JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.161.182.113

52.161.182.113 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.161.182.113

Whois 52.161.182.113

IP Abuse Reports for 52.161.182.113:

This IP address has been reported a total of 19 times from 19 distinct sources. 52.161.182.113 was first reported on April 22nd 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 oisecnet	2026-06-14 21:03:35 (19 hours ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-14. 15 requests from this ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-14. 15 requests from this IP. show less	Brute-Force Web App Attack SSH
🇧🇪 sid3windr	2026-06-14 12:06:03 (1 day ago)	GET /.git/HEAD (Tarpitted for , wasted 120B)	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 09:54:29 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 52.161.182.113 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.161.182.113 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 05:54:23.003718 2026] [security2:error] [pid 14692:tid 14692] [client 52.161.182.113:47199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.164"] [uri "/.git/HEAD"] [unique_id "ai56T8-ArgzVajuZDpPlyAAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 maviei	2026-06-14 09:45:53 (1 day ago)	2026-06-14T06:45:52.779620-03:00 srv1251771 kernel: [1197182.412112] [UFW BLOCK] IN=eth0 OUT= MAC=40 ... show more 2026-06-14T06:45:52.779620-03:00 srv1251771 kernel: [1197182.412112] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=52.161.182.113 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=7976 DF PROTO=TCP SPT=48334 DPT=2078 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T06:45:53.096386-03:00 srv1251771 kernel: [1197182.728913] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=52.161.182.113 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=3662 DF PROTO=TCP SPT=48382 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T06:45:53.096533-03:00 srv1251771 kernel: [1197182.728989] [UFW BLOCK] IN=eth0 OUT= MAC=40:e8:d4:b8:29:bb:44:38:39:ff:ff:41:08:00 SRC=52.161.182.113 DST=72.61.36.27 LEN=60 TOS=0x00 PREC=0x00 TTL=46 ID=4059 DF PROTO=TCP SPT=48339 DPT=2077 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 dynamix	2026-06-14 06:01:04 (1 day ago)	Multiple WAF Violations	Web App Attack
🇬🇧 PeravixGroup	2026-06-02 07:22:28 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇹🇷 SeczarSecureOps	2026-06-02 05:53:52 (1 week ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (8 events in 10min) at 2026-06-02 05:53	Port Scan
Anonymous	2026-06-02 05:00:00 (1 week ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇩🇪 marcel-knorr.de	2026-06-02 04:11:52 (1 week ago)	[MK-Root1] Blocked by UFW	Brute-Force Port Scan
🇬🇧 sandra361	2026-06-02 04:05:01 (1 week ago)	Port scan detected: 7 attempts across 7 ports (2082,2083,2087,443,80,8080,8443). \| Evidence: GHOST_S ... show more Port scan detected: 7 attempts across 7 ports (2082,2083,2087,443,80,8080,8443). \| Evidence: GHOST_SCAN:IN=enp1s0f0 OUT= SRC=52.161.182.113 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=33983 DF PROTO=TCP SPT=51268 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 ut-addicted.com	2026-06-02 03:36:36 (1 week ago)	\[02/Jun/2026:05:36:32 +0200\] ah5PwDClaqi3EpPdlXzqGQAAAM4 52.161.182.113 51268 78.46.187.162 80 \[0 ... show more \[02/Jun/2026:05:36:32 +0200\] ah5PwDClaqi3EpPdlXzqGQAAAM4 52.161.182.113 51268 78.46.187.162 80 \[02/Jun/2026:05:36:32 +0200\] ah5PwDClaqi3EpPdlXzqHQAAAMs 52.161.182.113 51272 78.46.187.162 80 \[02/Jun/2026:05:36:34 +0200\] ah5PwjClaqi3EpPdlXzqIQAAAMo 52.161.182.113 51266 78.46.187.162 80 show less	Brute-Force Web App Attack
🇺🇸 xmission.com	2026-06-02 03:16:51 (1 week ago)	Blocked by UFW (TCP on 2087) Source port: 51209 TTL: 53 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 51209 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 52.161.182.113) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇳🇱 COMPLEX	2026-06-02 02:20:24 (1 week ago)	Unsolicited TCP traffic \| Action: DROP \| Port 2083	Brute-Force
🇷🇸 Scan	2026-06-02 01:46:35 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-02 01:30:52 (1 week ago)	Tried our host z.	Port Scan Hacking Exploited Host

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.180.218.82

🇨🇷 179.48.248.245

🇲🇻 43.231.29.149

🇧🇴 200.105.212.87

🇲🇽 189.252.67.198

🇺🇸 185.180.141.70

🇨🇳 183.153.40.7

🇺🇸 172.232.15.250

🇺🇸 172.200.228.35

🇨🇳 120.48.163.155

🇨🇳 111.160.133.62

🇩🇪 69.5.169.208

🇺🇸 66.132.195.83

🇺🇸 66.132.186.249

🇺🇸 47.254.25.184

🇩🇪 45.135.194.83

🇺🇸 35.243.23.235

🇮🇷 5.234.59.128

🇺🇸 3.138.32.108

🇺🇸 209.222.101.194