Why would MS IP Address 52.169.23.213 be scanning for exploitable files

[JimHermann1]

Folks,Why is Microsoft scanning a site for specific files that mostly don't exist?52.169.23.213 - - [05/Nov/2024:16:20:34 -0600] "GET /admin/function.php HTTP/1.1" 404 46407 "-" "-" 52.169.23.213 - - [05/Nov/2024:16:20:34 -0600] "GET /admin.php HTTP/1.1" 404 46407 "-" "-" 52.169.23.213 - - [05/Nov/2024:16:20:36 -0600] "GET /config.php HTTP/1.1" 404 46407 "-" "-" 52.169.23.213 - - [05/Nov/2024:16:20:36 -0600] "GET /about/function.php HTTP/1.1" 404 46407 "-" "-" 52.169.23.213 - - [05/Nov/2024:16:20:37 -0600] "GET /lock.php HTTP/1.1" 404 46407 "-" "-" 52.169.23.213 - - [05/Nov/2024:16:20:38 -0600

Continue reading...