JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.160.164.120

52.160.164.120 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 71%: ?

71%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.160.164.120

Whois 52.160.164.120

IP Abuse Reports for 52.160.164.120:

This IP address has been reported a total of 29 times from 25 distinct sources. 52.160.164.120 was first reported on September 12th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-10 13:04:23 (2 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
Anonymous	2026-06-10 12:59:23 (2 weeks ago)	2026-06-10 12:59:23 warning[1977267]: host unknown[52.160.164.120]: unauthorized access at ... show more 2026-06-10 12:59:23 warning[1977267]: host unknown[52.160.164.120]: unauthorized access attempted: tcp/8080 show less	Port Scan Brute-Force
🇹🇷 Threat.live	2026-06-10 12:25:02 (2 weeks ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 doll.gl	2026-06-10 11:19:59 (2 weeks ago)	52.160.164.120 - - [10/Jun/2026:11:19:57 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5 ... show more 52.160.164.120 - - [10/Jun/2026:11:19:57 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 barbarella	2026-06-10 11:18:15 (2 weeks ago)	Multiple (20) times attack on http port 80: hacking attempt of version control system (GET /.git/HEA ... show more Multiple (20) times attack on http port 80: hacking attempt of version control system (GET /.git/HEAD) 11:18:16 Configuration snooping (GET /.git/config) 11:18:17 Configuration snooping with .env file (GET /.env) 11:18:18 Configuration snooping with modified .env.* file (GET /.env.local) 11:18:21 Configuration snooping with modified .env.* file (GET /.env.save) 11:18:23 Hacking attempt of vulnerable PHP Script (GET /wp-config.php) 11:18:24 Hacking attempt of Wordpress (GET /wp-config.php.bak) 11:18:25 illegal scan for AWS credentials file (GET /.aws/credentials) 11:18:26 Configuration snooping (GET /config/database.yml) show less	Hacking Web App Attack
🇺🇸 RAP	2026-06-10 11:01:35 (2 weeks ago)	2026-06-10 11:01:35 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-10 10:24:48 (2 weeks ago)	Blocked by UFW (TCP on 8443) Source port: 63395 TTL: 52 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8443) Source port: 63395 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 52.160.164.120) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 ISPLtd	2026-06-10 10:01:19 (2 weeks ago)	Jun 10 04:01:18 52.160.164.120 TCP SPT=62657 DPT=2087 SYN Jun 10 04:01:18 52.160.164.120 TCP SPT=626 ... show more Jun 10 04:01:18 52.160.164.120 TCP SPT=62657 DPT=2087 SYN Jun 10 04:01:18 52.160.164.120 TCP SPT=62697 DPT=2086 SYN Jun 10 04:01:18 52.160.164.120 TCP SPT=62665 DPT=2082 WIND ... show less	Port Scan
🇺🇸 lime	2026-06-10 08:50:21 (2 weeks ago)	52.160.164.120 - - [10/Jun/2026:08:50:21 +0000] "GET /.env.production HTTP/1.1" 302 548 "-" "Mozilla ... show more 52.160.164.120 - - [10/Jun/2026:08:50:21 +0000] "GET /.env.production HTTP/1.1" 302 548 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Hacking Web App Attack
🇫🇷 alexsky06	2026-06-10 08:40:22 (2 weeks ago)	WAF block: crowdsecurity/vpatch-git-config from 52.160.164.120	Web App Attack Hacking
🇺🇸 gu-alvareza	2026-06-10 07:06:07 (2 weeks ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-07 00:57:10 (2 weeks ago)	2026-06-07 00:57:10 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-06 23:59:49 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 101.36.97.172

🇺🇸 209.87.169.169

🇭🇰 103.20.223.56

🇺🇸 209.112.91.75

🇸🇬 194.164.107.5

🇩🇪 172.217.34.16

🇪🇸 158.158.47.67

🇺🇸 134.195.101.74

🇨🇳 121.24.30.76

🇺🇸 66.132.172.131

🇧🇷 45.164.251.106

🇺🇸 45.3.49.60

🇭🇰 43.155.25.249

🇨🇳 203.189.221.17

🇺🇸 147.185.132.101

🇮🇶 65.20.129.28

🇩🇪 43.228.157.9

🇺🇸 20.29.21.25

🇨🇳 1.192.59.214

🇰🇷 220.94.238.133