JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.75.131.19

40.75.131.19 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 92%: ?

92%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.75.131.19

Whois 40.75.131.19

IP Abuse Reports for 40.75.131.19:

This IP address has been reported a total of 16 times from 16 distinct sources. 40.75.131.19 was first reported on June 3rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rellim.com	2026-06-03 20:08:40 (1 day ago)	Jun 2 23:47:12 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08 ... show more Jun 2 23:47:12 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=40.75.131.19 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=50959 DF PROTO=TCP SPT=42966 DPT=80 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 23:47:12 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=40.75.131.19 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=6660 DF PROTO=TCP SPT=42945 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 2 23:47:12 alice kernel: HACK IN=enp3s0 OUT=enp1s0f1 MAC=68:05:ca:2e:ce:bc:00:24:dc:78:a0:01:08:00 SRC=40.75.131.19 DST=204.17.205.254 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=34918 DF PROTO=TCP SPT=42947 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 08:17:41 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 40.75.131.19 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 40.75.131.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 04:17:37.421503 2026] [security2:error] [pid 6622:tid 6622] [client 40.75.131.19:42586] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.243"] [uri "/.git/config"] [unique_id "ah_jIf5FX4e2htBoCmAS4gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 nekopavel	2026-06-03 08:06:29 (2 days ago)	40.75.131.19 - - [03/Jun/2026:10:06:21 +0200]"GET /.git/config HTTP/1.1" 301 162"-" 78.69.8.25 "Mozi ... show more 40.75.131.19 - - [03/Jun/2026:10:06:21 +0200]"GET /.git/config HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36""0.000" "-""San Jose" "US" 40.75.131.19 - - [03/Jun/2026:10:06:25 +0200]"GET /.env.local HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36""0.000" "-""San Jose" "US" 40.75.131.19 - - [03/Jun/2026:10:06:26 +0200]"GET /.env.production HTTP/1.1" 301 162"-" 78.69.8.25 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36""0.000" "-""San Jose" "US" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-03 08:00:00 (2 days ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
Anonymous	2026-06-03 07:50:10 (2 days ago)	Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [1] TCP Reported by: https://gith ... show more Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇷 Version Net	2026-06-03 07:45:53 (2 days ago)	IPS Detection: Spring.Boot.Actuator.Unauthorized.Access	Hacking
🇫🇮 iamxorum	2026-06-03 07:40:59 (2 days ago)	2026-06-03T07:40:58.157014+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-06-03T07:40:58.157014+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=40.75.131.19 DST=46.62.222.43 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=53341 DF PROTO=TCP SPT=42388 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2026-06-03 07:39:26 (2 days ago)	B: f2b 404 5x	Web App Attack
🇺🇸 thororen	2026-06-03 07:03:19 (2 days ago)	Blocked by UFW [2087/tcp] Source port: 42311 TTL: 48 Packet length: 60 TOS: 0x00 This report was ge ... show more Blocked by UFW [2087/tcp] Source port: 42311 TTL: 48 Packet length: 60 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 webadmin	2026-06-03 06:20:23 (2 days ago)	Fail2Ban Cluster BAN	Brute-Force Web App Attack
🇺🇸 RAP	2026-06-03 05:21:43 (2 days ago)	2026-06-03 05:21:43 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 doll.gl	2026-06-03 05:18:39 (2 days ago)	40.75.131.19 - - [03/Jun/2026:05:18:38 +0000] "GET /wp-config.php HTTP/1.1" 200 281 "-" "Mozilla/5.0 ... show more 40.75.131.19 - - [03/Jun/2026:05:18:38 +0000] "GET /wp-config.php HTTP/1.1" 200 281 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" ... show less	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-03 04:55:54 (2 days ago)	Too many 404 requests [BY]	Web App Attack
Anonymous	2026-06-03 04:48:01 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 EGP Abuse Dept	2026-06-03 04:46:46 (2 days ago)	Scanning for web/db/file exploits on tpc-024.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 193.24.211.107

🇪🇬 41.33.91.226

🇺🇬 196.0.242.54

🇱🇹 81.30.98.44

🇺🇸 195.184.76.68

🇩🇪 178.104.240.0

🇻🇳 123.24.201.242

🇩🇪 155.117.127.214

🇦🇺 103.208.219.38

🇺🇸 52.205.141.124

🇵🇰 37.111.166.32

🇰🇷 222.108.147.76

🇷🇺 188.247.54.50

🇻🇳 123.28.65.254

🇸🇬 103.187.146.131

🇮🇩 202.145.0.18

🇧🇪 198.235.24.192

🇨🇲 165.210.33.197

🇦🇪 132.243.121.237

🇺🇸 72.253.251.7