JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.106.198.163

20.106.198.163 was found in our database!

This IP was reported 45 times. Confidence of Abuse is 75%: ?

75%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.106.198.163

Whois 20.106.198.163

IP Abuse Reports for 20.106.198.163:

This IP address has been reported a total of 45 times from 37 distinct sources. 20.106.198.163 was first reported on April 6th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC PR	2026-06-17 00:25:59 (1 week ago)	IPS: Sensitive Configuration File Disclosure.	Hacking
🇳🇱 maxxsense	2026-06-16 16:21:22 (1 week ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.106.198.163 (US/Unite ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.106.198.163 (US/United States/-) show less	Port Scan
🇫🇷 dynamix	2026-06-16 14:59:56 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Axel	2026-06-16 12:15:37 (1 week ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 28930 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 28930 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 wupinyin	2026-06-16 12:02:35 (1 week ago)	CrowdSec ban: ET WEB_SERVER WEB-PHP phpinfo access	Port Scan Hacking
🇺🇸 Axel	2026-06-13 11:20:11 (1 week ago)	Blocked by UFW on MVI [80/tcp] \| SPT: 59416 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.co ... show more Blocked by UFW on MVI [80/tcp] \| SPT: 59416 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 RAP	2026-06-13 09:46:36 (1 week ago)	2026-06-13 09:46:36 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
Anonymous	2026-06-10 21:04:41 (2 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 Hulk Smash	2026-06-10 21:03:58 (2 weeks ago)	Automated report, webserver-auth troll for exploits and/or SSH Attempts	Brute-Force Hacking
🇺🇸 Mark--	2026-06-10 20:48:09 (2 weeks ago)	Unauthorized connection attempt detected port 8080	Hacking
🇺🇸 MPL	2026-06-10 19:11:35 (2 weeks ago)	tcp port scan (16 or more attempts)	Port Scan
🇳🇴 jad-abuse	2026-06-10 15:59:55 (2 weeks ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Signatures: git_exposure, env_probe, config_backup, aws_creds, server_status, actuator. Observed by 1 sensor(s); 44 hits. show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 15:54:46 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.106.198.163 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 20.106.198.163 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 11:54:41.566678 2026] [security2:error] [pid 28206:tid 28206] [client 20.106.198.163:34915] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.27"] [uri "/.git/HEAD"] [unique_id "aimIwS7HjwdH_h9_DyyudgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Starburst SysOp Team	2026-06-10 15:49:55 (2 weeks ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-5)	Hacking Bad Web Bot
🇩🇪 EnthecSolutions	2026-05-25 14:00:30 (1 month ago)	Detected by Enthec Solutions. \| Attempts: 357 in 24h \| Target port: 22	Brute-Force SSH

Showing 1 to 15 of 45 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 186.125.243.14

🇫🇮 178.20.210.152

🇺🇸 162.216.150.60

🇰🇷 110.14.190.221

🇺🇸 104.152.52.239

🇺🇸 104.152.52.238

🇺🇸 104.152.52.137

🇺🇸 104.152.52.58

🇵🇰 103.170.179.20

🇳🇱 89.21.67.141

🇫🇷 85.217.140.24

🇺🇸 64.62.156.38

🇫🇷 45.63.115.177

🇺🇸 43.162.89.43

🇸🇬 152.69.214.153

🇺🇸 104.152.52.242

🇺🇸 104.152.52.220

🇺🇸 104.152.52.109

🇫🇷 91.196.152.109

🇫🇷 85.217.140.44