JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.106.49.2

20.106.49.2 was found in our database!

This IP was reported 5,937 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Hostname(s)	azpdcgqsf7oi.stretchoid.com
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.106.49.2

Whois 20.106.49.2

IP Abuse Reports for 20.106.49.2:

This IP address has been reported a total of 5,937 times from 449 distinct sources. 20.106.49.2 was first reported on May 11th 2025, and the most recent report was 23 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-05-23 14:16:43 (1 week ago)	tcp/5432	Port Scan
🇺🇸 MPL	2026-05-23 11:32:41 (1 week ago)	tcp/9200	Port Scan
🇺🇸 MPL	2026-05-23 10:03:56 (1 week ago)	tcp/443	Port Scan
🇺🇸 MPL	2026-05-23 09:32:25 (1 week ago)	tcp/7547	Port Scan
🇺🇸 gu-alvareza	2026-05-23 07:05:23 (1 week ago)	ZGrab.Scanner	Port Scan
🇺🇸 MPL	2026-05-23 06:16:31 (1 week ago)	tcp/20547	Port Scan
🇺🇸 MPL	2026-05-23 05:44:52 (1 week ago)	tcp/2087 (2 or more attempts)	Port Scan
🇯🇵 pixelboost.kr	2026-05-23 03:10:49 (1 week ago)	20.106.49.2 - - [23/May/2026:12:10:47 +0900] "GET / HTTP/1.1" 200 536 "-" "Mozilla/5.0 zgrab/0.x" .. ... show more 20.106.49.2 - - [23/May/2026:12:10:47 +0900] "GET / HTTP/1.1" 200 536 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Bad Web Bot Web App Attack
🇺🇸 MPL	2026-05-23 02:38:59 (1 week ago)	tcp/873	Port Scan
🇫🇷 EDSL	2026-05-23 00:27:08 (1 week ago)	[SRV-VPN1] Blocked by SysWarden Firewall (Port Scan / Probing)	Port Scan
🇩🇪 cheatmaster.store	2026-05-23 00:08:37 (1 week ago)	Automatic firewall detection. Attacker IP: 20.106.49.2 Country: US City: Des Moines ORG: AS8075 Mic ... show more Automatic firewall detection. Attacker IP: 20.106.49.2 Country: US City: Des Moines ORG: AS8075 Microsoft Corporation UFW LOGS: May 23 00:06:48 srv-23213 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=4a:63:06:71:79:3f:20:ed:47:e9:a1:42:08:00 SRC=20.106.49.2 DST=SERVER_IP_HIDDEN LEN=52 TOS=0x00 PREC=0x00 TTL=46 ID=47789 PROTO=TCP SPT=38839 DPT=9002 WINDOW=65535 RES=0x00 SYN URGP=0 Server IP hidden for privacy. Detected repeated unauthorized connection attempts and firewall blocks. show less	Port Scan Hacking Brute-Force SSH
🇦🇹 urnilxfgbez	2026-05-22 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-05-22 21:16:31 (1 week ago)	tcp/60001	Port Scan
🇸🇪 NordhTech	2026-05-22 20:45:27 (1 week ago)	More than 3 malicious connection attempts, trying port(s) 9030/tcp, then blocked from services ...	Port Scan Hacking
🇯🇵 mkaraki	2026-05-22 20:05:12 (1 week ago)	1779480311 # Service_probe # SIGNATURE_SEND # source_ip:20.106.49.2 # dst_port:9300 ...	Port Scan

Showing 226 to 240 of 5937 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 222.120.176.6

🇺🇸 132.255.133.29

🇮🇩 38.253.239.21

🇦🇿 213.154.20.206

🇪🇸 212.231.190.106

🇧🇷 205.210.31.145

🇳🇱 193.176.31.204

🇨🇳 180.76.172.156

🇺🇸 172.202.117.217

🇺🇸 172.98.33.13

🇳🇬 152.32.141.2

🇺🇸 132.255.133.234

🇺🇸 132.255.133.145

🇨🇳 101.126.54.167

🇺🇸 67.207.84.8

🇱🇹 45.227.254.170

🇳🇱 45.148.10.121

🇬🇧 35.203.210.104

🇬🇧 34.147.226.194

🇺🇸 34.145.157.171