JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.165.38.19

52.165.38.19 was found in our database!

This IP was reported 41 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.165.38.19

Whois 52.165.38.19

IP Abuse Reports for 52.165.38.19:

This IP address has been reported a total of 41 times from 35 distinct sources. 52.165.38.19 was first reported on August 30th 2023, and the most recent report was 2 years ago.

Old Reports: The most recent abuse report for this IP address is from 2 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 raymarron.com	2023-09-06 13:57:39 (2 years ago)	/ekjpmxax.php?Fox=d3wL7 /wp-content/themes/seotheme/db.php?u (x2) POST /alfacgiapi/perl.alfa POST ... show more /ekjpmxax.php?Fox=d3wL7 /wp-content/themes/seotheme/db.php?u (x2) POST /alfacgiapi/perl.alfa POST /wp-plain.php POST /ALFA_DATA/alfacgiapi/perl.alfa show less	Web App Attack
🇪🇸 netfactotum	2023-09-05 08:52:38 (2 years ago)		Hacking Web App Attack
🇺🇸 octageeks.com	2023-09-05 04:18:37 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 sumnone	2023-09-04 20:45:32 (2 years ago)	Wordpress vulnerability probing: Error 404. The requested page (/wp-content/themes/seotheme/db.php) ... show more Wordpress vulnerability probing: Error 404. The requested page (/wp-content/themes/seotheme/db.php) was not found show less	Bad Web Bot Exploited Host Web App Attack
Anonymous	2023-09-04 19:54:24 (2 years ago)	POST requests to non-existent URL's	Hacking Brute-Force
🇬🇧 SilverZippo	2023-09-04 19:53:11 (2 years ago)	Web App Attack	Web App Attack
🇩🇪 psauxit	2023-09-04 19:34:08 (2 years ago)	Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping	Web Spam Hacking Bad Web Bot Web App Attack
Anonymous	2023-09-04 17:53:28 (2 years ago)	WordPress plugin direct access attempt: 52.165.38.19 - - [04/Sep/2023:18:53:28 +0100] "GET /wp-cont ... show more WordPress plugin direct access attempt: 52.165.38.19 - - [04/Sep/2023:18:53:28 +0100] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 200 234 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112." show less	Hacking Web App Attack
🇩🇪 ut-addicted.com	2023-09-04 11:43:58 (2 years ago)	\[Mon Sep 04 13:43:57.652707 2023\] \[:error\] \[pid 15067:tid 139901223819008\] \[client 52.165.38. ... show more \[Mon Sep 04 13:43:57.652707 2023\] \[:error\] \[pid 15067:tid 139901223819008\] \[client 52.165.38.19:1203\] \[client 52.165.38.19\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 5\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "ut-addicted.com"\] \[uri "/wp-plain.php"\] \[unique_id "ZPXC-XRhF@ySxYS1IGcTkAAAAMM"\], referer: www.google.com show less	Brute-Force Web App Attack
🇸🇬 mypatricks	2023-09-04 07:20:05 (2 years ago)	52.165.38.19 \| Port: 37848 \| DNS: 52.165.38.19 2023-09-04T15:20:04+08:00 Asia/Singapore \| Suspicious ... show more 52.165.38.19 \| Port: 37848 \| DNS: 52.165.38.19 2023-09-04T15:20:04+08:00 Asia/Singapore \| Suspicious User Abuse Activity \| UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 HTTP/1.1 443 POST \| URL: /ALFA_DATA/alfacgiapi/perl.alfa \| Ref: www.google.com \| Country: US/United States/-08:00 IP City: Des Moines 801477c0afacaa10-DFW/Dallas, TX, United States 1 hits/0 secs Robots 3 show less	Web Spam Blog Spam Brute-Force Exploited Host Web App Attack
🇩🇪 SCHAPPY	2023-09-04 06:02:58 (2 years ago)	Bad bot identified by user agent	Bad Web Bot
Anonymous	2023-09-03 21:29:09 (2 years ago)	BASE64-encoded injection	Hacking
Anonymous	2023-09-03 21:10:23 (2 years ago)		Web Spam Email Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 conseilgouz	2023-09-03 17:10:52 (2 years ago)	coe-7 : Trying access unauthorized files/dir=>/wp-content/themes/seotheme/db.php?u	Hacking
🇺🇸 RLDD	2023-09-03 14:26:52 (2 years ago)	WP probing -viz	Web App Attack

Showing 1 to 15 of 41 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 14.103.107.234

🇳🇱 5.255.115.92

🇺🇸 147.185.132.244

🇳🇱 91.92.40.233

🇺🇸 66.132.195.66

🇳🇱 45.198.224.143

🇳🇱 45.198.224.115

🇵🇰 39.35.226.226

🇨🇦 23.252.224.216

🇨🇦 2620:171:ea:f005:9999::246

🇨🇴 204.199.116.178

🇺🇸 188.213.202.81

🇺🇸 185.180.142.133

🇺🇸 172.233.221.115

🇩🇪 88.214.25.123

🇭🇰 43.132.150.89

🇮🇩 36.82.37.177

🇺🇸 209.141.47.217

🇬🇧 201.78.128.97

🇷🇺 178.184.123.86