JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.180.157.104

52.180.157.104 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.180.157.104

Whois 52.180.157.104

IP Abuse Reports for 52.180.157.104:

This IP address has been reported a total of 64 times from 43 distinct sources. 52.180.157.104 was first reported on July 7th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2024-07-21 19:48:50 (1 year ago)	$f2bV_matches	Brute-Force
Anonymous	2024-07-14 19:48:21 (1 year ago)	$f2bV_matches	Brute-Force
🇺🇸 octageeks.com	2024-07-14 04:08:20 (1 year ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇸🇬 Cloudkul Cloudkul	2024-07-13 10:30:16 (1 year ago)	Attempted Not Found (404 status code) requests on our application, more than 30% of their total requ ... show more Attempted Not Found (404 status code) requests on our application, more than 30% of their total requests. show less	Brute-Force Web App Attack
🇩🇪 psauxit	2024-07-12 22:33:33 (1 year ago)	Fail2Ban - NGINX heavily bad-bot, possible vulnerability scanning and excessive crawling/scraping	Web Spam Hacking Bad Web Bot Web App Attack
🇩🇪 london2038.com	2024-07-12 22:02:16 (1 year ago)	Probing for exploits 52.180.157.104 - - [13/Jul/2024:00:02:11 +0200] "GET /wp-content/plugins/wp-cat ... show more Probing for exploits 52.180.157.104 - - [13/Jul/2024:00:02:11 +0200] "GET /wp-content/plugins/wp-catcher/index.php HTTP/1.1" 204 0 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 52.180.157.104 - - [13/Jul/2024:00:02:12 +0200] "GET /wp-content/plugins/wp-catcher/index.php HTTP/1.1" 204 0 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" show less	Hacking Web App Attack
🇫🇷 tecnicorioja	2024-07-12 22:01:02 (1 year ago)	(Mod_security) X-Real-IP:	Brute-Force Bad Web Bot Web App Attack
Anonymous	2024-07-12 19:57:59 (1 year ago)	Automated report (2024-07-12T19:57:59+00:00). User agent cited by various attack tools, rootkits, ba ... show more Automated report (2024-07-12T19:57:59+00:00). User agent cited by various attack tools, rootkits, backdoors, webshells, and malware detected. show less	Open Proxy Hacking Bad Web Bot Exploited Host Web App Attack
🇺🇸 WebpodsLLC	2024-07-12 19:33:39 (1 year ago)	Direction: in Trigger: LF_PERMBLOCK_COUNT;	Port Scan Brute-Force Web App Attack
Anonymous	2024-07-12 19:04:28 (1 year ago)	$f2bV_matches	Brute-Force
🇮🇹 Franco	2024-07-12 14:11:00 (1 year ago)	Blocked for Known malicious User-Agents	Hacking Brute-Force Web App Attack
🇺🇸 MortimerCat	2024-07-12 10:32:28 (1 year ago)	Trying to access wordpress plugins	Web App Attack
🇩🇪 ut-addicted.com	2024-07-12 08:19:34 (1 year ago)	\[Fri Jul 12 10:19:32.770851 2024\] \[:error\] \[pid 6739:tid 140075392300800\] \[client 52.180.157. ... show more \[Fri Jul 12 10:19:32.770851 2024\] \[:error\] \[pid 6739:tid 140075392300800\] \[client 52.180.157.104:56977\] \[client 52.180.157.104\] ModSecurity: Access denied with code 403 $phase 2$. Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded $Total Score: 10$"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "www.ut-addicted.com"\] \[uri "/wp-content/plugins/wp-catcher/index.php"\] \[unique_id "ZpDnFBTNRaJPF2nYKGLb6AAAAMA"\], referer: www.google.com show less	Brute-Force Web App Attack
🇺🇸 mawan	2024-07-12 07:00:05 (1 year ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇬🇧 openstrike.co.uk	2024-07-12 05:13:34 (1 year ago)	8 attacks on PHP URLs: GET /wp-content/plugins/wp-catcher/index.php HTTP/1.1	Web App Attack

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 121.242.112.200

🇩🇪 207.154.212.70

🇺🇦 193.37.251.67

🇳🇱 176.65.139.105

🇺🇸 152.37.147.108

🇸🇬 143.198.89.109

🇺🇸 134.122.125.153

🇳🇬 102.88.137.80

🇺🇸 66.132.172.148

🇺🇸 47.251.177.200

🇺🇦 37.221.139.5

🇹🇼 211.20.14.156

🇧🇷 201.27.236.113

🇳🇱 193.176.31.207

🇧🇷 179.63.129.137

🇨🇳 117.50.51.198

🇳🇱 94.212.68.151

🇩🇪 45.80.166.6

🇬🇧 35.203.211.227

🇺🇸 8.231.209.106