JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.109.174.232

20.109.174.232 was found in our database!

This IP was reported 470 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Moses Lake, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.109.174.232

Whois 20.109.174.232

IP Abuse Reports for 20.109.174.232:

This IP address has been reported a total of 470 times from 100 distinct sources. 20.109.174.232 was first reported on October 29th 2021, and the most recent report was 4 years ago.

Old Reports: The most recent abuse report for this IP address is from 4 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 barbarella	2022-02-08 21:29:45 (4 years ago)	Multiple (3) times attack on https port 443: Configuration snooping in .env file (GET /.env) 16:29 ... show more Multiple (3) times attack on https port 443: Configuration snooping in .env file (GET /.env) 16:29:46 Configuration snooping in .env file (GET /.env) 16:29:52 unauthorized access PHPunit framework files (GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php) show less	Hacking Web App Attack
🇬🇧 CrystalMaker	2022-02-08 11:06:56 (4 years ago)	Vulnerability scan - GET /.env; POST /	Hacking
🇩🇪 sdos.es	2022-02-08 01:49:05 (4 years ago)	"Restricted File Access Attempt - Matched Data: /.env found within REQUEST_FILENAME: /.env"	Web App Attack
🇸🇬 nyclee.net	2022-02-08 00:48:58 (4 years ago)	WebApp Attack	Brute-Force Web App Attack
🇮🇹 SaltySoftworks	2022-02-08 00:16:20 (4 years ago)	Connecting to IP instead of domain name	Hacking Web App Attack
🇮🇪 Jim Keir	2022-02-07 23:55:35 (4 years ago)	2022-02-08 04:55:35 20.109.174.232 File scanning, blocking 20.109.174.232 for 5 minutes	Web App Attack
🇲🇾 syokadmin	2022-02-07 21:42:34 (4 years ago)	(mod_security) mod_security (id:210492) triggered by 20.109.174.232 (US/United States/-): 1 in the l ... show more (mod_security) mod_security (id:210492) triggered by 20.109.174.232 (US/United States/-): 1 in the last 3600 secs show less	Brute-Force
🇵🇱 kolya	2022-02-07 20:14:13 (4 years ago)	[08/02/2022 01:14:13] Unauthorized connection attempt to port 80, server 98ca3b5a.	Port Scan
🇩🇪 IP Analyzer	2022-02-07 17:00:49 (4 years ago)	Unauthorized connection attempt from IP address 20.109.174.232 on Port 80	Port Scan
🇺🇸 ut-addicted.com	2022-02-07 16:37:03 (4 years ago)	\[Mon Feb 07 22:37:01.293910 2022\] \[:error\] \[pid 21877:tid 139915289380608\] \[client 20.109.174 ... show more \[Mon Feb 07 22:37:01.293910 2022\] \[:error\] \[pid 21877:tid 139915289380608\] \[client 20.109.174.232:1792\] \[client 20.109.174.232\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.env"\] \[unique_id "YgGQ-dDT83le7hRClejYqQAAAMw"\] show less	Brute-Force Web App Attack
Anonymous	2022-02-07 13:09:16 (4 years ago)	Invalid POST request	Hacking
🇮🇹 LTM	2022-02-07 08:53:34 (4 years ago)	Common Web Attacks	Port Scan Hacking Web App Attack
🇫🇷 QUADEMU Abuse Dpt	2022-02-07 07:34:38 (4 years ago)	Noxious/Nuisible/вредоносный Host.	Port Scan Brute-Force
🇵🇱 kolya	2022-02-07 07:27:29 (4 years ago)	[07/02/2022 12:27:29] Unauthorized connection attempt to port 80, server 9a0b801d.	Port Scan
🇨🇿 0x44	2022-02-07 05:37:47 (4 years ago)	20.109.174.232 [07/Feb/2022 Spam host detected, attacker try to exploit known vulnerabilities] ...	Web Spam Exploited Host Web App Attack

Showing 1 to 15 of 470 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 190.92.220.192

🇳🇱 178.16.54.22

🇺🇸 148.72.22.85

🇩🇪 69.5.169.46

🇺🇸 64.62.197.109

🇳🇱 45.148.10.147

🇨🇳 1.192.61.19

🇬🇧 2a06:4880:4000::60

🇬🇧 144.126.202.209

🇺🇸 107.150.105.153

🇩🇪 69.5.169.154

🇧🇷 45.178.227.0

🇺🇸 20.15.162.204

🇩🇪 202.71.141.170

🇸🇬 124.243.187.249

🇵🇭 112.209.183.55

🇺🇸 96.78.175.41

🇭🇰 20.205.97.67

🇺🇸 20.127.185.37

🇫🇷 185.255.126.76