JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.161.59.159

52.161.59.159 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Cheyenne, Wyoming

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.161.59.159

Whois 52.161.59.159

IP Abuse Reports for 52.161.59.159:

This IP address has been reported a total of 51 times from 40 distinct sources. 52.161.59.159 was first reported on September 26th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC-BR	2026-06-04 07:23:13 (4 days ago)	Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-03 0 ... show more Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-03 05:02:29 - Source Port 9271 show less	Port Scan Hacking
Anonymous	2026-06-03 11:06:33 (4 days ago)	Portscan: TCP/2087 (2x), TCP/2082 (2x), TCP/2083 (2x), TCP/2086 (2x), TCP/80, TCP/8443, TCP/443, TCP ... show more Portscan: TCP/2087 (2x), TCP/2082 (2x), TCP/2083 (2x), TCP/2086 (2x), TCP/80, TCP/8443, TCP/443, TCP/8080 show less	Port Scan
🇩🇪 Enno	2026-06-03 08:14:51 (5 days ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
🇵🇱 Kitki30.com	2026-06-03 07:44:20 (5 days ago)	HTTP Probing. Log: 52.161.59.159 - - [03/Jun/2026:07:44:19 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 ... show more HTTP Probing. Log: 52.161.59.159 - - [03/Jun/2026:07:44:19 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 07:42:55 (5 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-03 07:20:02 (5 days ago)	Bot detected scanning for vulnerable pages	Port Scan
🇮🇩 Burayot	2026-06-03 07:12:48 (5 days ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.161.59.159 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 52.161.59.159 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 RAP	2026-06-03 07:10:59 (5 days ago)	2026-06-03 07:10:59 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 lnklnx	2026-06-03 07:06:05 (5 days ago)	www.lnklnx.com:443 52.161.59.159 - - [03/Jun/2026:02:06:03 -0500] "GET /.git/HEAD HTTP/1.1" 403 4884 ... show more www.lnklnx.com:443 52.161.59.159 - - [03/Jun/2026:02:06:03 -0500] "GET /.git/HEAD HTTP/1.1" 403 4884 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇹🇷 SeczarSecureOps	2026-06-03 06:59:26 (5 days ago)	Seczar SecureOps — Port Scan Detection (7 events) — quarantined 43200m on fgdcapi	Port Scan
🇹🇭 Sawasdee	2026-06-03 06:51:06 (5 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇮🇪 AutosOnShow	2026-06-03 06:41:05 (5 days ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 06:40:46.953 \|	Web App Attack
🇩🇪 Dennis	2026-06-03 06:38:45 (5 days ago)	52.161.59.159 has been banned for triggering http-probing (13 events over 29.067671753s).	Brute-Force Web App Attack
🇸🇰 KlinikaMD	2026-06-03 06:01:00 (5 days ago)	Automatic report from KMD firewall log.	Port Scan Hacking Brute-Force
Anonymous	2026-06-03 05:43:19 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 47.253.149.245

🇩🇪 128.14.225.164

🇰🇷 59.24.133.197

🇬🇪 46.49.73.27

🇺🇸 34.58.115.216

🇶🇦 34.18.216.162

🇹🇷 31.206.66.93

🇻🇳 221.132.21.185

🇮🇳 202.141.65.5

🇺🇸 184.105.247.235

🇨🇳 180.153.236.2

🇵🇰 144.48.135.48

🇨🇳 117.177.102.79

🇨🇳 116.178.129.113

🇨🇳 106.117.108.47

🇮🇩 103.174.115.196

🇳🇱 89.248.163.43

🇧🇪 87.67.40.147

🇷🇴 80.94.92.182

🇺🇸 71.6.232.24