JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.76.119.210

40.76.119.210 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.76.119.210

Whois 40.76.119.210

IP Abuse Reports for 40.76.119.210:

This IP address has been reported a total of 28 times from 24 distinct sources. 40.76.119.210 was first reported on July 22nd 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-15 13:35:52 (6 hours ago)	Spring.Boot.Actuator.Unauthorized.Access	Open Proxy
🇧🇷 SOC PR	2026-06-15 06:32:12 (13 hours ago)	IPS: WordPress Sensitive System Files Information Disclosure.	Hacking
Anonymous	2026-06-15 05:03:01 (15 hours ago)	Port Scan Attack.	Port Scan
🇺🇸 jfz-abuse	2026-06-15 04:37:39 (15 hours ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇹🇼 kk_it_man	2026-06-15 04:13:02 (16 hours ago)	ET WEB_SERVER WEB-PHP phpinfo access GPL WEB_SERVER .htpasswd access GPL WEB_SERVER 403 Forbidde ... show more ET WEB_SERVER WEB-PHP phpinfo access GPL WEB_SERVER .htpasswd access GPL WEB_SERVER 403 Forbidden show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-15 04:10:49 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:10:43.223579 2026] [security2:error] [pid 17289:tid 17289] [client 40.76.119.210:2357] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.199"] [uri "/.git/HEAD"] [unique_id "ai97Q3ljnhcziSFG8bZRZAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-15 03:15:03 (17 hours ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 ( ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 03:12:07 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 23:12:04.616331 2026] [security2:error] [pid 31204:tid 31204] [client 40.76.119.210:2279] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.122"] [uri "/.git/HEAD"] [unique_id "ai9thNrTAbVOWVGHF8cecQAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:40:15 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.76.119.210 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:40:10.653362 2026] [security2:error] [pid 31423:tid 31423] [client 40.76.119.210:3066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.218"] [uri "/.git/HEAD"] [unique_id "ai9mCtIwfo-cI6ecmeCQyQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Zydzy	2026-06-15 02:12:58 (18 hours ago)	Automated attack detected. Server: 95.140.154.181. Jail: nginx-exploit.	Web App Attack
🇺🇸 zwebvigil	2026-06-15 02:03:21 (18 hours ago)	40.76.119.210 [14/Jun/2026:19:03:16 -0700] "GET /.git/config HTTP/1.1" 401 381 "-" port=2698 "Mozil ... show more 40.76.119.210 [14/Jun/2026:19:03:16 -0700] "GET /.git/config HTTP/1.1" 401 381 "-" port=2698 "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" "-" "<ipaddr>" 666 40.76.119.210 [14/Jun/2026:19:03:17 -0700] "GET /.env.local HTTP/1.1" 401 381 "-" port=2692 "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" "-" "<ipaddr>" 384 40.76.119.210 [14/Jun/2026:19:03:17 -0700] "GET /.env.production HTTP/1.1" 401 381 "-" port=2281 "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" "-" "<ipaddr>" 549 40.76.119.210 [14/Jun/2026:19:03:18 -0700] "GET /.env.backup HTTP/1.1" 401 381 "-" port=2901 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 379 40.76.119. show less	Web App Attack
🇺🇸 Axel	2026-06-15 01:49:11 (18 hours ago)	Blocked by UFW on MVI [80/tcp] \| SPT: 1885 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com ... show more Blocked by UFW on MVI [80/tcp] \| SPT: 1885 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-15 01:36:04 (18 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 cwytech	2026-06-15 01:35:41 (18 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-sensitive-files.	Bad Web Bot Web App Attack
🇬🇧 djboddington	2026-06-15 01:31:51 (18 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 103.226.124.223

🇫🇷 91.196.152.104

🇮🇳 172.253.230.145

🇺🇸 162.216.150.51

🇫🇷 159.26.112.50

🇸🇬 147.93.157.252

🇰🇷 118.47.3.197

🇨🇳 106.75.25.139

🇷🇸 77.105.37.219

🇹🇭 49.229.102.187

🇳🇱 45.148.10.147

🇺🇸 135.119.88.104

🇵🇱 87.251.64.156

🇨🇳 60.29.128.122

🇦🇺 149.28.167.253

🇮🇩 103.169.207.201

🇨🇳 42.229.131.91

🇮🇪 207.254.71.129

🇺🇸 165.245.167.227

🇻🇳 121.200.216.55