JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.109.36.227

20.109.36.227 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.109.36.227

Whois 20.109.36.227

IP Abuse Reports for 20.109.36.227:

This IP address has been reported a total of 51 times from 39 distinct sources. 20.109.36.227 was first reported on July 17th 2025, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 GabrielJST	2026-06-14 20:08:36 (9 hours ago)	Port Scan detected from 20.109.36.227 (US/United States/-).	Port Scan
🇪🇸 tg_de	2026-06-14 19:07:11 (10 hours ago)	19 attempts since 14.06.2026 19:06:46 UTC - last search for: /___proxy_subdomain_whm/login/	Web App Attack
Anonymous	2026-06-14 18:28:03 (11 hours ago)	Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/201 ... show more Http Port:80 (http_status:403) - Agent:Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0 show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 18:06:22 (11 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.109.36.227 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.109.36.227 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:06:18.261056 2026] [security2:error] [pid 26074:tid 26074] [client 20.109.36.227:25363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.208"] [uri "/.git/HEAD"] [unique_id "ai7tmkmNsi3NoHCPcV70cQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-14 16:50:14 (12 hours ago)	tcp port scan (10 or more attempts)	Port Scan
🇺🇸 Axel	2026-06-14 16:05:39 (13 hours ago)	Blocked by UFW on MVI [2083/tcp] \| SPT: 26404 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2083/tcp] \| SPT: 26404 \| TTL: 49 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 MPL	2026-06-14 15:31:38 (14 hours ago)	tcp port scan (9 or more attempts)	Port Scan
🇨🇭 Kepler-1649c	2026-06-03 10:05:39 (1 week ago)	Detected Attack: HTPasswd.Access	Hacking
Anonymous	2026-06-03 08:00:00 (1 week ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇧🇷 SOC Blue Team	2026-06-03 03:25:59 (1 week ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇩🇪 roki.ovh	2026-06-03 03:04:55 (1 week ago)	20.109.36.227 - - [03/Jun/2026:05:04:52 +0200] "GET /server-status HTTP/1.1" 403 458 "-" "Mozilla/5. ... show more 20.109.36.227 - - [03/Jun/2026:05:04:52 +0200] "GET /server-status HTTP/1.1" 403 458 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Bad Web Bot
🇺🇸 RAP	2026-06-03 01:23:17 (1 week ago)	2026-06-03 01:23:17 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇦🇺 PetePK	2026-06-03 00:59:08 (1 week ago)	Probed 3 time(s): TCP/2087, TCP/8080, TCP/2086	Port Scan
🇫🇷 ✨	2026-06-03 00:51:08 (1 week ago)	Domain : appo11yon.com Rule : hack 2026-06-03 00:49:33 217.194.212.108 GET /.htpasswd - 80 - 20.109. ... show more Domain : appo11yon.com Rule : hack 2026-06-03 00:49:33 217.194.212.108 GET /.htpasswd - 80 - 20.109.36.227 HTTP/1.1 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 - 217.194.212.108 301 0 0 433 223 125 - - show less	Hacking SQL Injection Brute-Force
🇺🇸 RAP	2026-06-03 00:29:30 (1 week ago)	2026-06-03 00:29:30 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.49.145

🇻🇳 171.244.141.86

🇳🇱 52.174.67.71

🇸🇬 47.128.125.115

🇷🇴 2.57.121.25

🇰🇷 1.238.106.229

🇺🇸 184.105.139.85

🇷🇺 132.243.18.24

🇨🇳 129.211.222.151

🇳🇱 45.142.193.125

🇫🇷 37.65.55.144

🇧🇪 35.233.14.57

🇭🇰 34.92.62.8

🇹🇼 34.80.151.179

🇩🇪 8.211.43.106

🇧🇪 207.175.43.244

🇲🇾 202.184.145.225

🇺🇸 172.68.25.201

🇺🇸 135.237.98.149

🇻🇳 103.161.170.12