JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.15.228.215

20.15.228.215 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 70%: ?

70%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.15.228.215

Whois 20.15.228.215

IP Abuse Reports for 20.15.228.215:

This IP address has been reported a total of 28 times from 25 distinct sources. 20.15.228.215 was first reported on April 10th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 sthoyer.de	2026-06-13 18:51:52 (1 week ago)	Jun 13 20:51:51 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd: ... show more Jun 13 20:51:51 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=20.15.228.215 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=36386 DF PROTO=TCP SPT=2315 DPT=8880 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 13 20:51:51 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=20.15.228.215 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=38226 DF PROTO=TCP SPT=2315 DPT=8090 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 13 20:51:51 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=20.15.228.215 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=4122 DF PROTO=TCP SPT=2344 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 13 20:51:51 sthoyer kernel: [IPTables-Dropped-I] IN=eth0 OUT= MAC=00:50:56:43:00:af:c0:69:11:cd:10:f7:08:00 SRC=20.15.228.215 DST=173.212.223.67 LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=34328 DF PROTO=TCP SPT=2341 DPT=8443 WINDOW=6424 ... show less	Port Scan
🇫🇷 matthieul.dev	2026-06-13 17:55:17 (1 week ago)	Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=10000,2077,2095,3000,4000,5000,8443,8888	Port Scan Brute-Force
🇵🇱 sefinek.net	2026-06-13 17:19:59 (1 week ago)	Blocked by UFW on PL02 [8080/tcp] \| SPT: 2753 \| TTL: 42 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on PL02 [8080/tcp] \| SPT: 2753 \| TTL: 42 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 MPL	2026-06-13 17:02:53 (1 week ago)	tcp port scan (5 or more attempts)	Port Scan
🇩🇪 Admins@FBN	2026-06-13 15:16:56 (1 week ago)	FW-PortScan: Traffic Blocked srcport=2378 dstport=8000	Port Scan
🇭🇰 pengpeng	2026-06-13 14:37:09 (1 week ago)	monitor: on ser162528253480 \| port: 2077 \| ttl: 45 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ... show more monitor: on ser162528253480 \| port: 2077 \| ttl: 45 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇮🇩 sockominfo	2026-06-02 15:00:43 (3 weeks ago)	Access to sensitive files detected w/ specific boundary.. Threat Score: 5/10 (MEDIUM). Confidence: 4 ... show more Access to sensitive files detected w/ specific boundary.. Threat Score: 5/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 35%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-02 14:00:44 (3 weeks ago)	Access to sensitive files detected w/ specific boundary.. Threat Score: 5.1/10 (MEDIUM). Confidence: ... show more Access to sensitive files detected w/ specific boundary.. Threat Score: 5.1/10 (MEDIUM). Confidence: 40%. CVSS v3.1: 2.9/10 (Low). CVSS Vector: CVSS:3.1/AV:L/AC:H/PR:N/UI:N/S:U/C:L/I:N/A:N. Bayesian Probability: 34%. MITRE ATT&CK: T1016 (System Network Configuration Discovery). Tactic: TA0001. Freshness: Fresh. Source Reputation: UNKNOWN. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇮🇩 sockominfo	2026-06-02 13:00:17 (3 weeks ago)	Access to sensitive files detected w/ specific boundary.. Threat Score: 7.1/10 (HIGH). Reported by T ... show more Access to sensitive files detected w/ specific boundary.. Threat Score: 7.1/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Web App Attack
🇺🇸 sumnone	2026-06-02 12:56:58 (3 weeks ago)	Port probing on unauthorized port 2083	Port Scan Hacking Exploited Host
🇹🇼 kk_it_man	2026-06-02 12:33:02 (3 weeks ago)	ET INFO Request to Hidden Environment File - Inbound GPL WEB_SERVER .htpasswd access	Port Scan
🇩🇪 edena	2026-06-02 12:32:07 (3 weeks ago)	20.15.228.215 - - [02/Jun/2026:14:32:05 +0200] "GET /.git/config HTTP/1.1" 403 322 "-" "Mozilla/5.0 ... show more 20.15.228.215 - - [02/Jun/2026:14:32:05 +0200] "GET /.git/config HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 20.15.228.215 - - [02/Jun/2026:14:32:06 +0200] "GET /.env HTTP/1.1" 403 322 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 20.15.228.215 - - [02/Jun/2026:14:32:07 +0200] "GET /.env.local HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" ... show less	Web App Attack Bad Web Bot
🇹🇷 Threat.live	2026-06-02 11:55:05 (3 weeks ago)	Suspicious Connection Attempts	Brute-Force
🇫🇷 zulzeen	2026-06-02 11:10:31 (3 weeks ago)	[incypit-web] Blocked by SysWarden Firewall [BLOCK] (Web Attack)	Hacking Web App Attack
Anonymous	2026-06-02 11:05:54 (3 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 8.215.85.137

🇹🇼 198.235.24.22

🇪🇬 197.60.73.50

🇩🇪 167.94.146.55

🇰🇷 114.30.180.58

🇸🇬 103.189.234.244

🇮🇷 94.101.177.68

🇳🇱 93.123.118.227

🇳🇱 91.92.42.61

🇳🇱 81.19.216.88

🇺🇸 47.77.223.142

🇬🇧 23.90.184.149

🇧🇷 138.94.177.250

🇨🇦 66.129.155.20

🇺🇸 52.35.20.1

🇬🇧 35.203.211.94

🇬🇧 35.203.211.30

🇮🇳 20.219.91.90

🇺🇸 3.143.162.210

🇪🇹 196.189.155.89