JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.119.78.148

20.119.78.148 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 86%: ?

86%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.119.78.148

Whois 20.119.78.148

IP Abuse Reports for 20.119.78.148:

This IP address has been reported a total of 25 times from 20 distinct sources. 20.119.78.148 was first reported on April 9th 2026, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-15 04:46:37 (59 minutes ago)	(mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 00:46:29.080488 2026] [security2:error] [pid 18589:tid 18589] [client 20.119.78.148:1784] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.28"] [uri "/.git/config"] [unique_id "ai-DpYvZGqa0XFEiCzDdqgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇰 sandra361	2026-06-15 04:12:22 (1 hour ago)	Port scan detected: 5 attempts across 5 ports (2077,2083,2086,2095,443). \| Evidence: GHOST_SCAN: IN= ... show more Port scan detected: 5 attempts across 5 ports (2077,2083,2086,2095,443). \| Evidence: GHOST_SCAN: IN=eth0 SRC=20.119.78.148 LEN=60 TOS=0x14 PREC=0x00 TTL=40 ID=34039 DF PROTO=TCP SPT=1270 DPT=2077 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇹🇭 Sawasdee	2026-06-15 03:54:08 (1 hour ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇧🇷 SOC Blue Team	2026-06-15 03:26:07 (2 hours ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 Axel	2026-06-15 03:20:59 (2 hours ago)	Blocked by UFW on MVI [2087/tcp] \| SPT: 1225 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [2087/tcp] \| SPT: 1225 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-15 02:40:37 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:40:29.949352 2026] [security2:error] [pid 5686:tid 5686] [client 20.119.78.148:1157] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.163"] [uri "/.env.backup"] [unique_id "ai9mHQF5q_Wr20UKABC0pAAAAGo"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-15 02:21:20 (3 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-15 02:19:42 (3 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:19:36.426224 2026] [security2:error] [pid 13054:tid 13054] [client 20.119.78.148:1260] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.4"] [uri "/.git/HEAD"] [unique_id "ai9hOAAG3xCPyVZXzHNZdwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-15 02:02:42 (3 hours ago)	tcp ports: 443,2087 (2 or more attempts)	Port Scan
🇷🇸 Smel	2026-06-15 01:30:09 (4 hours ago)	MH/MP Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-07 00:43:35 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-06 13:41:48 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.119.78.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 09:41:41.293351 2026] [security2:error] [pid 28053:tid 28053] [client 20.119.78.148:29190] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.6"] [uri "/.git/HEAD"] [unique_id "aiQjldoLLHaiW2SZ-RimtAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 12:22:36 (1 week ago)	apache vulnerability scan	Web App Attack
🇺🇸 RAP	2026-06-06 12:07:14 (1 week ago)	2026-06-06 12:07:14 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 aks4226	2026-06-06 11:42:56 (1 week ago)	Bot search, attacking common web applications.	Web App Attack

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.125

🇨🇳 159.75.115.184

🇮🇹 158.173.77.35

🇫🇷 75.119.130.133

🇫🇷 51.68.34.131

🇪🇬 41.128.181.199

🇸🇬 34.21.142.214

🇺🇸 20.55.87.129

🇮🇹 5.77.85.148

🇰🇷 211.253.37.225

🇱🇹 193.187.115.120

🇸🇬 192.161.55.151

🇧🇷 187.58.66.231

🇮🇹 158.173.77.29

🇭🇰 152.32.172.177

🇯🇵 123.222.108.7

🇺🇸 107.150.110.170

🇩🇪 91.98.134.147

🇳🇱 45.148.10.151

🇺🇸 216.218.206.87