JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.82.202.121

40.82.202.121 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 81%: ?

81%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.82.202.121

Whois 40.82.202.121

IP Abuse Reports for 40.82.202.121:

This IP address has been reported a total of 21 times from 15 distinct sources. 40.82.202.121 was first reported on June 3rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 sailor	2026-06-05 17:11:00 (1 day ago)	Unauthorized GET .../.env	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-05 11:57:23 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:57:16.894080 2026] [security2:error] [pid 2932:tid 2932] [client 40.82.202.121:50895] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.net"] [uri "/thesurfatcocoabeach/.env"] [unique_id "aiK5nF6b7Y4I1FEReWXHuAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 nzhost.co.nz	2026-06-05 11:11:32 (2 days ago)	$f2bV_matches	Hacking Brute-Force
🇩🇪 Vegascosmetics	2026-06-05 06:50:22 (2 days ago)	Kingcopy(AI-IDS) Report: IP automatically blocked after attack pattern. Vegas Security System	Hacking Brute-Force
🇩🇪 FeG Deutschland	2026-06-05 06:16:35 (2 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 03:33:10 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 23:33:04.106904 2026] [security2:error] [pid 24231:tid 24231] [client 40.82.202.121:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ccamp.dev"] [uri "/.env"] [unique_id "aiJDcKWZb-JHDvGEj5vbBAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Ba-Yu	2026-06-04 23:47:01 (2 days ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 19:48:28 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 15:48:24.438512 2026] [security2:error] [pid 6906:tid 6906] [client 40.82.202.121:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "eddysgroup.com"] [uri "/.env"] [unique_id "aiHWiAZPL4X5VBwSeag25QAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 conseilgouz	2026-06-04 14:44:43 (3 days ago)	ave-17 : Block hidden directories=>/.env(/)	Hacking
🇵🇱 sefinek.net	2026-06-04 13:27:10 (3 days ago)	Triggered Cloudflare WAF (firewallCustom) from AU. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoi ... show more Triggered Cloudflare WAF (firewallCustom) from AU. Action: BLOCK \| Protocol: HTTP/1.1 (GET) \| Endpoint: /.env \| UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇫🇷 Savoie	2026-06-04 08:46:00 (3 days ago)	40.82.202.121 *.* - [04/Jun/2026:10:46:07 +0200] "GET /_profiler/phpinfo HTTP/1.1" 302 250 "-" " ... show more 40.82.202.121 *.* - [04/Jun/2026:10:46:07 +0200] "GET /_profiler/phpinfo HTTP/1.1" 302 250 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" AND : GET /phpinfo.php HTTP/1.1 GET /phpinfo HTTP/1.1 GET /info.php HTTP/1.1 GET /php-info.php HTTP/1.1 GET /phpinfoposmeta.php HTTP/1.1 etc. show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 07:27:47 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 03:27:43.755047 2026] [security2:error] [pid 2825:tid 2825] [client 40.82.202.121:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/.env"] [unique_id "aiEo7_Y1Xb6-VYilGEYPLwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-06-04 05:37:32 (3 days ago)	Triggered Cloudflare WAF (firewallManaged) from AU. Action taken: BLOCK Protocol: HTTP/1.1 (GET meth ... show more Triggered Cloudflare WAF (firewallManaged) from AU. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /.env UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇰 ScamAware	2026-06-04 04:58:58 (3 days ago)	Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensiti ... show more Detected by Cloudflare Security Events via WordPress automation. Detection: sensitive_files (Sensitive files, source control, config, and backups). Hits from same IP in last 60 minutes: 1. Unique request paths counted internally: 1. Cloudflare action: block. Cloudflare source: firewallCustom. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-04 01:59:18 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 40.82.202.121 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 21:59:13.083562 2026] [security2:error] [pid 24098:tid 24098] [client 40.82.202.121:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "easy-byte.net"] [uri "/.env"] [unique_id "aiDb8e24qHUcdBX5GCAZbgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 113.175.118.1

🇺🇸 104.129.205.183

🇳🇱 45.148.10.157

🇬🇧 35.203.211.69

🇿🇦 2c0f:fb50:4001:1::128

🇳🇱 204.76.203.221

🇳🇱 204.76.203.212

🇨🇭 176.65.144.48

🇧🇪 85.201.9.56

🇺🇸 15.204.95.90

🇺🇸 3.144.161.20

🇳🇱 204.76.203.213

🇺🇸 198.74.58.148

🇬🇭 197.159.141.110

🇬🇭 196.61.36.98

🇬🇧 141.136.43.123

🇬🇷 94.70.195.157

🇳🇱 45.148.10.152

🇨🇳 221.232.16.140

🇩🇪 213.209.159.228