JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.138.0.148

52.138.0.148 was found in our database!

This IP was reported 158 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.138.0.148

Whois 52.138.0.148

IP Abuse Reports for 52.138.0.148:

This IP address has been reported a total of 158 times from 104 distinct sources. 52.138.0.148 was first reported on March 12th 2026, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇷 rtbh.com.tr	2026-03-14 20:12:03 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇳🇱 homeshowdomain.nl	2026-03-13 22:59:17 (3 months ago)	Auto-ban: 16 malicious requests on 2026-03-12 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 16 malicious requests on 2026-03-12 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇹🇷 rtbh.com.tr	2026-03-13 20:12:02 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2026-03-13 08:03:36 (3 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Webshell probing show less	Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-03-13 06:13:45 (3 months ago)	2406 attacks on ACME URLs, PHP URLs: GET /.well-known/acme-challenge/index.php HTTP/1.1 GET /setting ... show more 2406 attacks on ACME URLs, PHP URLs: GET /.well-known/acme-challenge/index.php HTTP/1.1 GET /settings.php HTTP/1.1 show less	Web App Attack
🇫🇷 pm33	2026-03-13 05:25:38 (3 months ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇺🇸 octageeks.com	2026-03-13 04:07:02 (3 months ago)	Wordpress malicious attack:[octaflood]	Web App Attack
🇮🇹 mauri64	2026-03-13 00:32:34 (3 months ago)	Troppi errori Apache (628)	Hacking
🇳🇱 homeshowdomain.nl	2026-03-12 22:59:51 (3 months ago)	Auto-ban: >3000 req/min op 2026-03-12	Web App Attack SSH Hacking
🇺🇸 KitsuneTech	2026-03-12 20:24:04 (3 months ago)	52.138.0.148 - - [12/Mar/2026:15:24:03 -0500] "GET /wp-index.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 ... show more 52.138.0.148 - - [12/Mar/2026:15:24:03 -0500] "GET /wp-index.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇸🇬 ipidentify	2026-03-12 19:40:28 (3 months ago)	2026-03-12T19:40:28Z GET /wp-admin/css/colors/sunrise/index.php 2026-03-12T19:40:30Z GET /wp-admin/n ... show more 2026-03-12T19:40:28Z GET /wp-admin/css/colors/sunrise/index.php 2026-03-12T19:40:30Z GET /wp-admin/network/admin.php 2026-03-12T19:40:30Z GET /wp-admin/maint/about.php 2026-03-12T19:40:31Z GET /wp-admin/js/widgets/index.php 2026-03-12T19:40:34Z GET /wp-admin/maint/admin.php 2026-03-12T19:40:35Z GET /wp-admin/wp-admins.php 2026-03-12T19:40:37Z GET /wp-admin/includes/index.php show less	Web App Attack
🇺🇸 myagent.site	2026-03-12 19:39:54 (3 months ago)	Blocking for trying to access an exploit file: /test.php7	Hacking
🇱🇻 garmtech.com	2026-03-12 19:37:53 (3 months ago)	Attempted access to sensitive endpoint (/wp-admin/license.php) detected. Automated scan or unauthori ... show more Attempted access to sensitive endpoint (/wp-admin/license.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇬🇧 yvoictra	2026-03-12 19:23:23 (3 months ago)	52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /assets/jquery-ui/images/lock2.php HTTP/1.1" 404 ... show more 52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /assets/jquery-ui/images/lock2.php HTTP/1.1" 404 193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /byp.php HTTP/1.1" 404 193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /c.php HTTP/1.1" 404 193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /ca4.php HTTP/1.1" 404 193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.138.0.148 - - [12/Mar/2026:20:23:17 +0100] "GET /ccx/index.php HTTP/1.1" 404 193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safar ... show less	Brute-Force Web App Attack
🇺🇸 lavnet.net	2026-03-12 19:11:16 (3 months ago)	52.138.0.148 - - [12/Mar/2026:19:11:15 +0000] "GET /assets/jquery-ui/images/lock2.php HTTP/1.1" 404 ... show more 52.138.0.148 - - [12/Mar/2026:19:11:15 +0000] "GET /assets/jquery-ui/images/lock2.php HTTP/1.1" 404 4726 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 52.138.0.148 - - [12/Mar/2026:19:11:15 +0000] "GET /byp.php HTTP/1.1" 404 2105 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force

Showing 1 to 15 of 158 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 218.185.241.137

🇫🇷 85.217.140.37

🇧🇪 209.85.221.69

🇺🇸 209.50.164.153

🇧🇷 187.33.59.116

🇱🇦 183.182.121.230

🇧🇷 177.12.98.14

🇻🇳 171.232.202.140

🇮🇩 103.151.140.79

🇺🇸 66.26.234.177

🇩🇪 65.111.27.233

🇺🇸 65.111.0.141

🇺🇸 45.79.92.218

🇺🇸 45.3.38.182

🇺🇸 45.3.34.4

🇺🇸 20.12.41.6

🇨🇳 1.24.16.210

🇺🇸 192.3.114.209

🇩🇪 167.235.145.2

🇦🇫 149.54.51.42