JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.102.222.24

20.102.222.24 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.102.222.24

Whois 20.102.222.24

IP Abuse Reports for 20.102.222.24:

This IP address has been reported a total of 13 times from 10 distinct sources. 20.102.222.24 was first reported on March 21st 2026, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-04-10 22:01:58 (2 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-09. show less	Web App Attack SSH Hacking
🇺🇸 TPI-Abuse	2026-04-10 00:27:16 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 20:27:10.928576 2026] [security2:error] [pid 3748455:tid 3748455] [client 20.102.222.24:24619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "correeo.gisur.com"] [uri "/.git/config"] [unique_id "adhD3j-uv_LCv4tzd8jBNQAAAAo"], referer: https://www.youtube.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-04-10 00:21:26 (2 months ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-201)	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-09 23:58:11 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 19:58:05.188771 2026] [security2:error] [pid 1256211:tid 1256211] [client 20.102.222.24:24901] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carboncreekwood.com"] [uri "/.git/config"] [unique_id "adg9DTwo1QY0rbO7w74OYAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-09 23:40:02 (2 months ago)	suspicious request in access.log	Web App Attack
🇧🇪 cmbplf	2026-04-09 23:35:22 (2 months ago)	999 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-09 23:18:49 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 19:18:44.187658 2026] [security2:error] [pid 1011724:tid 1011724] [client 20.102.222.24:24966] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jussetcotradinglimited.co"] [uri "/.git/config"] [unique_id "adgz1CiTOoG21VLwI8lzgAAAAAc"], referer: https://github.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 René Hickersberger	2026-04-09 21:26:12 (2 months ago)	[2026-04-09T21:26:12Z] Malicious request to /.git/config	Hacking Bad Web Bot Web App Attack
🇳🇿 Antinson	2026-04-09 21:22:28 (2 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-09 20:52:18 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.102.222.24 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 16:52:11.579864 2026] [security2:error] [pid 140118:tid 140189] [client 20.102.222.24:24902] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "3dfilament.com"] [uri "/.git/config"] [unique_id "adgRe8OTQjetUYEGGVFo5AAAApA"], referer: https://github.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-04-09 19:36:20 (2 months ago)	Multiple WAF Violations	Web App Attack
🇬🇧 OptimusGO	2026-03-24 05:53:10 (2 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-03-24 05:53:09 UTC Log evidence: 03/24/2026-05:53:09.075415 [] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 20.102.222.24:15428 -> 185.127.18.66:22 03/24/2026-05:53:09.075415 [] [1:2001219:20] ET SCAN Potential SSH Scan [] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 20.102.222.24:15428 -> 185.127.18.66:22 show less	Port Scan Brute-Force
🇩🇪 frej	2026-03-21 02:28:19 (2 months ago)	Brute force login attempt. Auto-banned after repeated failed authentication.	Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.151

🇺🇸 162.216.150.122

🇺🇸 146.88.241.168

🇬🇧 101.36.97.80

🇺🇸 91.230.168.236

🇳🇱 51.158.205.203

🇳🇱 45.198.224.138

🇺🇸 192.155.84.194

🇺🇸 165.154.173.204

🇹🇭 124.156.245.127

🇵🇰 103.198.154.214

🇷🇺 94.158.42.106

🇧🇬 91.191.209.118

🇱🇹 81.30.98.225

🇨🇭 45.39.7.216

🇬🇧 35.203.210.175

🇬🇧 35.203.210.145

🇧🇬 5.188.206.34

🇺🇸 172.234.199.93

🇺🇸 162.216.150.164