JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.106.182.203

20.106.182.203 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 66%: ?

66%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.106.182.203

Whois 20.106.182.203

IP Abuse Reports for 20.106.182.203:

This IP address has been reported a total of 17 times from 16 distinct sources. 20.106.182.203 was first reported on June 2nd 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-03 00:08:16 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇧🇷 somosbr	2026-06-02 22:52:06 (2 weeks ago)	[2026-06-02T22:52:06Z] Unsolicited scan from 20.106.182.203 to port 2087/tcp	Port Scan
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 22:37:43 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.106.182.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.106.182.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:37:37.228758 2026] [security2:error] [pid 23544:tid 23544] [client 20.106.182.203:23596] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.92"] [uri "/.git/config"] [unique_id "ah9bMfOuXTQGAKDxNvX4EwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-02 22:19:19 (2 weeks ago)	2026-06-02 22:19:19 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 mnsf	2026-06-02 22:05:53 (2 weeks ago)	Too many Status 50X (15)	Brute-Force Web App Attack
🇳🇱 ipoac.nl	2026-06-02 22:01:56 (2 weeks ago)	ipoac.nl:80 20.106.182.203 - - [03/Jun/2026:00:01:55 +0200] 203.26.133.254 "GET /.git/HEAD HTTP/1.1" ... show more ipoac.nl:80 20.106.182.203 - - [03/Jun/2026:00:01:55 +0200] 203.26.133.254 "GET /.git/HEAD HTTP/1.1" 404 1679 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" show less	Bad Web Bot
🇫🇷 dynamix	2026-06-02 21:52:52 (2 weeks ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-02 21:24:29 (2 weeks ago)	20.106.182.203 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 ... show more 20.106.182.203 (US/United States/-), 5 distributed cpanel attacks on account [root] in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: [2026-06-02 15:24:17 -0600] info [whostmgrd] 74.235.117.101 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:20:08 -0600] info [whostmgrd] 52.176.18.39 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:19:55 -0600] info [whostmgrd] 52.176.18.39 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:23:28 -0600] info [whostmgrd] 20.106.182.203 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect [2026-06-02 15:23:49 -0600] info [whostmgrd] 20.106.182.203 - root "POST /login/?login_only=1 HTTP/1.1" FAILED LOGIN whostmgrd: user password incorrect IP Addresses Blocked: 74.235.117.101 (US/United States/-) 52.176.18.39 (US/United States/-) show less	Port Scan
🇺🇸 doll.gl	2026-06-02 21:00:41 (2 weeks ago)	20.106.182.203 - - [02/Jun/2026:21:00:40 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5 ... show more 20.106.182.203 - - [02/Jun/2026:21:00:40 +0000] "GET /wp-config.php HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" ... show less	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 20:05:12 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.106.182.203 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.106.182.203 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 16:05:06.342134 2026] [security2:error] [pid 31094:tid 31094] [client 20.106.182.203:21688] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.194"] [uri "/.git/config"] [unique_id "ah83cusSwHp-OeIhraUJ5AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-02 18:34:56 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇧🇾 lns.bz	2026-06-02 18:16:37 (2 weeks ago)	Too many 404 requests [BY]	Web App Attack
Anonymous	2026-06-02 18:15:01 (2 weeks ago)	suspicious request in access.log	Web App Attack
🇹🇷 Threat.live	2026-06-02 17:35:07 (2 weeks ago)	Threat.live: Web Scan	Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.140

🇨🇭 209.99.191.19

🇨🇳 125.76.228.194

🇺🇸 91.230.168.4

🇺🇸 65.49.1.114

🇸🇬 43.156.212.86

🇺🇸 2600:3c02::2000:dfff:fe4d:85a7

🇮🇳 2404:6800:4000:1000::12e

🇫🇮 94.183.234.205

🇨🇳 8.134.62.220

🇺🇸 4.18.125.130

🇹🇼 202.39.153.245

🇳🇱 176.65.148.197

🇵🇰 160.187.180.68

🇸🇬 119.74.30.85

🇨🇦 85.217.149.70

🇺🇸 18.218.118.203

🇫🇷 212.227.27.47

🇸🇰 185.48.249.170

🇳🇱 176.65.139.231