JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.102.95.50

20.102.95.50 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.102.95.50

Whois 20.102.95.50

IP Abuse Reports for 20.102.95.50:

This IP address has been reported a total of 30 times from 29 distinct sources. 20.102.95.50 was first reported on June 2nd 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 itabu	2026-06-04 09:00:21 (16 hours ago)	Malicious web scanner/bot detected.	Bad Web Bot Web App Attack
🇨🇦 Tanados	2026-06-04 06:09:25 (19 hours ago)	Blocked by UFW [9848/tcp] Source port: 50181 TTL: 235 Packet length: 40 TOS: 0x00 This report was g ... show more Blocked by UFW [9848/tcp] Source port: 50181 TTL: 235 Packet length: 40 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-04 05:37:49 (20 hours ago)	Jun 4 01:37:42 localhost kernel: [108896775.898755] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 4 01:37:42 localhost kernel: [108896775.898755] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.102.95.50 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x40 TTL=233 ID=61473 PROTO=TCP SPT=49861 DPT=7848 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 4 01:37:42 localhost kernel: [108896775.898784] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.102.95.50 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x40 TTL=233 ID=61473 PROTO=TCP SPT=49861 DPT=7848 SEQ=4197027575 ACK=0 WINDOW=1024 RES=0x00 SYN URGP=0 Jun 4 01:37:49 localhost kernel: [108896782.318357] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.102.95.50 DST=[mungedIP2] LEN=40 TOS=0x00 PREC=0x40 TTL=106 ID=1 DF PROTO=TCP SPT=49861 DPT=7848 WINDOW=0 RES=0x00 ACK RST URGP=0 Jun 4 01:37:49 localhost kernel: [108896782.318397] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.102.95.50 DST=[mungedIP2] LEN=40 TOS=0x00 show less	Port Scan
🇧🇪 sid3windr	2026-06-03 21:06:46 (1 day ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇨🇭 Kepler-1649c	2026-06-03 10:05:27 (1 day ago)	Detected Attack: Spring.Boot.Actuator.Unauthorized.Access	Hacking
🇺🇸 itabu	2026-06-03 09:00:05 (1 day ago)	Malicious web scanner/bot detected.	Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 07:17:14 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇮🇪 AutosOnShow	2026-06-03 06:52:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 06:51:37.530 \|	Web App Attack
Anonymous	2026-06-03 06:32:09 (1 day ago)	Honeypot hit: Empty payload (likely service probe); 2087 [4], 2086 [1], 2082 [1], 2083 [1] TCP Repor ... show more Honeypot hit: Empty payload (likely service probe); 2087 [4], 2086 [1], 2082 [1], 2083 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 kosada.com	2026-06-03 06:20:10 (1 day ago)	Web vulnerability probing: /.env.backup (bogus vhost/SNI)	Web App Attack
Anonymous	2026-06-03 06:17:00 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇹🇷 SeczarSecureOps	2026-06-03 06:13:28 (1 day ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (6 events in 10min) at 2026-06-03 06:13	Port Scan
🇩🇪 SCHAPPY	2026-06-03 06:03:31 (1 day ago)	Malicious activity from IP detected: crowdsecurity/http-sensitive-files.	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-03 05:42:05 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 20.102.95.50 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.102.95.50 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:41:59.757075 2026] [security2:error] [pid 944:tid 944] [client 20.102.95.50:4585] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.14"] [uri "/.git/config"] [unique_id "ah--p8M1LWR69yWu2uX9qgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC Blue Team	2026-06-03 05:26:09 (1 day ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.57

🇺🇸 192.178.119.144

🇬🇧 188.240.59.57

🇳🇱 185.226.197.47

🇷🇺 185.15.189.232

🇨🇦 184.151.88.27

🇱🇦 183.182.110.125

🇮🇳 182.95.103.74

🇺🇸 172.104.210.105

🇺🇸 162.216.150.79

🇿🇦 147.136.67.175

🇮🇩 125.163.248.121

🇨🇳 125.84.166.157

🇨🇳 123.160.174.95

🇻🇳 103.159.51.70

🇬🇧 5.226.140.93

🇷🇺 5.164.6.184

🇩🇪 213.209.159.11

🇹🇼 198.235.24.84

🇬🇧 195.206.182.215