web Bot
🇺🇸 deskpass.com	2026-06-28 16:46:20 (2 hours ago)	GET /2X0025Tn.php	Web App Attack
🇨🇿 ptlab	2026-06-28 16:45:16 (2 hours ago)	Detected wp_admin attack from WP-host.	Hacking Web App Attack
Anonymous	2026-06-28 16:39:57 (2 hours ago)	52.141.57.167 - autoconfig.sliver85.eu - [28/Jun/2026:18:39:55 +0200] "GET /wp-content/plugins/hello ... show more 52.141.57.167 - autoconfig.sliver85.eu - [28/Jun/2026:18:39:55 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 444 "-" 52.141.57.167 - autoconfig.sliver85.eu - [28/Jun/2026:18:39:55 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 444 "-" 52.141.57.167 - autoconfig.sliver85.eu - [28/Jun/2026:18:39:56 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 444 "-" ... show less	Brute-Force Web App Attack
🇩🇪 itsolon	2026-06-28 16:39:40 (2 hours ago)	[28/Jun/2026:18:39:38 +0200] 178266477856.987256 52.141.57.167 33249 217.154.7.177 80 [28/Jun/2026:1 ... show more [28/Jun/2026:18:39:38 +0200] 178266477856.987256 52.141.57.167 33249 217.154.7.177 80 [28/Jun/2026:18:39:39 +0200] 178266477964.501066 52.141.57.167 64203 217.154.7.177 80 [28/Jun/2026:18:39:39 +0200] 17826647799.307697 52.141.57.167 33249 217.154.7.177 80 [28/Jun/2026:18:39:39 +0200] 178266477936.026942 52.141.57.167 20598 217.154.7.177 80 [28/Jun/2026:18:39:39 +0200] 17826647794.830307 52.141.57.167 64203 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇵🇱 sefinek.net	2026-06-28 16:38:37 (2 hours ago)	Triggered Cloudflare WAF (firewallCustom) from KR. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from KR. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /ssixta.php \| UA: Empty string • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Entalpi.net	2026-06-28 16:36:18 (2 hours ago)	Repeated requests against sensitive web endpoints	Web App Attack
Anonymous	2026-06-28 16:36:02 (2 hours ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇳🇱 BlueWire Hosting	2026-06-28 16:32:28 (2 hours ago)	Probing websites for vulnerabilities	Web App Attack

Showing 1 to 15 of 211 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 144.225.187.181

🇱🇺 64.89.161.196

🇰🇷 220.84.137.99

🇬🇧 194.50.235.132

🇵🇱 185.79.139.16

🇺🇸 172.172.196.177

🇦🇪 165.154.12.108

🇷🇺 85.93.55.57

🇩🇪 46.101.180.162

🇻🇳 14.191.136.236

🇹🇷 93.93.105.231

🇧🇬 79.124.56.210

🇺🇸 13.219.119.58

🇺🇸 2a04:c300:400::107

🇺🇸 2603:7001:f3f0:1130:f15a:3612:be53:f693

🇰🇷 211.37.174.62

🇺🇸 180.178.51.110

🇸🇬 168.144.143.123

🇺🇸 158.94.187.169

🇧🇷 138.97.133.231