JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.161.51.144

52.161.51.144 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.161.51.144

Whois 52.161.51.144

IP Abuse Reports for 52.161.51.144:

This IP address has been reported a total of 35 times from 27 distinct sources. 52.161.51.144 was first reported on November 9th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇾 lns.bz	2026-06-03 00:01:33 (1 day ago)	.env scanning [BY]	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-02 23:08:02 (1 day ago)	Fail2Ban - [RECIDIVE]Repeat offender across multiple jails on recidive ... [ice02]	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇫🇷 Dechavanne	2026-06-02 23:00:08 (1 day ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-02 22:20:41 (1 day ago)	Portscan: TCP/2086, TCP/2087, TCP/8443, TCP/2083, TCP/8080, TCP/2082	Port Scan
Anonymous	2026-06-02 22:13:34 (1 day ago)	tls scan	Port Scan
🇬🇧 thetomtaylor.co.uk	2026-06-02 22:06:02 (1 day ago)	Fail2Ban - [RECIDIVE]Repeat offender across multiple jails on recidive ... [ice01,wa02]	Brute-Force Bad Web Bot Exploited Host Web App Attack
🇨🇭 Kepler-1649c	2026-06-02 22:05:20 (1 day ago)	Detected Attack: HTPasswd.Access	Hacking
🇺🇸 TPI-Abuse	2026-06-02 21:58:21 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 52.161.51.144 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.161.51.144 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 17:58:13.270336 2026] [security2:error] [pid 8626:tid 8626] [client 52.161.51.144:27161] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.196"] [uri "/.git/HEAD"] [unique_id "ah9R9TMZMXT1gKZuX5B3twAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-02 21:28:05 (1 day ago)	Blocked by UFW (TCP on 2087) Source port: 27189 TTL: 53 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 27189 TTL: 53 Packet length: 60 TOS: 0x00 This report (for 52.161.51.144) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇿 Honzas	2026-06-02 21:09:33 (1 day ago)	Unsolicited connection attemp, port 443/TCP	Brute-Force
🇫🇷 Petre 21_ip	2026-06-02 20:59:29 (1 day ago)	2026-06-02T22:59:28.656464+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-02T22:59:28.656464+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=52.161.51.144 DST=155.133.26.57 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=8962 DF PROTO=TCP SPT=27393 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇬🇧 consul.to	2026-06-02 20:42:08 (1 day ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 RAP	2026-06-02 20:12:45 (1 day ago)	2026-06-02 20:12:45 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-02 20:05:02 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 144.31.14.203

🇫🇷 91.231.89.178

🇮🇶 185.244.152.97

🇲🇴 182.93.50.90

🇮🇩 103.175.215.254

🇫🇷 91.231.89.236

🇫🇷 91.231.89.152

🇫🇷 91.231.89.61

🇱🇹 77.90.185.207

🇨🇳 61.178.24.146

🇮🇳 59.93.107.172

🇺🇸 50.6.196.179

🇺🇦 46.200.89.80

🇺🇸 40.124.169.38

🇬🇧 35.203.211.202

🇧🇷 186.195.103.182

🇮🇩 182.10.131.59

🇺🇸 162.216.149.135

🇮🇩 157.15.40.1

🇺🇸 104.192.3.74