JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.140.40.92

52.140.40.92 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 11%: ?

11%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇮🇳 India
City	Chennai, Tamil Nadu

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.140.40.92

Whois 52.140.40.92

IP Abuse Reports for 52.140.40.92:

This IP address has been reported a total of 20 times from 8 distinct sources. 52.140.40.92 was first reported on June 2nd 2025, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 Fn4ticHz	2026-05-30 15:41:30 (6 days ago)	DDoS blocked via ZeroGuard.ID	DDoS Attack Exploited Host
🇺🇸 cheatmaster.store	2026-05-08 11:34:51 (4 weeks ago)	Proxy parsed from 52.140.40.92:80	Brute-Force SSH
🇪🇸 10dencehispahard SL	2026-01-13 06:56:59 (4 months ago)	Wordpress probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-12-13 01:10:40 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 20:10:18.675013 2025] [security2:error] [pid 7408:tid 7408] [client 52.140.40.92:60790] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "braleygroup.com"] [uri "/.env"] [unique_id "aTy8-g6dvuacQZNtV4a_gQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-12 20:01:00 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 12 15:00:41.585199 2025] [security2:error] [pid 19260:tid 19260] [client 52.140.40.92:43746] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kirt.us"] [uri "/.env"] [unique_id "aTx0aRyBeeu6PIdN6nsb1QAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 17:37:34 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 12:37:25.391470 2025] [security2:error] [pid 26684:tid 26812] [client 52.140.40.92:40028] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "letterstomyhusband.com"] [uri "/.env.local"] [unique_id "aTsBVXxLpuActihHj8kZZQAAAJM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-11 11:26:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 11 06:26:35.671613 2025] [security2:error] [pid 8526:tid 8526] [client 52.140.40.92:40948] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gavinnine.com"] [uri "/.env"] [unique_id "aTqqa-XQ4bZKiZAXJwXjYwAAACY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-10 17:55:41 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 10 12:54:55.214691 2025] [security2:error] [pid 19929:tid 19929] [client 52.140.40.92:35356] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mrgutierrezshow.com"] [uri "/.env"] [unique_id "aTmz72AapCMSXLWgY4e8kgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2025-12-10 14:09:21 (5 months ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 23:26:52 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 18:25:11.972555 2025] [security2:error] [pid 17857:tid 17857] [client 52.140.40.92:44808] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "g-drome.com"] [uri "/.env"] [unique_id "aTiv10Rd5AwCPGHx0JTjkAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 19:14:08 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 14:13:43.777622 2025] [security2:error] [pid 24238:tid 24238] [client 52.140.40.92:35062] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "busjadis.com"] [uri "/.env"] [unique_id "aTh05x8LM6fF9JGj5XygbwAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-12-08 11:25:14 (5 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-07 23:03:16 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 52.140.40.92 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 07 18:03:04.540419 2025] [security2:error] [pid 3747:tid 3747] [client 52.140.40.92:41536] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vccemail.net"] [uri "/.env.local"] [unique_id "aTYHqFpXQVOce_Zz-JN4WgAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 10dencehispahard SL	2025-11-21 07:55:26 (6 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇩🇪 Packets-Decreaser.NET	2025-09-13 17:27:38 (8 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇶🇦 2600:1900:4260:40e::126

🇻🇳 2405:4802:9175:b70:e1ae:907e:708:bfd7

🇩🇪 213.209.159.226

🇬🇧 193.32.209.238

🇮🇳 182.95.223.142

🇸🇦 154.205.134.214

🇨🇳 122.96.28.60

🇺🇸 20.163.33.220

🇬🇧 185.247.137.56

🇺🇸 159.223.131.0

🇦🇫 149.54.62.210

🇫🇮 147.185.133.156

🇨🇳 116.207.114.203

🇺🇸 45.79.8.221

🇯🇵 43.130.248.11

🇨🇳 220.162.198.142

🇺🇸 209.222.98.2

🇧🇷 200.101.139.194

🇺🇸 192.155.81.124

🇨🇭 179.43.146.227