JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 40.81.42.183

40.81.42.183 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 40.81.42.183

Whois 40.81.42.183

IP Abuse Reports for 40.81.42.183:

This IP address has been reported a total of 10 times from 9 distinct sources. 40.81.42.183 was first reported on May 29th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇹🇼 kk_it_man	2026-06-10 13:10:12 (1 day ago)		Port Scan
🇺🇸 TPI-Abuse	2026-06-10 12:42:24 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 40.81.42.183 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 40.81.42.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 08:42:20.580039 2026] [security2:error] [pid 1145:tid 1145] [client 40.81.42.183:34760] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.35"] [uri "/.git/HEAD"] [unique_id "ailbrBnQ4YD6csr0f7P6egAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-10 12:29:28 (1 day ago)		Web App Attack
🇩🇪 acadeova	2026-06-10 12:22:00 (1 day ago)	🚨 Recon detected (nft drop) SRC=40.81.42.183 Observed=TCP dpt=2086 in=enp0s6 ttl=46 Time=recent(jour ... show more 🚨 Recon detected (nft drop) SRC=40.81.42.183 Observed=TCP dpt=2086 in=enp0s6 ttl=46 Time=recent(journalctl: 10 minutes ago) Assessment=Generic scanning / reconnaissance (PORT_SCAN) show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 10:07:45 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 40.81.42.183 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 40.81.42.183 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:07:39.768585 2026] [security2:error] [pid 16350:tid 16350] [client 40.81.42.183:34781] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.216\|F\|2"] [data ".php.bak"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.216"] [uri "/wp-config.php.bak"] [unique_id "aik3axTFBwuc6H7T28bmmQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 Host One	2026-06-10 10:00:03 (2 days ago)	Detected by T-Pot honeypot: behavioral attack detected	Port Scan SSH
🇺🇸 drewf.ink	2026-06-10 09:11:03 (2 days ago)	[09:11] Port scanning. Port(s) scanned: TCP/2087	Port Scan
🇨🇦 1gz	2026-06-06 07:39:35 (6 days ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/3 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: BLOCK Protocol: HTTP/3 (GET method) Endpoint: /server/670475f5 UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 Chrome/126 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 xmission.com	2026-05-29 19:37:30 (1 week ago)	Blocked by UFW (TCP on 8333) Source port: 19504 TTL: 115 Packet length: 40 TOS: 0x00 This report (f ... show more Blocked by UFW (TCP on 8333) Source port: 19504 TTL: 115 Packet length: 40 TOS: 0x00 This report (for 40.81.42.183) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 85.217.149.6

🇮🇹 172.213.140.80

🇩🇪 155.117.127.214

🇵🇰 137.59.225.74

🇮🇩 103.160.213.205

🇵🇱 95.214.53.157

🇨🇦 85.217.149.18

🇷🇴 80.94.92.167

🇧🇬 79.124.49.226

🇺🇸 74.7.243.205

🇬🇧 35.203.210.245

🇺🇸 2601:602:8700:c4e7:74ba:4abe:d8c1:7c4f

🇨🇳 203.32.69.183

🇧🇷 201.77.171.189

🇸🇬 185.200.116.72

🇮🇳 168.144.126.241

🇮🇩 103.165.206.238

🇨🇦 85.217.149.61

🇺🇸 66.132.195.27

🇳🇱 45.156.128.107