JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.161.30.193

20.161.30.193 was found in our database!

This IP was reported 77 times. Confidence of Abuse is 50%: ?

50%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.161.30.193

Whois 20.161.30.193

IP Abuse Reports for 20.161.30.193:

This IP address has been reported a total of 77 times from 67 distinct sources. 20.161.30.193 was first reported on February 15th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Scan	2026-06-17 00:35:10 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-07 23:09:52 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-06-07 13:34:14 (2 weeks ago)	tcp port scan (16 or more attempts)	Port Scan
Anonymous	2026-06-07 13:14:36 (2 weeks ago)	2026-06-07 13:14:36 warning[2268096]: host unknown[20.161.30.193]: unauthorized access att ... show more 2026-06-07 13:14:36 warning[2268096]: host unknown[20.161.30.193]: unauthorized access attempted: tcp/8443 show less	Port Scan Brute-Force
🇺🇸 RAP	2026-06-07 11:04:59 (2 weeks ago)	2026-06-07 11:04:59 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇮🇩 Burayot	2026-06-07 10:52:45 (2 weeks ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.161.30.193 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.161.30.193 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 10:41:59 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.161.30.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.161.30.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 06:41:53.319107 2026] [security2:error] [pid 11300:tid 11300] [client 20.161.30.193:15921] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.29"] [uri "/.git/HEAD"] [unique_id "aiVK8cqcbvsXFJcHUFTZYQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-07 10:18:31 (2 weeks ago)	Multiple WAF Violations	Web App Attack
🇺🇸 drewf.ink	2026-06-07 09:33:18 (2 weeks ago)	[09:33] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇩🇪 joharikop	2026-06-07 08:08:52 (2 weeks ago)	Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-cred ... show more Nginx: credential/secret file probe (/.env, /.git, /.aws etc). Automated ban via fail2ban nginx-credential-probes jail. show less	Web App Attack
Anonymous	2026-06-07 07:54:42 (2 weeks ago)	Try to connect to Port_Scan_80_stealth	Port Scan
🇺🇸 TPI-Abuse	2026-04-09 00:59:51 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 20.161.30.193 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.161.30.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 20:59:44.184891 2026] [security2:error] [pid 2685497:tid 2685497] [client 20.161.30.193:26561] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "networkzone.org.convoyforkids.com"] [uri "/.env"] [unique_id "adb6AFu8Juv0Z2ke1os-PgAAAB0"], referer: https://outlook.live.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2026-03-04 20:11:52 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇨🇳 ThreatBook.io	2026-03-02 23:34:13 (3 months ago)	ThreatBook Intelligence: Spam,Info more details on https://threatbook.io/ip/20.161.30.193 2026-03-02 ... show more ThreatBook Intelligence: Spam,Info more details on https://threatbook.io/ip/20.161.30.193 2026-03-02 17:41:06 ["hostname"] 2026-03-02 17:49:07 ["whoami"] 2026-03-02 17:43:52 ["uname -a"] show less	Brute-Force
🇫🇮 STANISLAV BAKHTIHOZIN	2026-03-02 11:55:45 (3 months ago)	FTP/SFTP brute force: 18 failed auth attempts on Cerberus FTP Server	Brute-Force SSH Hacking

Showing 1 to 15 of 77 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.42.183.124

🇺🇸 107.152.44.215

🇺🇸 68.235.46.25

🇬🇧 193.163.125.105

🇨🇱 179.9.167.16

🇨🇳 113.106.88.74

🇳🇱 81.19.216.68

🇺🇸 68.235.46.239

🇺🇸 68.235.46.232

🇨🇳 36.108.175.251

🇬🇧 18.135.247.138

🇮🇳 2405:201:c00e:f903:e5b7:c0d3:8778:d7ed

🇰🇪 197.248.8.33

🇬🇧 193.163.125.226

🇺🇸 172.202.117.221

🇸🇦 158.101.233.87

🇻🇳 115.77.111.2

🇧🇬 79.124.60.146

🇺🇸 68.235.46.222

🇺🇸 68.235.46.219