JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.140.112.139

52.140.112.139 was found in our database!

This IP was reported 156 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇮🇳 India
City	Pune, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.140.112.139

Whois 52.140.112.139

IP Abuse Reports for 52.140.112.139:

This IP address has been reported a total of 156 times from 136 distinct sources. 52.140.112.139 was first reported on June 25th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-26 17:04:16 (16 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: IN, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: IN, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇪🇸 NullBlue	2026-06-26 08:52:34 (1 day ago)	Web app attack: scanning for secrets/exploits (.env/.git/PHPUnit CVE). Captured by NullBlue67 honeyp ... show more Web app attack: scanning for secrets/exploits (.env/.git/PHPUnit CVE). Captured by NullBlue67 honeypot. show less	Hacking Web App Attack
🇬🇧 openstrike.co.uk	2026-06-26 05:16:25 (1 day ago)	109 attacks on PHP URLs: GET /load.php HTTP/1.1	Web App Attack
🇲🇽 octageeks.com	2026-06-26 04:21:40 (1 day ago)	Wordpress malicious attack:[octascan]	Web App Attack
Anonymous	2026-06-26 02:13:58 (1 day ago)	$f2bV_matches	Brute-Force Web App Attack
🇺🇦 URAN Publishing Service	2026-06-26 01:32:29 (1 day ago)	52.140.112.139 - - [26/Jun/2026:04:32:28 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 52.140.112.139 - - [26/Jun/2026:04:32:28 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 702 "-" "-" ... show less	Web App Attack
🇫🇷 HerrWolf	2026-06-26 01:30:05 (1 day ago)	CrowdSec Detection: crowdsecurity/http-crawl-non_statics	Bad Web Bot
🇩🇪 Phenix Info	2026-06-26 01:22:02 (1 day ago)	SmallGuard.fr - Empty User Agent	Web App Attack
Anonymous	2026-06-26 01:21:22 (1 day ago)	Reported by Charon (Fail2Ban)	SSH
Anonymous	2026-06-26 01:16:48 (1 day ago)	52.140.112.139 - - [26/Jun/2026:09:16:45 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 52.140.112.139 - - [26/Jun/2026:09:16:45 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 196 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:46 +0800] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:46 +0800] "GET /inputs.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:46 +0800] "GET /admin.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:47 +0800] "GET /goods.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:47 +0800] "GET /file.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:47 +0800] "GET /adminfuns.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:47 +0800] "GET /404.php HTTP/1.1" 404 16 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:48 +0800] "GET /wk/index.php HTTP/1.1" 404 196 "-" "-" 52.140.112.139 - - [26/Jun/2026:09:16:48 +0800] "GET /about.php HTTP/1.1" 404 16 "-" "-" ... show less	Bad Web Bot Web App Attack
🇩🇪 webanyone	2026-06-26 01:15:37 (1 day ago)	Apache web server attack detected by Fail2Ban in plesk-apache jail	Web App Attack
🇵🇱 ketovoila.pl	2026-06-26 01:14:54 (1 day ago)	ketovoila.pl WordPress login/xmlrpc probing: hits=26; unique_paths=26; sample_paths=/2.php,/7.php,/w ... show more ketovoila.pl WordPress login/xmlrpc probing: hits=26; unique_paths=26; sample_paths=/2.php,/7.php,/wp-content/plugins/hellopress/wp_filemanager.php; UA=""; window=2026-06-26T01:14:54Z..2026-06-26T01:14:57Z show less	Brute-Force Web App Attack
Anonymous	2026-06-26 01:07:04 (1 day ago)	Automated web scanner. Requested suspicious paths: /wp-content/plugins/hellopress/wp_filemanager.php ... show more Automated web scanner. Requested suspicious paths: /wp-content/plugins/hellopress/wp_filemanager.php \| /this_is_a_new_hello_world.php \| /inputs.php \| /admin.php \| /goods.php \| /file.php \| /adminfuns.php. UTC: 2026-06-26 00:20:41. show less	Web App Attack
🇺🇸 Moby	2026-06-26 01:03:20 (1 day ago)	52.140.112.139 - - [25/Jun/2026:20:03:17 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 52.140.112.139 - - [25/Jun/2026:20:03:17 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 992 "-" "-" "75.88.18.218" "osl2019.techspace.cc" 52.140.112.139 - - [25/Jun/2026:20:03:17 -0500] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 992 "-" "-" "75.88.18.218" "osl2019.techspace.cc" 52.140.112.139 - - [25/Jun/2026:20:03:18 -0500] "GET /inputs.php HTTP/1.1" 404 992 "-" "-" "75.88.18.218" "osl2019.techspace.cc" ... show less	Web App Attack
🇬🇧 andypiper	2026-06-26 01:01:27 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack

Showing 1 to 15 of 156 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 154.83.12.89

🇮🇩 114.122.83.92

🇫🇷 109.205.180.231

🇺🇸 66.175.212.77

🇸🇪 217.60.78.70

🇰🇷 211.221.196.103

🇹🇹 190.213.24.245

🇪🇸 185.72.114.235

🇺🇸 172.182.195.43

🇫🇮 147.185.133.60

🇮🇩 119.47.90.19

🇬🇦 102.142.99.31

🇺🇸 66.132.224.25

🇷🇺 46.39.239.86

🇭🇰 18.162.115.191

🇺🇸 151.240.231.4

🇺🇸 47.251.125.230

🇲🇾 47.250.147.77

🇭🇰 43.128.3.201

🇬🇧 35.203.210.180