JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.127.0.104

20.127.0.104 was found in our database!

This IP was reported 466 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.127.0.104

Whois 20.127.0.104

IP Abuse Reports for 20.127.0.104:

This IP address has been reported a total of 466 times from 85 distinct sources. 20.127.0.104 was first reported on March 18th 2022, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-02-22 21:27:00 (1 year ago)	$f2bV_matches	Brute-Force
🇭🇺 HoneyPotEu	2024-01-31 20:39:09 (2 years ago)	20.127.0.104 [redacted] (8075-MICROSOFT-CORP-MSN-AS-BLOCK United States Tappahannock) - - [31/Jan/20 ... show more 20.127.0.104 [redacted] (8075-MICROSOFT-CORP-MSN-AS-BLOCK United States Tappahannock) - - [31/Jan/2024:21:37:08 +0100] "GET /.git/config HTTP/1.1" 404 118 "-" "python-requests/2.28.1" 20.127.0.104 ... show less	Bad Web Bot Web App Attack
🇩🇪 Savvii	2024-01-28 09:35:04 (2 years ago)	20 attempts against mh-misbehave-ban on munin-bak	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Savvii	2024-01-28 08:42:51 (2 years ago)	20 attempts against mh-misbehave-ban on web	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2024-01-17 20:46:55 (2 years ago)	(mod_security) mod_security triggered on hostname [redacted]): (CF_ENABLE)	SQL Injection
🇬🇧 SecondEdge	2024-01-17 16:47:31 (2 years ago)	A web attack was detected from 20.127.0.104 (United States / Virginia / Tappahannock) against 52.215 ... show more A web attack was detected from 20.127.0.104 (United States / Virginia / Tappahannock) against 52.215.230.232 (Admin,CGI-BIN,Git Variable Scan,PHPSQLAdmin,PHPUnit,Wordpress Admin) over 7s. show less	Web App Attack
🇳🇱 Savvii	2024-01-17 14:16:46 (2 years ago)	20 attempts against mh-misbehave-ban on star	Brute-Force Bad Web Bot Web App Attack
🇨🇦 JuicyJ	2024-01-17 14:13:13 (2 years ago)	probing	Web App Attack
Anonymous	2024-01-17 07:58:49 (2 years ago)	[Wed Jan 17 08:58:48.236813 2024] [authz_core:error] [pid 15625] [client 20.127.0.104:56633] AH01630 ... show more [Wed Jan 17 08:58:48.236813 2024] [authz_core:error] [pid 15625] [client 20.127.0.104:56633] AH01630: client denied by server configuration: /etc/httpd/htdocs [Wed Jan 17 08:58:48.426449 2024] [authz_core:error] [pid 25952] [client 20.127.0.104:56925] AH01630: client denied by server configuration: /etc/httpd/htdocs [Wed Jan 17 08:58:48.616418 2024] [authz_core:error] [pid 3710] [client 20.127.0.104:57165] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇨🇿 lp	2024-01-17 05:47:22 (2 years ago)	Bot webscan: 1 attempts were recorded from 20.127.0.104 localhost:80 +0100] "GET /vendor/phpunit/php ... show more Bot webscan: 1 attempts were recorded from 20.127.0.104 localhost:80 +0100] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 408 485 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36" show less	Port Scan
🇩🇪 maxxsense	2024-01-17 03:55:58 (2 years ago)	(mod_security) mod_security triggered on hostname [redacted] 20.127.0.104 (US/United States/-)	SQL Injection
🇩🇪 Bedios GmbH	2024-01-17 02:53:46 (2 years ago)	Login credentials theft attempt	Hacking
🇺🇸 TPI-Abuse	2024-01-17 02:13:19 (2 years ago)	(mod_security) mod_security (id:210492) triggered by 20.127.0.104 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.127.0.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jan 16 21:13:13.827840 2024] [security2:error] [pid 30863] [client 20.127.0.104:56093] [client 20.127.0.104] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.4"] [uri "/.env"] [unique_id "Zac3uVutHXH4FFtnkcMdsQAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 whitehoodie	2024-01-16 18:19:14 (2 years ago)	AUTOMATED REPORT: Tried to access .env file	Hacking Bad Web Bot Web App Attack
🇬🇧 Shadymint	2024-01-16 15:39:53 (2 years ago)	url probing from IP marked as abusive	Web App Attack

Showing 1 to 15 of 466 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.195.35.240

🇺🇦 77.52.212.182

🇨🇳 61.180.193.36

🇷🇺 188.170.76.248

🇵🇸 188.161.146.96

🇳🇱 176.65.149.236

🇺🇸 146.88.240.71

🇫🇷 146.70.194.246

🇨🇳 123.123.204.152

🇮🇳 103.146.233.187

🇨🇿 92.62.233.214

🇹🇷 78.174.68.119

🇮🇩 36.95.232.73

🇺🇸 13.220.39.244

🇷🇴 2.57.121.25

🇦🇷 190.181.99.141

🇮🇱 176.229.128.166

🇮🇩 163.7.6.41

🇮🇳 152.52.198.42

🇨🇳 101.201.155.141