JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.176.139.88

52.176.139.88 was found in our database!

This IP was reported 273 times. Confidence of Abuse is 27%: ?

27%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.176.139.88

Whois 52.176.139.88

IP Abuse Reports for 52.176.139.88:

This IP address has been reported a total of 273 times from 156 distinct sources. 52.176.139.88 was first reported on November 4th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-21 07:00:56 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:07:00:51 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:07:00:51 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:07:00:51 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:07:00:51 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:07:00:52 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 06:43:35 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:06:43:32 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:06:43:33 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:06:43:33 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:06:43:33 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:06:43:33 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" show less	Port Scan
🇩🇪 ger-stg-sifi1	2026-05-21 06:22:32 (3 weeks ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇺🇸 TPI-Abuse	2026-05-21 05:17:43 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 52.176.139.88 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 52.176.139.88 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 01:17:38.466578 2026] [security2:error] [pid 22575:tid 22587] [client 52.176.139.88:28697] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "illianapartyrentals.com"] [uri "/config/.env"] [unique_id "ag6Vcg6_nzyM5NofTdL7NQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-21 04:06:31 (3 weeks ago)	(PERMBLOCK) 52.176.139.88 (US/United States/-) has had more than 4 temp blocks in the last 86400 sec ... show more (PERMBLOCK) 52.176.139.88 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs: show less	Port Scan
Anonymous	2026-05-21 03:20:54 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:20:49 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:20:49 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:20:49 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:20:49 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:20:49 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 03:06:03 (3 weeks ago)	Blocked: Reason='Suspicious traffic score=80 (review-based detection)'; Requests=13	Hacking
Anonymous	2026-05-21 03:01:16 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:01:12 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:01:12 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:01:12 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:01:12 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:03:01:12 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 02:45:23 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:45:22 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:45:23 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:45:23 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:45:23 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:45:23 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 02:14:50 (3 weeks ago)	(caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 52.176.139.88 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:01:25:48 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:01:25:48 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:01:25:48 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:14:49 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 52.176.139.88 - - [21/May/2026:02:14:49 +0000] "GET /.git/config HTTP/1.1" show less	Port Scan
🇹🇷 Threat.live	2026-04-25 14:30:02 (1 month ago)	Suspicious Connection Attempts	Brute-Force
🇷🇺 it.inpglobal.com	2026-04-25 12:56:21 (1 month ago)	$f2bV_matches	Brute-Force SSH
🇮🇳 Mr.Singh	2026-04-25 12:30:44 (1 month ago)	NFT blocked 52.176.139.88 on 25-Apr-2026..	Port Scan Brute-Force
🇳🇱 debestelapp	2026-04-12 16:20:08 (2 months ago)		Web App Attack
🇺🇸 interbiznw.com	2026-04-12 16:14:20 (2 months ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 273 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.172.226.253

🇨🇳 182.61.35.171

🇨🇳 106.117.110.61

🇳🇱 85.11.167.7

🇬🇧 82.18.25.200

🇷🇺 46.163.144.31

🇨🇴 45.65.233.18

🇺🇸 44.113.99.100

🇺🇸 20.80.72.204

🇨🇳 1.24.16.146

🇨🇳 221.11.5.56

🇨🇳 220.250.11.91

🇨🇳 203.76.241.18

🇦🇷 181.26.130.185

🇨🇳 180.213.44.242

🇨🇳 175.30.48.224

🇩🇪 165.227.159.13

🇮🇳 103.111.228.36

🇸🇬 86.48.11.124

🇺🇸 66.132.172.216