JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 52.190.140.134

52.190.140.134 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 48%: ?

48%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 52.190.140.134

Whois 52.190.140.134

IP Abuse Reports for 52.190.140.134:

This IP address has been reported a total of 17 times from 15 distinct sources. 52.190.140.134 was first reported on August 19th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 Burayot	2026-06-04 17:26:53 (2 weeks ago)	LF_APACHE_403: 52.190.140.134 (US/United States/-), more than 10 Apache 403 hits in the last 3600 se ... show more LF_APACHE_403: 52.190.140.134 (US/United States/-), more than 10 Apache 403 hits in the last 3600 secs show less	Web App Attack
🇳🇱 Roderic	2026-06-04 17:13:27 (2 weeks ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇺🇸 kosada.com	2026-06-04 14:24:14 (2 weeks ago)	Web vulnerability probing: /.env.production (bogus vhost/SNI)	Web App Attack
🇫🇷 dynamix	2026-06-04 13:24:32 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 12:46:04 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 52.190.140.134 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 52.190.140.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 08:45:58.545238 2026] [security2:error] [pid 21728:tid 21728] [client 52.190.140.134:23758] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.77"] [uri "/.git/HEAD"] [unique_id "aiFzhgzaz1lwy-3Ti0LoJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 s@ch@	2026-06-04 12:45:01 (2 weeks ago)	Jail: plesk-modsecurity \| Web application attack (Plesk ModSecurity)	Web App Attack
🇯🇵 VXG-NET	2026-06-04 12:00:26 (2 weeks ago)	port=80, indicator_type=info-leak	Hacking
🇷🇸 Scan	2026-06-03 00:04:46 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-02 20:03:42 (2 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
🇬🇧 PeravixGroup	2026-06-02 17:05:02 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
Anonymous	2026-06-02 16:59:17 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇭🇰 sh97	2025-11-19 13:17:59 (7 months ago)	HK01-AK: SSH Brute Force from 52.190.140.134 at 2025-11-19 08:17:58 EST	Brute-Force SSH
🇨🇳 ThreatBook.io	2025-11-18 01:31:20 (7 months ago)	ThreatBook Intelligence: IDC,Spam more details on https://threatbook.io/ip/52.190.140.134 2025-11-17 ... show more ThreatBook Intelligence: IDC,Spam more details on https://threatbook.io/ip/52.190.140.134 2025-11-17 18:23:43 ["whoami"] 2025-11-17 18:23:52 ["ssh -V"] 2025-11-17 18:24:00 ["history \| tail -5"] 2025-11-17 18:24:16 ["pwd"] 2025-11-17 18:24:02 ["whoami"] 2025-11-17 18:23:53 ["whoami"] 2025-11-17 18:23:43 ["whoami"] show less	Brute-Force
🇭🇰 sh97	2025-11-17 10:23:56 (7 months ago)	HK01-AK: SSH Brute Force from 52.190.140.134 at 2025-11-17 05:23:52 EST	Brute-Force SSH
🇨🇳 ThreatBook.io	2025-09-24 01:16:09 (8 months ago)	ThreatBook Intelligence: IDC,Spam more details on https://threatbook.io/ip/52.190.140.134	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 2409:8754:9330:0:122:238:118:197

🇺🇸 216.25.89.139

🇫🇷 185.177.72.49

🇨🇳 182.44.116.87

🇷🇺 178.207.14.244

🇨🇳 119.249.100.239

🇪🇪 94.183.170.143

🇱🇹 77.90.185.249

🇺🇸 74.125.82.182

🇺🇸 74.125.82.179

🇺🇸 74.125.82.176

🇺🇸 74.125.82.175

🇧🇷 45.205.1.241

🇺🇸 2a04:c300:400::189

🇨🇳 220.181.108.176

🇨🇳 220.181.51.120

🇨🇴 200.10.29.235

🇵🇰 119.152.228.110

🇯🇴 86.108.70.216

🇱🇻 81.30.98.158