JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.106.197.7

20.106.197.7 was found in our database!

This IP was reported 6,391 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Hostname(s)	azpdeshh3fsz.stretchoid.com
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.106.197.7

Whois 20.106.197.7

IP Abuse Reports for 20.106.197.7:

This IP address has been reported a total of 6,391 times from 479 distinct sources. 20.106.197.7 was first reported on April 10th 2025, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-08 03:38:54 (3 hours ago)	tcp/5800 (2 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-08 01:35:04 (5 hours ago)	tcp/8008 (2 or more attempts)	Port Scan
🇦🇩 bakunin1848	2026-06-07 23:12:04 (7 hours ago)	Firewall IPS Detection on 08-06-2026 at 01:12:04	Port Scan Exploited Host
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (8 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-06-07 19:21:21 (11 hours ago)	tcp/20547	Port Scan
🇩🇪 iNetWorker	2026-06-07 19:21:07 (11 hours ago)	firewall-block, port(s): 5223/tcp	Port Scan
🇺🇸 MPL	2026-06-07 14:59:21 (15 hours ago)	tcp/31337	Port Scan
Anonymous	2026-06-07 14:20:12 (16 hours ago)	Blocked by UFW (TCP on 443) Source port: 39953 TTL: 32 Packet length: 52 TOS: 0x14 This report (for ... show more Blocked by UFW (TCP on 443) Source port: 39953 TTL: 32 Packet length: 52 TOS: 0x14 This report (for 20.106.197.7) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 itsnixk	2026-06-07 13:25:03 (17 hours ago)	(mod_security) mod_security (id:913100) triggered by 20.106.197.7 (US/United States/azpdeshh3fsz.str ... show more (mod_security) mod_security (id:913100) triggered by 20.106.197.7 (US/United States/azpdeshh3fsz.stretchoid.com): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 07 09:25:00.005173 2026] [security2:error] [pid 2409725:tid 2409841] [client 20.106.197.7:43848] ModSecurity: Access denied with code 406 (phase 1). Matched phrase "zgrab" at REQUEST_HEADERS:User-Agent. [file "/etc/modsecurity.d/REQUEST-913-SCANNER-DETECTION.conf"] [line "56"] [id "913100"] [msg "Found User-Agent associated with security scanner"] [redacted] [severity "CRITICAL"] [ver "OWASP_CRS/4.26.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-reputation-scanner"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/SCANNER-DETECTION"] [tag "capec/1000/118/224/541/310"] [redacted] [uri "/"] [unique_id "aiVxLMsHy0bdojJ8z8o_ZgAAAHE"] show less	Port Scan
🇺🇸 sefinek.net	2026-06-07 11:26:16 (19 hours ago)	Blocked by UFW on NY01 [427/tcp] \| SPT: 45159 \| TTL: 47 \| LEN: 52 \| TOS: 0x08 • Reported by: github. ... show more Blocked by UFW on NY01 [427/tcp] \| SPT: 45159 \| TTL: 47 \| LEN: 52 \| TOS: 0x08 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 mkaraki	2026-06-07 07:38:34 (23 hours ago)	1780817913 # Service_probe # SIGNATURE_SEND # source_ip:20.106.197.7 # dst_port:8888 ...	Port Scan
🇺🇸 drewf.ink	2026-06-07 04:42:26 (1 day ago)	[04:42] Port scanning. Port(s) scanned: TCP/20	Port Scan
🇩🇪 Yachiyo Runami	2026-06-07 03:57:36 (1 day ago)	Port Scan on Honeypot \| Ports: 3306/MySQL \| Proto: TCP(1) \| Flags: all SYN \| TTL: 47 \| Len: 52B \| Wi ... show more Port Scan on Honeypot \| Ports: 3306/MySQL \| Proto: TCP(1) \| Flags: all SYN \| TTL: 47 \| Len: 52B \| Win: 65535(1) \| rDNS: azpdeshh3fsz.stretchoid.com \| F2B/ufw-honeypot@2026-06-07T03:57:36Z show less	Port Scan Hacking
🇺🇸 MPL	2026-06-07 03:39:23 (1 day ago)	tcp/8040 (2 or more attempts)	Port Scan
🇺🇸 donarev419	2026-06-07 02:48:43 (1 day ago)	Port scan detected on port 81 (connection without data transfer)	Port Scan

Showing 1 to 15 of 6391 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 103.187.146.90

🇷🇺 80.69.186.68

🇧🇪 35.187.168.65

🇺🇦 188.191.236.60

🇲🇽 186.96.145.241

🇨🇳 180.153.236.23

🇦🇪 86.98.65.97

🇸🇬 45.74.17.53

🇺🇸 34.132.113.249

🇬🇧 2a06:4880:8000::9b

🇺🇸 2001:470:2cc:1::204

🇳🇱 193.176.31.206

🇰🇿 178.89.157.118

🇫🇷 155.117.233.15

🇺🇸 147.90.234.214

🇫🇷 91.196.152.91

🇬🇧 89.37.66.227

🇱🇹 81.30.98.158

🇺🇸 74.125.17.243

🇺🇸 64.62.156.155