JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.82.128.123

40.82.128.123 was found in our database!

This IP was reported 40 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.82.128.123

Whois 40.82.128.123

IP Abuse Reports for 40.82.128.123:

This IP address has been reported a total of 40 times from 27 distinct sources. 40.82.128.123 was first reported on June 4th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-10 19:00:11 (3 hours ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇩🇪 FeG Deutschland	2026-06-10 17:29:16 (4 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇨🇿 akac	2026-06-10 10:01:26 (12 hours ago)	Web vulnerability scanning: HTTP/1.1 GET /wp-login.php	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-10 08:43:10 (13 hours ago)	(wordpress) Apache: Failed WordPress login from 40.82.128.123 (KR/South Korea/-): 10 in the last 360 ... show more (wordpress) Apache: Failed WordPress login from 40.82.128.123 (KR/South Korea/-): 10 in the last 3600 secs (0-197) show less	Hacking
🇩🇪 LRob.fr	2026-06-10 08:00:09 (14 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-06-10 07:54:12 (14 hours ago)	Blocked by CSF 13 firewall - Rule: WPLOGIN KR/South Korea/-	Web App Attack
🇫🇷 masterguru	2026-06-10 07:28:25 (14 hours ago)	WordPress: User enumeration. Pattern match "(author\\\\= (88030-193)	Hacking
🇩🇪 LRob.fr	2026-06-09 17:30:07 (1 day ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇧🇪 cmbplf	2026-06-09 17:04:43 (1 day ago)	2.077 requests from abuseipdb.com blacklisted IP (1yr2mos4d)	Brute-Force Bad Web Bot
🇩🇰 ScamAware	2026-06-09 12:55:27 (1 day ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: wp_login_probe (WordPres ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: wp_login_probe (WordPress login page probe (wp-login.php honeypot)). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: managed_challenge. Cloudflare source: botFight. Note: the WordPress login URL has been relocated on this site. Any request to /wp-login.php is a strong indicator of automated scanning or a targeted brute-force attack against the original login endpoin show less	Brute-Force Web App Attack
🇩🇪 bryth	2026-06-09 12:47:20 (1 day ago)	Wordpress login/xmlrpc abuse (Tue Jun 9 12:30:16 PM UTC 2026)	Hacking Web App Attack
🇺🇸 SodaAudit.app	2026-06-09 09:40:51 (1 day ago)	[sodaaudit.app] Web app attack. Timestamp: 2026-06-09T07:46:00.000Z. 1 probe events, 1 distinct path ... show more [sodaaudit.app] Web app attack. Timestamp: 2026-06-09T07:46:00.000Z. 1 probe events, 1 distinct path(s). Paths (payload): /wp-login.php show less	Web App Attack
🇬🇧 Mendip_Defender	2026-06-09 04:20:58 (1 day ago)	40.82.128.123 - - [09/Jun/2026:05:20:06 +0100] "GET /wp-admin/css/colors/ HTTP/1.1" 404 1066 "-" "Mo ... show more 40.82.128.123 - - [09/Jun/2026:05:20:06 +0100] "GET /wp-admin/css/colors/ HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 40.82.128.123 - - [09/Jun/2026:05:20:07 +0100] "GET /wp-admin/includes/ HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 40.82.128.123 - - [09/Jun/2026:05:20:54 +0100] "GET /wp-admin/css/ HTTP/1.1" 404 1066 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Hacking Web App Attack
🇺🇸 mnsf	2026-06-09 00:21:57 (1 day ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇬🇧 andypiper	2026-06-08 01:02:14 (2 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack

Showing 1 to 15 of 40 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 207.56.229.243

🇳🇱 161.35.95.214

🇺🇸 147.185.132.189

🇺🇸 91.230.168.149

🇨🇳 220.250.11.159

🇧🇷 205.210.31.207

🇧🇪 198.235.24.238

🇧🇪 198.235.24.198

🇺🇸 195.184.76.70

🇺🇸 138.197.16.14

🇸🇬 118.194.234.8

🇨🇳 111.113.88.187

🇨🇳 106.117.117.104

🇷🇴 92.118.39.62

🇺🇸 91.230.168.145

🇫🇷 75.119.132.109

🇺🇸 47.254.39.239

🇯🇵 20.78.0.33

🇨🇳 223.90.58.235

🇨🇳 223.74.89.58