JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.76.239.35

40.76.239.35 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.76.239.35

Whois 40.76.239.35

IP Abuse Reports for 40.76.239.35:

This IP address has been reported a total of 29 times from 27 distinct sources. 40.76.239.35 was first reported on June 1st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 kosada.com	2026-06-03 06:03:40 (1 day ago)	Web vulnerability probing: /.DS_Store (bogus vhost/SNI)	Web App Attack
🇵🇱 webadmin	2026-06-03 05:32:11 (1 day ago)		Web App Attack
🇵🇱 mkey	2026-06-03 05:31:56 (1 day ago)	[First: 2026-06-02 23:17:06/single] HITS=1 Repeated suspicious IDS-detected activity; sample=Attempt ... show more [First: 2026-06-02 23:17:06/single] HITS=1 Repeated suspicious IDS-detected activity; sample=Attempting to connect to a forbidden port show less	Port Scan Hacking Web App Attack
Anonymous	2026-06-03 05:18:29 (1 day ago)	Tried our host z.	Port Scan Hacking Exploited Host
🇮🇪 AutosOnShow	2026-06-03 04:52:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 04:51:14.934 \|	Web App Attack
🇷🇸 Scan	2026-06-03 02:33:02 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 Honeypot-EU-Fru	2026-06-02 22:54:19 (2 days ago)	40.76.239.35 - - [redacted] [03/Jun/2026:00:54:17 +0200] "GET /.git/HEAD HTTP/1.1" 404 188 "-" "Mozi ... show more 40.76.239.35 - - [redacted] [03/Jun/2026:00:54:17 +0200] "GET /.git/HEAD HTTP/1.1" 404 188 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0 ... show less	Bad Web Bot Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 22:41:04 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.76.239.35 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 40.76.239.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:40:59.410223 2026] [security2:error] [pid 18938:tid 18938] [client 40.76.239.35:60518] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.188"] [uri "/.git/HEAD"] [unique_id "ah9b-8akC0VIRbdTgpnlKAAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-02 22:15:55 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: crowdsecurity/http-sensitive-files.	Bad Web Bot Web App Attack
🇩🇪 Roper123	2026-06-02 21:59:24 (2 days ago)	Web exploits	Web App Attack
🇺🇸 RAP	2026-06-02 21:53:38 (2 days ago)	2026-06-02 21:53:38 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇨🇭 zynex	2026-06-02 21:24:30 (2 days ago)	URL Probing: /wp-config.php	Web App Attack
🇺🇸 Choice Tech LLC	2026-06-02 20:45:02 (2 days ago)	Blocked by OPNsense firewall; 8 hits, proto=tcp, ports=2082,2083,2086,2087,443,80,8080,8443	Port Scan Hacking

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇼 198.235.24.77

🇺🇸 162.216.149.42

🇸🇬 103.134.154.138

🇺🇸 2a04:c606:409:94:9999::233

🇬🇧 213.166.84.36

🇳🇱 192.142.24.7

🇩🇪 151.243.11.248

🇮🇳 122.15.139.162

🇭🇰 118.193.36.63

🇨🇳 116.179.32.222

🇷🇴 93.114.194.159

🇺🇸 91.230.168.248

🇺🇸 91.230.168.121

🇺🇸 2607:d440:9999:2:9999::100

🇺🇸 216.244.66.239

🇺🇸 195.184.76.23

🇳🇱 176.65.139.11

🇯🇴 176.28.247.15

🇿🇦 105.245.112.153

🇱🇹 62.60.130.227