JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.76.239.38

40.76.239.38 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 79%: ?

79%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.76.239.38

Whois 40.76.239.38

IP Abuse Reports for 40.76.239.38:

This IP address has been reported a total of 27 times from 20 distinct sources. 40.76.239.38 was first reported on May 27th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-28 16:16:36 (1 day ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 Som1ght3n	2026-06-28 16:10:30 (1 day ago)	IP 40.76.239.38 attempted to access sensitive files like /.git/HEAD on my web server, indicating a w ... show more IP 40.76.239.38 attempted to access sensitive files like /.git/HEAD on my web server, indicating a web application attack or reconnaissance. show less	Hacking
🇺🇸 TPI-Abuse	2026-06-28 15:19:17 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 40.76.239.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 40.76.239.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 11:19:12.157758 2026] [security2:error] [pid 15546:tid 15546] [client 40.76.239.38:2688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.143"] [uri "/.git/HEAD"] [unique_id "akE7cAEXMo5ajuvid8rf5AAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-28 13:33:21 (1 day ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 anon333	2026-06-28 08:06:15 (2 days ago)	Invalid HTTP port 80 probes to server T0406	Hacking Exploited Host
🇩🇪 check-the-sum.fr	2026-06-28 06:04:05 (2 days ago)	Port Scanning	Port Scan
🇺🇸 TPI-Abuse	2026-06-28 04:50:28 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.76.239.38 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 40.76.239.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 00:50:16.358451 2026] [security2:error] [pid 1252:tid 1252] [client 40.76.239.38:2116] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.233"] [uri "/.git/HEAD"] [unique_id "akCoCPCAZJYHkHvCbrLlQgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 anon333	2026-06-28 04:35:53 (2 days ago)	Hacker syslog review 1782621352	Hacking
🇩🇪 bescared	2026-06-28 04:20:55 (2 days ago)	F2B - Malicious activity detected. Excessive port scans. -8ff06ede-	Port Scan
🇷🇸 Scan	2026-06-28 02:57:55 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 GreekCity	2026-06-16 17:27:40 (1 week ago)	[Tue Jun 16 12:27:40.164170 2026] [proxy_fcgi:error] [pid 2140473:tid 2140473] [client 40.76.239.38: ... show more [Tue Jun 16 12:27:40.164170 2026] [proxy_fcgi:error] [pid 2140473:tid 2140473] [client 40.76.239.38:45578] AH01071: Got error 'Primary script unknown' ... show less	Hacking
🇩🇪 MaxMeier	2026-06-16 14:50:33 (1 week ago)	40.76.239.38 - - [16/Jun/2026:16:49:31 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Wind ... show more 40.76.239.38 - - [16/Jun/2026:16:49:31 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 40.76.239.38 - - [16/Jun/2026:16:49:32 +0200] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 40.76.239.38 - - [16/Jun/2026:16:49:32 +0200] "GET /.git/logs/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 40.76.239.38 - - [16/Jun/2026:16:49:32 +0200] "GET /.git/refs/heads/master HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 40.76.239.38 - - [16/Jun/2026:16:49:32 +0200] "GET /.git/refs/heads/main HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firef ... show less	Bad Web Bot Web App Attack
🇺🇸 GreekCity	2026-06-16 12:27:40 (1 week ago)	bad-bot hacking for vulnerable links.	Hacking Exploited Host
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (3 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 Axel	2026-06-02 22:53:41 (3 weeks ago)	Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Se ... show more Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Server: UK-01 show less	Web App Attack Hacking SQL Injection

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 113.190.64.53

🇨🇳 112.248.115.194

🇨🇳 106.13.120.65

🇻🇳 103.249.117.117

🇮🇹 80.68.178.10

🇩🇪 69.5.169.229

🇺🇸 66.132.186.229

🇭🇰 45.142.154.99

🇲🇱 217.64.110.201

🇨🇦 209.50.188.39

🇮🇳 202.179.159.222

🇩🇪 202.61.233.105

🇹🇳 197.5.145.102

🇵🇱 195.3.220.7

🇧🇷 177.72.87.7

🇧🇷 177.38.71.226

🇺🇸 162.216.149.166

🇩🇪 142.93.165.186

🇧🇷 138.121.150.44

🇻🇳 123.20.43.217