JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.155.99.39

4.155.99.39 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 41%: ?

41%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.155.99.39

Whois 4.155.99.39

IP Abuse Reports for 4.155.99.39:

This IP address has been reported a total of 19 times from 15 distinct sources. 4.155.99.39 was first reported on April 2nd 2026, and the most recent report was 43 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 JPPO	2026-06-06 01:52:08 (43 minutes ago)	Multiport scan 8 ports : 80 443(x2) 2082 2083 2086 2087 8080 8443	Port Scan
🇺🇸 TPI-Abuse	2026-06-06 01:45:50 (50 minutes ago)	(mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 21:45:45.791301 2026] [security2:error] [pid 5553:tid 5604] [client 4.155.99.39:48800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.128"] [uri "/.git/HEAD"] [unique_id "aiN7yTeXGV6MvEAPrTCW7gAAAFg"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-06 00:28:56 (2 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-06 00:15:46 (2 hours ago)	fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/.git/H ... show more fail2ban_an apache-modsecurity [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [uri "/.git/HEAD"] show less	Bad Web Bot Web App Attack
🇳🇴 Bots.go.to.hell	2026-05-28 09:44:31 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-05-28 05:32:04 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 01:32:00.225933 2026] [security2:error] [pid 5114:tid 5114] [client 4.155.99.39:8192] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "tomi.djcommodore.com"] [uri "/.env"] [unique_id "ahfTULiqq0QCI7UJPcKMmQAAAA4"], referer: https://www.yahoo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-23 22:02:21 (1 month ago)	Web attack	Bad Web Bot Web App Attack
🇮🇱 spd.co.il	2026-04-08 01:01:29 (1 month ago)	Web application attack detected	Hacking Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-07 21:59:21 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-06. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-04-06 06:25:46 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 02:25:37.999454 2026] [security2:error] [pid 6576:tid 6576] [client 4.155.99.39:12076] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lizlemos.org"] [uri "/.git/config"] [unique_id "adNR4afmMpNSw8nlcQQZmAAAAAM"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 06:02:02 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 4.155.99.39 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 02:01:56.564938 2026] [security2:error] [pid 16603:tid 16615] [client 4.155.99.39:11846] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "yellowsunset.com.appraisalteam.net"] [uri "/.git/config"] [unique_id "adNMVO-kcVhKYnPyigtQlgAAAEI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 iNetWorker	2026-04-06 05:57:35 (1 month ago)	trolling for resource vulnerabilities	Web App Attack
🇩🇪 ghostwarriors	2026-04-06 04:50:47 (1 month ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WellSpring	2026-04-06 04:17:29 (1 month ago)	Automated probe detected by Ody Sentinel / WellSpr.ing. Type: generic_probe. Path: /@fs/etc/passwd. ... show more Automated probe detected by Ody Sentinel / WellSpr.ing. Type: generic_probe. Path: /@fs/etc/passwd. Auto-blocked after threshold exceeded. Dossier: https://wellspr.ing/dossier/sentinel-4-155-99-39 show less	Web App Attack
🇦🇺 clapper	2026-04-06 04:01:26 (1 month ago)	(mod_security) mod_security (id:949110) triggered by 4.155.99.39 (US/United States/-): 3 in the last ... show more (mod_security) mod_security (id:949110) triggered by 4.155.99.39 (US/United States/-): 3 in the last 3600 secs; ID: LUC show less	Brute-Force Bad Web Bot

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.175.199.114

🇬🇧 193.176.29.13

🇵🇰 119.73.0.31

🇰🇷 106.243.155.71

🇮🇳 103.54.101.248

🇨🇳 101.35.238.93

🇷🇺 95.165.68.145

🇫🇷 45.95.233.88

🇬🇧 35.203.210.83

🇹🇼 198.235.24.64

🇧🇷 187.126.105.42

🇨🇳 183.232.49.154

🇲🇴 182.93.7.194

🇸🇦 178.73.93.17

🇸🇬 173.244.42.10

🇨🇴 170.254.229.191

🇨🇳 123.163.114.93

🇫🇷 85.217.140.52

🇫🇷 85.217.140.9

🇧🇪 34.78.86.247