JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.106.182.208

20.106.182.208 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 62%: ?

62%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.106.182.208

Whois 20.106.182.208

IP Abuse Reports for 20.106.182.208:

This IP address has been reported a total of 26 times from 22 distinct sources. 20.106.182.208 was first reported on April 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-06 23:57:20 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 jfz-abuse	2026-06-06 14:28:32 (1 week ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇩🇪 sigurg	2026-06-06 13:40:26 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇭🇺 whitehoodie	2026-06-06 13:16:35 (1 week ago)	AUTOMATED REPORT: Tried to access .env file	Hacking Bad Web Bot Web App Attack
🇵🇱 webadmin	2026-06-06 12:46:09 (1 week ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 12:45:22 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.106.182.208 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.106.182.208 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:45:19.692138 2026] [security2:error] [pid 27435:tid 27435] [client 20.106.182.208:52392] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.188"] [uri "/.git/config"] [unique_id "aiQWX1DhZvafHleGeacHTwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Mainpine	2026-06-06 12:31:10 (1 week ago)	probing for vulnerable web apps	Web App Attack
🇩🇪 Tamsy	2026-06-06 12:12:56 (1 week ago)	HTTPD - Web Application scripting attack	Web App Attack
🇹🇼 kk_it_man	2026-06-06 11:30:12 (1 week ago)		Port Scan
🇫🇷 dynamix	2026-06-06 10:44:26 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 knock	2026-06-06 10:17:15 (1 week ago)	Knock-Knock honeypot brute-force: proto8 (19 total hits)	Brute-Force
🇫🇷 ISPLtd	2026-06-06 09:04:05 (1 week ago)	Jun 6 06:04:04 20.106.182.208 TCP SPT=52504 DPT=2087 SYN Jun 6 06:04:04 20.106.182.208 TCP SPT=525 ... show more Jun 6 06:04:04 20.106.182.208 TCP SPT=52504 DPT=2087 SYN Jun 6 06:04:04 20.106.182.208 TCP SPT=52504 DPT=8443 SYN Jun 6 06:04:04 20.106.182.208 TCP SPT=52485 DPT=8080 ... show less	Port Scan
🇷🇸 Smel	2026-06-06 09:03:03 (1 week ago)	Unauthorized Probe/Connection, Hack -	Port Scan Hacking
🇩🇪 2048	2026-04-26 07:48:26 (1 month ago)	2026-04-26T09:48:23.919619+02:00 machodeer kernel: [131984.863913] [UFW BLOCK] IN=ens3 OUT= MAC=REDA ... show more 2026-04-26T09:48:23.919619+02:00 machodeer kernel: [131984.863913] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.106.182.208 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=43 ID=64074 DF PROTO=TCP SPT=17601 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-26T09:48:24.926372+02:00 machodeer kernel: [131985.870371] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.106.182.208 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=43 ID=64075 DF PROTO=TCP SPT=17601 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-26T09:48:25.950366+02:00 machodeer kernel: [131986.894710] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.106.182.208 DST=REDACTED LEN=60 TOS=0x08 PREC=0x20 TTL=43 ID=64076 DF PROTO=TCP SPT=17601 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇬🇧 sc user	2026-04-14 06:03:15 (2 months ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.207.55.165

🇩🇪 185.242.3.226

🇧🇷 179.98.168.69

🇺🇸 162.216.149.136

🇫🇮 147.185.133.48

🇺🇸 135.119.16.170

🇯🇵 133.18.110.227

🇸🇸 102.211.193.146

🇧🇬 79.124.60.146

🇺🇸 20.83.32.182

🇧🇷 205.210.31.167

🇨🇳 125.77.73.145

🇯🇵 124.18.182.99

🇺🇸 73.158.129.119

🇻🇳 27.79.45.134

🇬🇧 185.247.137.103

🇺🇸 168.100.149.230

🇭🇰 165.154.41.205

🇩🇪 164.92.129.176

🇮🇳 122.187.224.173