JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 139.87.112.139

139.87.112.139 was found in our database!

This IP was reported 18 times. Confidence of Abuse is 0%: ?

ISP	Oracle Public Cloud
Usage Type	Data Center/Web Hosting/Transit
ASN	AS6142
Domain Name	oracleemaildelivery.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Important Note: 139.87.112.139 is an IP address from within our whitelist belonging to the subnet 139.87.112.0/23, which we identify as: "Qualys Scanner".

Whitelisted netblocks are typically owned by trusted entities, such as Google or Microsoft who may use them for search engine spiders. However, these same entities sometimes also provide cloud servers and mail services which are easily abused. Pay special attention when trusting or distrusting these IPs.

Report 139.87.112.139

Whois 139.87.112.139

IP Abuse Reports for 139.87.112.139:

This IP address has been reported a total of 18 times from 13 distinct sources. 139.87.112.139 was first reported on March 7th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-23 17:25:06 (1 day ago)	Banned by Fail2Ban on server	Web App Attack
🇧🇷 ICS Labs	2026-05-14 12:41:49 (1 month ago)	ICS Labs identified 139.87.112.139 as a malicious indicator from threat intelligence.	Hacking
🇧🇪 cmbplf	2026-05-05 04:24:34 (1 month ago)	10.181 requests with url.path .svn/ 10.152 requests with url.path .hg/ 9.421 requests with ur ... show more 10.181 requests with url.path .svn/ 10.152 requests with url.path .hg/ 9.421 requests with url.path .git/ 544 requests with url.path .ssh/ 542 requests with url.path .aws/ 137 requests with url.path *.user.ini show less	Brute-Force Bad Web Bot
🇺🇸 jfc	2025-09-18 05:40:44 (9 months ago)	2025-09-17T23:39:28.443585-06:00 oracle5 sshd[2361123]: Invalid user NoSuchUser from 139.87.112.139 ... show more 2025-09-17T23:39:28.443585-06:00 oracle5 sshd[2361123]: Invalid user NoSuchUser from 139.87.112.139 port 53490 2025-09-17T23:40:44.194624-06:00 oracle5 sshd[2362098]: Invalid user NoSuchUser from 139.87.112.139 port 35032 2025-09-17T23:40:44.327537-06:00 oracle5 sshd[2362100]: Invalid user n6m4tpp7n60v from 139.87.112.139 port 35138 ... show less	Brute-Force SSH
🇮🇪 AutosOnShow	2025-07-30 09:29:04 (10 months ago)	blocked for webapp attack \| path requested: /cgi-bin/ \| seen at 2025-07-30 09:28:15.590 \|	Web App Attack
🇮🇪 AutosOnShow	2025-07-30 09:14:04 (10 months ago)	blocked for webapp attack \| path requested: / \| seen at 2025-07-30 09:13:04.369 \|	Web App Attack
🇮🇪 AutosOnShow	2025-07-30 08:57:03 (10 months ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2025-07-30 08:56:07.448 \|	Web App Attack
🇬🇧 noise.agency	2025-05-11 00:02:08 (1 year ago)	Port Scan detected from 139.87.112.139 (US/United States/-).	Port Scan
Anonymous	2025-05-10 18:50:01 (1 year ago)	\| Common web attack.	Hacking SQL Injection Web App Attack
🇳🇱 astijf	2025-04-19 04:03:03 (1 year ago)	Port Scan detected from 139.87.112.139 (US/United States/-). 5 hits in the last 160 seconds	Port Scan Brute-Force
Anonymous	2025-03-18 05:06:49 (1 year ago)	Blocked for log4j CVE-2021-44228	DDoS Attack Bad Web Bot Exploited Host Web App Attack
🇬🇧 yvoictra	2025-01-16 22:58:35 (1 year ago)	Jan 16 23:58:34 geneba sshd[3894369]: Invalid user NoSuchUser from 139.87.112.139 port 34916 ...	Brute-Force SSH
🇬🇧 Azhar	2025-01-16 16:35:25 (1 year ago)	Jan 16 16:34:05 sheikh-ahmed-abu-islam-v2 sshd[711736]: Invalid user NoSuchUser from 139.87.112.139 ... show more Jan 16 16:34:05 sheikh-ahmed-abu-islam-v2 sshd[711736]: Invalid user NoSuchUser from 139.87.112.139 port 57912 Jan 16 16:35:24 sheikh-ahmed-abu-islam-v2 sshd[712544]: Invalid user NoSuchUser from 139.87.112.139 port 35418 ... show less	Brute-Force SSH
🇬🇧 Azhar	2025-01-16 15:56:06 (1 year ago)	[Thu Jan 16 15:56:04.922401 2025] [ssl:error] [pid 320717:tid 320743] [client 139.87.112.139:57810] ... show more [Thu Jan 16 15:56:04.922401 2025] [ssl:error] [pid 320717:tid 320743] [client 139.87.112.139:57810] AH02031: Hostname 140.238.90.195 provided via SNI, but no hostname provided in HTTP request [Thu Jan 16 15:56:05.719204 2025] [ssl:error] [pid 320717:tid 320730] [client 139.87.112.139:58048] AH02031: Hostname 140.238.90.195 provided via SNI, but no hostname provided in HTTP request ... show less	Brute-Force
🇬🇧 Azhar	2025-01-16 15:39:03 (1 year ago)	[Thu Jan 16 15:39:02.222153 2025] [ssl:error] [pid 320716:tid 320732] [client 139.87.112.139:33274] ... show more [Thu Jan 16 15:39:02.222153 2025] [ssl:error] [pid 320716:tid 320732] [client 139.87.112.139:33274] AH02031: Hostname 140.238.90.195 provided via SNI, but no hostname provided in HTTP request [Thu Jan 16 15:39:02.767043 2025] [ssl:error] [pid 320716:tid 320753] [client 139.87.112.139:33378] AH02031: Hostname 140.238.90.195 provided via SNI, but no hostname provided in HTTP request ... show less	Brute-Force

Showing 1 to 15 of 18 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.83

🇳🇱 193.176.31.239

🇩🇪 193.124.20.243

🇳🇱 185.223.235.5

🇺🇸 167.71.240.77

🇳🇱 91.92.40.4

🇳🇱 81.19.216.121

🇳🇱 81.19.216.114

🇺🇸 66.132.224.20

🇲🇩 46.166.63.23

🇺🇸 20.118.209.70

🇻🇳 14.225.7.70

🇬🇧 5.226.140.94

🇩🇪 213.209.159.226

🇬🇧 185.247.137.36

🇨🇳 180.102.110.143

🇮🇳 157.49.120.92

🇺🇸 147.185.132.182

🇮🇳 103.38.219.22

🇿🇦 102.207.101.128