JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.161.50.34

52.161.50.34 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 95%: ?

95%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.161.50.34

Whois 52.161.50.34

IP Abuse Reports for 52.161.50.34:

This IP address has been reported a total of 23 times from 20 distinct sources. 52.161.50.34 was first reported on September 24th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 11:30:00 (2 days ago)	The following intrusion was observed: Spring.Boot.Actuator.Unauthorized.Access.	IoT Targeted
🇺🇸 Mark--	2026-06-02 11:22:17 (2 days ago)	Unauthorized connection attempt detected port 8080	Hacking
🇯🇵 VXG-NET	2026-06-02 07:22:44 (2 days ago)	port=80, indicator_type=info-leak	Hacking
🇺🇸 SketchyDude	2026-06-02 07:15:15 (2 days ago)	Banned by Fail2Ban jail: apache-auth	Brute-Force Web App Attack
🇺🇸 gu-alvareza	2026-06-02 07:05:38 (2 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
🇬🇧 PeravixGroup	2026-06-02 06:45:01 (2 days ago)	Imunify360 WAF block (graylisted)	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-02 06:32:41 (2 days ago)	52.161.50.34 - - [02/Jun/2026:09:32:38 +0300] "GET /wp-config.php HTTP/1.1" 404 456 "-" "Mozilla/5.0 ... show more 52.161.50.34 - - [02/Jun/2026:09:32:38 +0300] "GET /wp-config.php HTTP/1.1" 404 456 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 52.161.50.34 - - [02/Jun/2026:09:32:40 +0300] "GET /wp-config.php.bak HTTP/1.1" 404 456 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇺🇸 doll.gl	2026-06-02 06:23:01 (2 days ago)	52.161.50.34 - - [02/Jun/2026:06:23:00 +0000] "GET /wp-config.php HTTP/1.1" 404 134 "-" "Mozilla/5.0 ... show more 52.161.50.34 - - [02/Jun/2026:06:23:00 +0000] "GET /wp-config.php HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 05:45:14 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 52.161.50.34 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.161.50.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 01:45:10.180427 2026] [security2:error] [pid 26735:tid 26735] [client 52.161.50.34:8474] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.248"] [uri "/.env.save"] [unique_id "ah5t5ieQHLpWnwqYdqQKUgAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-02 05:21:23 (2 days ago)	Multiple WAF Violations	Web App Attack
🇹🇭 Sawasdee	2026-06-02 05:18:10 (2 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
Anonymous	2026-06-02 05:00:00 (2 days ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-02 04:08:23 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 52.161.50.34 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.161.50.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 00:08:17.219501 2026] [security2:error] [pid 1741:tid 1741] [client 52.161.50.34:9001] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.166"] [uri "/.git/HEAD"] [unique_id "ah5XMXHqp0EACGZZHYOiZAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-02 03:34:28 (3 days ago)	2026-06-02 03:34:28 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
Anonymous	2026-06-02 03:31:14 (3 days ago)	52.161.50.34 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 se ... show more 52.161.50.34 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: [2026-06-01 21:30:24 -0600] info [whostmgrd] 13.87.216.120 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-01 21:22:12 -0600] info [whostmgrd] 52.161.50.34 - root "GET /cpsess2100039434/json-api/version?api.version=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-01 21:31:11 -0600] info [whostmgrd] 13.87.216.120 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-01 21:21:26 -0600] info [whostmgrd] 52.161.50.34 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-01 21:22:02 -0600] info [whostmgrd] 52.161.50.34 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect IP Addresses Blocked: 13.87.216.120 (US/United States/-) show less	Port Scan

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.93.164.218

🇹🇼 198.235.24.96

🇿🇦 172.68.42.108

🇨🇳 118.196.114.236

🇮🇩 103.155.46.254

🇧🇩 103.153.110.190

🇳🇱 77.83.39.154

🇺🇸 68.183.50.105

🇳🇱 45.148.10.183

🇸🇬 43.160.249.143

🇬🇧 193.32.209.232

🇬🇧 172.166.156.168

🇺🇸 154.21.80.14

🇲🇲 136.228.161.66

🇹🇼 125.227.69.224

🇰🇷 124.195.255.12

🇫🇷 91.231.89.147

🇺🇸 88.216.68.106

🇺🇸 45.79.190.96

🇮🇳 20.193.141.133