JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.161.30.225

20.161.30.225 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 98%: ?

98%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.161.30.225

Whois 20.161.30.225

IP Abuse Reports for 20.161.30.225:

This IP address has been reported a total of 32 times from 22 distinct sources. 20.161.30.225 was first reported on January 23rd 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-22 10:47:15 (1 week ago)	(caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:10:47:14 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:10:47:15 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:10:47:15 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:10:47:15 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:10:47:15 +0000] "GET /@fs/.env?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-22 09:41:14 (1 week ago)	(caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:09:41:10 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:09:41:10 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:09:41:10 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:09:41:11 +0000] "GET /@fs/.env?import&raw HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:09:41:11 +0000] "GET /@fs/.env.local?import&raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-22 07:42:44 (1 week ago)	(caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:07:42:41 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:07:42:41 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:07:42:42 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:07:42:42 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:07:42:42 +0000] "GET /.env HTTP/1.1" show less	Port Scan
Anonymous	2026-05-22 06:19:58 (1 week ago)	(caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Por ... show more (caddyscan) Scanner path probe from 20.161.30.225 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:06:19:54 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:06:19:55 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:06:19:55 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:06:19:55 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 20.161.30.225 - - [22/May/2026:06:19:55 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇳🇴 Bots.go.to.hell	2026-05-22 06:02:41 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/vpatch-env-access	Web App Attack Hacking
🇺🇸 pduggusa	2026-05-19 03:55:48 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-19T03:55:48.750Z \| Attack: Web Service \| Source: DugganU ... show more Detected attacking dugganusa.com at 2026-05-19T03:55:48.750Z \| Attack: Web Service \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-19 02:42:33 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-19T02:42:33.497Z \| Attack: Web Service \| Source: DugganU ... show more Detected attacking dugganusa.com at 2026-05-19T02:42:33.497Z \| Attack: Web Service \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-19 01:40:37 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-19T01:40:37.066Z \| Attack: Web Service \| Source: DugganU ... show more Detected attacking dugganusa.com at 2026-05-19T01:40:37.066Z \| Attack: Web Service \| Source: DugganUSA PreCog auto-block show less	Hacking
🇺🇸 pduggusa	2026-05-19 00:38:43 (2 weeks ago)	Detected attacking dugganusa.com at 2026-05-19T00:38:43.791Z \| Attack: Web Service \| Source: DugganU ... show more Detected attacking dugganusa.com at 2026-05-19T00:38:43.791Z \| Attack: Web Service \| Source: DugganUSA PreCog auto-block show less	Hacking
🇧🇾 StatsMe	2026-05-01 22:35:29 (1 month ago)	2026-05-01T16:42:30.161932+0300 ET SCAN NMAP -sS window 1024	Port Scan
🇫🇷 security.rdmc.fr	2026-05-01 14:00:10 (1 month ago)	Port Scan Attack proto:TCP src:14336 dst:23	Port Scan
🇺🇸 xmission.com	2026-05-01 13:46:33 (1 month ago)	Blocked by UFW (TCP on 23) Source port: 14336 TTL: 239 Packet length: 40 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 23) Source port: 14336 TTL: 239 Packet length: 40 TOS: 0x00 This report (for 20.161.30.225) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Hacking Brute-Force
Anonymous	2026-05-01 13:27:03 (1 month ago)	Unauthorized connection attempt on Port 23	Port Scan Hacking Exploited Host
🇺🇸 MPL	2026-05-01 13:14:26 (1 month ago)	tcp/23	Port Scan
🇺🇸 RAP	2026-05-01 12:02:34 (1 month ago)	2026-05-01 12:02:34 UTC Unauthorized activity to TCP port 23. Telnet	Port Scan

Showing 16 to 30 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.83

🇩🇪 213.209.159.241

🇲🇽 186.96.145.241

🇧🇩 103.164.50.153

🇦🇪 74.162.69.29

🇩🇪 36.255.97.103

🇨🇳 27.40.77.247

🇺🇸 162.216.149.143

🇷🇴 80.94.92.71

🇩🇪 144.31.80.14

🇨🇳 112.232.48.93

🇮🇳 103.187.178.214

🇸🇬 103.187.146.90

🇯🇵 8.216.5.140

🇬🇧 213.166.84.41

🇫🇮 147.185.133.139

🇺🇸 74.125.80.21

🇰🇭 58.97.224.67

🇧🇷 189.57.137.250

🇧🇷 136.248.121.226