JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.109.95.165

20.109.95.165 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 56%: ?

56%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.109.95.165

Whois 20.109.95.165

IP Abuse Reports for 20.109.95.165:

This IP address has been reported a total of 17 times from 14 distinct sources. 20.109.95.165 was first reported on July 31st 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-13 22:45:00 (3 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇧🇷 RafaLeardi	2026-06-13 18:05:52 (4 days ago)	Leardi-Servers Firewall: M(106.1) Port_Scanner	Port Scan
🇺🇸 RAP	2026-06-13 01:57:22 (4 days ago)	2026-06-13 01:57:22 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 Axel	2026-06-13 00:50:49 (4 days ago)	Blocked by UFW on MVI [9000/tcp] \| SPT: 63488 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [9000/tcp] \| SPT: 63488 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 Threat.live	2026-06-13 00:40:02 (4 days ago)	Suspicious Connection Attempts	Brute-Force
🇷🇸 Scan	2026-06-13 00:14:46 (4 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-12 23:55:48 (4 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇬🇧 NotCool	2026-06-12 23:42:18 (4 days ago)	[3600] Port Scan detected from 20.109.95.165 (US/United States/-). 11 hits in the last 126 seconds	Brute-Force
🇯🇵 jay hung	2026-06-12 06:48:26 (5 days ago)	2026-06-12T06:48:25.781170+00:00 quarktech kernel: [1081748.680843] [UFW BLOCK] IN=eth0 OUT= MAC=22: ... show more 2026-06-12T06:48:25.781170+00:00 quarktech kernel: [1081748.680843] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=20.109.95.165 DST=172.237.20.248 LEN=40 TOS=0x00 PREC=0x00 TTL=37 ID=0 DF PROTO=TCP SPT=51252 DPT=443 WINDOW=0 RES=0x00 RST URGP=0 ... show less	Port Scan
🇺🇸 Rayulcifer	2026-04-06 19:28:10 (2 months ago)	20.109.95.165 - - [06/Apr/2026:14:28:05 -0500] "CONNECT cryptauth.net:443:443 HTTP/1.1" 400 392 "-" ... show more 20.109.95.165 - - [06/Apr/2026:14:28:05 -0500] "CONNECT cryptauth.net:443:443 HTTP/1.1" 400 392 "-" "-" 20.109.95.165 - - [06/Apr/2026:14:28:09 -0500] "CONNECT cryptauth.net:443:443 HTTP/1.1" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇬🇧 2048	2026-04-06 13:26:15 (2 months ago)	2026-04-06T14:26:12.633860+01:00 machodeer kernel: [3738792.256730] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-04-06T14:26:12.633860+01:00 machodeer kernel: [3738792.256730] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.109.95.165 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=36147 DF PROTO=TCP SPT=27528 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-06T14:26:13.649893+01:00 machodeer kernel: [3738793.272462] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.109.95.165 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=36148 DF PROTO=TCP SPT=27528 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-06T14:26:14.673801+01:00 machodeer kernel: [3738794.296498] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.109.95.165 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=36149 DF PROTO=TCP SPT=27528 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 Rayulcifer	2026-03-31 18:42:43 (2 months ago)	20.109.95.165 - - [31/Mar/2026:13:39:23 -0500] "CONNECT graph.vshield.pro:443:443 HTTP/1.1" 400 392 ... show more 20.109.95.165 - - [31/Mar/2026:13:39:23 -0500] "CONNECT graph.vshield.pro:443:443 HTTP/1.1" 400 392 "-" "-" 20.109.95.165 - - [31/Mar/2026:13:42:42 -0500] "CONNECT xhanger.co:443:443 HTTP/1.1" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇮🇩 sockominfo	2026-02-05 15:00:03 (4 months ago)	Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 ( ... show more Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 3.8/10 (LOW). CVSS: 2.7/10 (Low). Bayesian: 40%. MITRE: T1016. Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-05 14:00:20 (4 months ago)	Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 0/10 (INFORMATIONAL). Report ... show more Suspicious user agent detected Python/3.9 aiohttp/3.10.6. Threat Score: 0/10 (INFORMATIONAL). Reported by TangerangKota-CSIRT show less	Hacking Web App Attack
🇺🇸 Rayulcifer	2025-10-08 05:32:13 (8 months ago)	20.109.95.165 - - [08/Oct/2025:00:29:37 -0500] "CONNECT cfcybernews.eu:443:443 HTTP/1.1" 400 492 "-" ... show more 20.109.95.165 - - [08/Oct/2025:00:29:37 -0500] "CONNECT cfcybernews.eu:443:443 HTTP/1.1" 400 492 "-" "-" 20.109.95.165 - - [08/Oct/2025:00:32:12 -0500] "CONNECT cfcybernews.eu:443:443 HTTP/1.1" 400 492 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇪 155.4.245.222

🇳🇱 91.92.40.5

🇺🇸 18.218.234.48

🇺🇸 205.210.31.98

🇺🇸 198.98.56.227

🇨🇳 182.112.44.187

🇺🇸 107.195.107.156

🇺🇸 91.230.168.8

🇳🇱 45.198.224.5

🇳🇱 45.148.10.141

🇧🇷 205.210.31.251

🇵🇱 194.180.48.253

🇺🇸 193.34.72.170

🇸🇪 192.178.93.158

🇺🇸 172.172.196.177

🇺🇸 162.216.150.118

🇰🇷 112.216.129.27

🇷🇴 80.94.92.187

🇺🇸 66.132.172.125

🇩🇴 45.172.152.74