JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 68.40.139.39

68.40.139.39 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 58%: ?

58%

ISP	Comcast Cable Communications, Inc.
Usage Type	Fixed Line ISP
ASN	AS7922
Hostname(s)	c-68-40-139-39.hsd1.mi.comcast.net
Domain Name	comcast.net
Country	🇺🇸 United States of America
City	Detroit, Michigan

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 68.40.139.39

Whois 68.40.139.39

IP Abuse Reports for 68.40.139.39:

This IP address has been reported a total of 175 times from 79 distinct sources. 68.40.139.39 was first reported on July 9th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mccsoft.io	2026-06-14 18:00:43 (1 day ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-13 23:13:08 (2 days ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇳🇿 Tripwire	2026-06-12 18:47:55 (3 days ago)	Probing for Wordpress - /xmlrpc.php	Brute-Force Web App Attack
🇫🇷 Feelautom	2026-06-11 17:51:25 (4 days ago)	[FeelAutom Auto-Ban] AI Analyst: Score 120/200 avec 6 tentatives POST sur /xmlrpc.php (PathScan) en ... show more [FeelAutom Auto-Ban] AI Analyst: Score 120/200 avec 6 tentatives POST sur /xmlrpc.php (PathScan) en moins de 3 secondes, comportement typique de brute force ou scan WordPress. (Score: 220) show less	Port Scan
🇬🇧 consul.to	2026-06-05 16:00:36 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 masterguru	2026-06-04 18:19:27 (1 week ago)	(xmlrpc) Failed xmlrpc access from 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.comcast.net ... show more (xmlrpc) Failed xmlrpc access from 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.comcast.net): 5 in the last 3600 secs (0-122) show less	Hacking
Anonymous	2026-05-25 16:59:19 (3 weeks ago)	Fail2ban filtered ...	Web App Attack
🇬🇧 spamverify.com	2026-05-24 18:59:45 (3 weeks ago)	Honeypot Hit: xmlrpc.php	Web Spam Blog Spam Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-05-16 18:24:58 (4 weeks ago)	Banned for trying to access xmlrpc [BY]	Web App Attack
🇫🇷 masterguru	2026-05-16 15:19:25 (4 weeks ago)	(xmlrpc) Apache: Failed xmlrpc access from 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.com ... show more (xmlrpc) Apache: Failed xmlrpc access from 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.comcast.net): 10 in the last 3600 secs (0-201) show less	Hacking
Anonymous	2026-05-13 16:12:32 (1 month ago)	Blocked by ModSec and CSF	Port Scan
🇺🇸 mnsf	2026-05-12 19:05:12 (1 month ago)	Xmlrpc Caught (6)	Brute-Force Web App Attack
🇨🇭 4server	2026-05-12 17:59:08 (1 month ago)	[TueMay1219:59:02.3289132026][security2:error][pid2870985:tid2871103][client68.40.139.39:0]ModSecuri ... show more [TueMay1219:59:02.3289132026][security2:error][pid2870985:tid2871103][client68.40.139.39:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"janus-advisory.ch\"][uri\"/xmlrpc.php\"][unique_id\"agNqZooKohu8EDOASOBkVgAAARE\"] show less	Hacking Web App Attack
🇨🇦 Paulo Henrique dos Santos Nichio	2026-05-09 19:50:22 (1 month ago)	(ls_brute) LiteSpeed Brute Force Attack 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.comcas ... show more (ls_brute) LiteSpeed Brute Force Attack 68.40.139.39 (US/United States/c-68-40-139-39.hsd1.mi.comcast.net): 3 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026-05-09 16:49:59.909111 [WARN] [312305] [T0] [68.40.139.39:54541-2#APVH_www.clinicaderecuperacaosp.com:443] Brute force detected for IP [68.40.139.39], throttle. 2026-05-09 16:50:07.916379 [WARN] [312305] [T0] [68.40.139.39:54541-3#APVH_www.clinicaderecuperacaosp.com:443] Brute force detected for IP [68.40.139.39], throttle. 2026-05-09 16:50:14.713643 [WARN] [312305] [T0] [68.40.139.39:54541-4#APVH_www.clinicaderecuperacaosp.com:443] Brute force detected for IP [68.40.139.39], throttle. show less	Port Scan
Anonymous	2026-05-07 23:04:13 (1 month ago)	68.40.139.39 - - [08/May/2026:01:01:47 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 ( ... show more 68.40.139.39 - - [08/May/2026:01:01:47 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36" 68.40.139.39 - - [08/May/2026:01:01:49 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/100.0.0.0 Safari/537.36" 68.40.139.39 - - [08/May/2026:01:03:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/91.0.0.0 Safari/537.36" 68.40.139.39 - - [08/May/2026:01:03:50 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Edge/91.0.0.0 Safari/537.36" 68.40.139.39 - - [08/May/2026:01:04:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (Windows NT 10.0; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 ... show less	Brute-Force Web App Attack

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 201.54.3.205

🇮🇳 171.61.19.182

🇮🇩 103.124.196.101

🇭🇰 65.181.88.245

🇫🇷 51.77.158.34

🇸🇪 46.59.122.78

🇧🇪 35.233.77.25

🇧🇷 179.174.157.27

🇧🇷 179.82.56.150

🇨🇳 171.114.226.209

🇺🇸 144.31.35.91

🇺🇸 143.20.253.35

🇵🇰 137.59.230.231

🇺🇸 104.37.184.165

🇿🇦 102.64.33.141

🇳🇱 91.92.40.7

🇸🇬 43.160.200.19

🇮🇳 223.237.128.243

🇨🇳 223.199.163.16

🇲🇳 180.149.125.232