JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.138.39.105

52.138.39.105 was found in our database!

This IP was reported 670 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.138.39.105

Whois 52.138.39.105

IP Abuse Reports for 52.138.39.105:

This IP address has been reported a total of 670 times from 236 distinct sources. 52.138.39.105 was first reported on March 21st 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 IRISIO	2026-03-23 09:07:51 (2 months ago)	scans/SQL injection/spam posts : 3364 queries	Web App Attack SQL Injection
🇺🇸 fazar	2026-03-23 09:07:10 (2 months ago)	crowdsecurity/http-admin-interface-probing on node: us01	Web App Attack Hacking
🇬🇧 findlab	2026-03-23 09:00:02 (2 months ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇷🇺 ago.su	2026-03-23 08:56:05 (2 months ago)	F2B blocked nginx bad bot [otd]	Hacking Web App Attack
🇪🇸 el-brujo	2026-03-23 08:41:08 (2 months ago)	Cloudflare WAF: Request Path: /wp-admin/includes/ Request Query: Host: www.elhacker.net userAgent: ... show more Cloudflare WAF: Request Path: /wp-admin/includes/ Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: block Source: ratelimit ASN Description: MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation Country: CA Method: GET Timestamp: 2026-03-23T08:41:08Z ruleId: 11a71ad4659e48b29b5173e3bcc61b4a. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
Anonymous	2026-03-23 08:31:00 (2 months ago)	52.138.39.105 - - [23/Mar/2026:09:30:41 +0100] "GET /admin.php HTTP/1.1" 404 32742 52.138.39.105 - - ... show more 52.138.39.105 - - [23/Mar/2026:09:30:41 +0100] "GET /admin.php HTTP/1.1" 404 32742 52.138.39.105 - - [23/Mar/2026:09:30:43 +0100] "GET /lite.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:45 +0100] "GET /about.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:47 +0100] "GET /inputs.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:49 +0100] "GET /adminfuns.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:50 +0100] "GET /cgi-bin/ HTTP/1.1" 404 30496 52.138.39.105 - - [23/Mar/2026:09:30:52 +0100] "GET /edit.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:54 +0100] "GET /term.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:55 +0100] "GET /wp.php HTTP/1.1" 404 29135 52.138.39.105 - - [23/Mar/2026:09:30:57 +0100] "GET /ioxi-o.php HTTP/1.1" 404 29135 ... show less	Web Spam Web App Attack
🇺🇸 Epimetheus	2026-03-23 08:10:13 (2 months ago)	Zombie network / Bot scanner detected: [GET] /wp-includes/images/crystal/ [GET] /wp-content/upgrade ... show more Zombie network / Bot scanner detected: [GET] /wp-includes/images/crystal/ [GET] /wp-content/upgrade/index.php [GET] /wp-admin/css/colors/midnight/ [GET] /upload.php [GET] /wp-admin/post.php [GET] /wp-includes/images/wp-login.php [GET] /ms-edit.php [GET] /function/function.php [GET] /wp-content/index.php [GET] /info.php [GET] /wp-content/plugins/plugin/index.php [GET] /ava.php [GET] /admin/function.php [GET] /.well-known/ [GET] /wp-includes/block-supports/ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Bad Web Bot Exploited Host Web App Attack
🇩🇪 Skyrider	2026-03-23 08:07:26 (2 months ago)	crowdsecurity/http-probing	Hacking
🇫🇷 devsecops.cv	2026-03-23 08:01:17 (2 months ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇩🇪 Viveronese	2026-03-23 07:43:39 (2 months ago)	HTTP vulnerability scanning	Web App Attack
Anonymous	2026-03-23 07:30:37 (2 months ago)	(wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 52. ... show more (wp-php-upload-includes) Block attempt to access .php in uploads wordpress uploads or well-known 52.138.39.105 (CA/Canada/-) show less	Brute-Force
🇺🇸 paulo.apoloni	2026-03-23 07:22:20 (2 months ago)	52.138.39.105 - - [23/Mar/2026:04:22:20 -0300] "GET /wp-content/index.php HTTP/1.1" 444 0 "-" "Mozil ... show more 52.138.39.105 - - [23/Mar/2026:04:22:20 -0300] "GET /wp-content/index.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Bad Web Bot Web App Attack
Anonymous	2026-03-23 07:10:22 (2 months ago)	52.138.39.105 - - [23/Mar/2026:08:10:22 +0100] "GET /wp-content/uploads/ HTTP/1.1" 301 169 "-" "Mozi ... show more 52.138.39.105 - - [23/Mar/2026:08:10:22 +0100] "GET /wp-content/uploads/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇫🇮 Christopher Hughes	2026-03-23 06:52:48 (2 months ago)	[Mon Mar 23 06:52:46.291263 2026] [proxy_fcgi:error] [pid 1312787:tid 140446655288896] [client 52.13 ... show more [Mon Mar 23 06:52:46.291263 2026] [proxy_fcgi:error] [pid 1312787:tid 140446655288896] [client 52.138.39.105:49869] AH01071: Got error 'Primary script unknown' [Mon Mar 23 06:52:46.424076 2026] [proxy_fcgi:error] [pid 1312787:tid 140447276054080] [client 52.138.39.105:49869] AH01071: Got error 'Primary script unknown' [Mon Mar 23 06:52:46.557248 2026] [proxy_fcgi:error] [pid 1312787:tid 140446554641984] [client 52.138.39.105:49869] AH01071: Got error 'Primary script unknown' [Mon Mar 23 06:52:47.766791 2026] [proxy_fcgi:error] [pid 1312787:tid 140446663681600] [client 52.138.39.105:49869] AH01071: Got error 'Primary script unknown' [Mon Mar 23 06:52:48.033396 2026] [proxy_fcgi:error] [pid 1312787:tid 140447301232192] [client 52.138.39.105:49869] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇺🇸 Epimetheus	2026-03-23 06:48:13 (2 months ago)	Unauthorized access attempts: [GET] /info.php [GET] /ava.php [GET] /wp-includes/js/crop/ [GET] /wp- ... show more Unauthorized access attempts: [GET] /info.php [GET] /ava.php [GET] /wp-includes/js/crop/ [GET] /wp-content/themes/ [GET] /wp-content/uploads/admin.php [GET] /wp-includes/block-supports/ [GET] /403.php [GET] /wp-content/index.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack

Showing 181 to 195 of 670 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.237

🇷🇺 185.16.214.226

🇧🇬 79.124.49.174

🇧🇬 78.128.114.102

🇷🇺 5.44.172.84

🇺🇸 2607:f8b0:4001:c72::122

🇵🇱 2001:41d0:602:2e48::1

🇰🇷 220.88.220.59

🇮🇩 163.7.8.79

🇺🇸 130.131.163.217

🇫🇷 79.141.5.155

🇺🇸 66.132.172.113

🇳🇱 64.89.162.12

🇫🇷 51.77.222.9

🇸🇬 47.84.111.212

🇮🇩 43.252.105.3

🇩🇿 41.101.132.154

🇿🇦 41.56.83.172

🇧🇷 38.226.140.108

🇨🇳 27.17.197.105