JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.161.55.200

52.161.55.200 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.161.55.200

Whois 52.161.55.200

IP Abuse Reports for 52.161.55.200:

This IP address has been reported a total of 34 times from 22 distinct sources. 52.161.55.200 was first reported on June 1st 2026, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (4 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-03 07:22:00 (20 hours ago)	HTPasswd.Access	Hacking
🇯🇵 VXG-NET	2026-06-03 06:44:49 (20 hours ago)	port=80, indicator_type=info-leak	Hacking
🇺🇸 MPL	2026-06-03 06:44:07 (20 hours ago)	tcp port scan (16 or more attempts)	Port Scan
🇺🇸 SSP	2026-06-03 05:50:04 (21 hours ago)	Automatic report from iptables firewall - detected malicious activity	DDoS Attack Brute-Force SSH Web App Attack Port Scan Hacking
🇧🇷 Vieira Filho	2026-06-03 05:45:42 (21 hours ago)	52.161.55.200 - - [03/Jun/2026:02:45:41 -0300] [35.198.31.82] "35.198.31.82" "GET /.env HTTP/1.1" 4 ... show more 52.161.55.200 - - [03/Jun/2026:02:45:41 -0300] [35.198.31.82] "35.198.31.82" "GET /.env HTTP/1.1" 404 169 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 0.000 ... show less	Brute-Force Web App Attack Exploited Host
🇺🇸 RAP	2026-06-03 04:50:19 (22 hours ago)	2026-06-03 04:50:19 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-03 04:23:43 (23 hours ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇹🇭 Sawasdee	2026-06-03 04:12:04 (23 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 EinfxchFinn	2026-06-03 03:44:46 (23 hours ago)	Unauthorized connection attempt to port 80 from 52.161.55.200	Port Scan
🇹🇷 SeczarSecureOps	2026-06-03 03:43:26 (23 hours ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (7 events in 10min) at 2026-06-03 03:43	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 03:08:26 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 52.161.55.200 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.161.55.200 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 23:08:22.201622 2026] [security2:error] [pid 10301:tid 10301] [client 52.161.55.200:40668] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.git/HEAD"] [unique_id "ah-aphRwFfvv0e5b8LinnAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 02:28:53 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇧🇪 voormedia	2026-06-03 02:27:14 (1 day ago)	Accessed trap at '/.git/config'	Web App Attack
🇫🇷 ✨	2026-06-03 02:03:22 (1 day ago)	Rule : Security Rule: Security Event: Security 0 - %592 52.161.55.200 40725 *hidden-privacy* ... show more Rule : Security Rule: Security Event: Security 0 - %592 52.161.55.200 40725 *hidden-privacy* 2087 6 243552 %597 13 show less	Port Scan Hacking Brute-Force

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:c84::1ec

🇨🇳 223.85.251.61

🇮🇳 150.129.168.41

🇸🇬 149.34.253.149

🇹🇼 122.117.94.238

🇿🇦 102.129.63.182

🇺🇸 72.14.147.203

🇺🇸 68.192.238.200

🇺🇸 64.62.197.202

🇺🇸 50.187.96.100

🇹🇿 41.93.28.23

🇬🇧 35.203.211.179

🇧🇪 34.79.219.154

🇲🇾 14.192.212.85

🇺🇸 172.174.234.168

🇻🇳 171.244.39.95

🇭🇰 118.193.47.223

🇫🇷 91.196.152.122

🇩🇪 69.5.169.92

🇺🇸 35.252.197.133