Check an IP Address, Domain Name, Subnet, or ASN

40.124.175.131 was found in our database!

$ whois 40.124.175.131

country·🇺🇸 United States

city·San Antonio

isp·Microsoft Corporation

asn·AS8075

network·Standard

$ sikker risk 40.124.175.131scoring →

confidence

78%High

first_seen·Jan 21, 2026

last_seen·2h ago

first_reported·Mar 16, 2026

last_reported·21d ago

sessions·133

events·163

reports·1

$ sikker protocols 40.124.175.131

HTTPS

45 / 64

HTTP

10 / 14

SSH

8 / 12

SMTP

10 / 12

POSTGRES

10 / 10

IMAP

8 / 8

ELASTICSEARCH

8 / 8

SMB

6 / 7

FTP

6 / 6

SIP

5 / 5

TELNET

4 / 4

DOCKER

3 / 3 / 1r

MSSQL

3 / 3

MONGODB

3 / 3

RTSP

2 / 2

REDIS

2 / 2

$ sikker summary 40.124.175.131

40.124.175.131 has a threat confidence score of 78%. This IP address from United States (AS8075, Microsoft Corporation) has been observed in 133 honeypot sessions and reported 1 times targeting HTTPS, HTTP, SSH, SMTP, POSTGRES and 11 other protocols. First observed on January 21, 2026, most recently active April 6, 2026.

$ sikker behaviors 40.124.175.131catalog →

lowHttps Path Developmentserver Metadatauploader Probe2x

HTTPS request to /developmentserver/metadatauploader.

infoFtp Tls Upgrade1x

FTP session where the client issues AUTH TLS to upgrade the connection to Transport Layer Security. This reflects protocol-level encryption negotiation prior to further interaction.

infoHttp Bad Request Route Probe1x

Identifies HTTP GET requests directly targeting the /bad-request path, indicating automated or manual probing of application error-handling routes rather than legitimate navigation flow.

$ sikker primitives 40.124.175.131

elastic_http_get_request11 elastic_http_bad_request_path_probe7 docker_get_method3 elastic_root_path_probe2 sip_call_id_token_at_ip2 https_path_developmentserver_metadatauploader2 ftp_auth_tls1 http_method_get1 smtp_ehlo_greeting1 http_path_bad_request1 redis_mglndd_client_identifier_tag1

$ sikker reports 40.124.175.131submit →

Showing 1 of 1 report from 1 contributor

Reporter	Date	Category	Protocol	Comment
User	Mar 16, 2026, 04:31	Brute Force	DOCKER	SikkerGuard: 2 blocked packets

$ sikker related 40.124.175.131

Report IP WHOIS Lookup →

IP Address	Confidence	Events
20.46.225.117	79%	203
13.89.125.25	80%	162
20.168.122.83	87%	211
20.64.106.222	82%	181
40.119.33.98	85%	188

IP Address	Confidence	Events
18.116.101.220	100%	41,328
92.118.39.92	100%	110,576
64.62.156.222	100%	1,917
65.49.1.122	100%	1,808
66.132.195.109	99%	421