JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.161.58.224

20.161.58.224 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 56%: ?

56%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.161.58.224

Whois 20.161.58.224

IP Abuse Reports for 20.161.58.224:

This IP address has been reported a total of 26 times from 18 distinct sources. 20.161.58.224 was first reported on October 12th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇴 adalbertoreyes.org	2026-06-25 17:39:52 (1 day ago)	CategoryPortScan	Port Scan
🇺🇸 WellSpring	2026-06-24 20:05:07 (2 days ago)	xmlrpc exploit on 229.today/wp/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-24 18:28:24 (2 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.161.58.224 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 20.161.58.224 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇬🇧 essinghigh	2026-06-16 06:07:42 (1 week ago)	IPS Detection: 20.161.58.224 -> DPT: 2086	Port Scan
🇧🇷 SOC Blue Team	2026-06-02 09:27:57 (3 weeks ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 ISPLtd	2026-06-02 07:31:16 (3 weeks ago)	Jun 2 04:31:03 20.161.58.224 TCP SPT=21866 DPT=2087 SYN Jun 2 04:31:03 20.161.58.224 TCP SPT=21840 ... show more Jun 2 04:31:03 20.161.58.224 TCP SPT=21866 DPT=2087 SYN Jun 2 04:31:03 20.161.58.224 TCP SPT=21840 DPT=2082 SYN Jun 2 04:31:03 20.161.58.224 TCP SPT=22596 DPT=8080 SYN ... show less	Port Scan
🇳🇱 thedreamer.nl	2026-06-02 06:53:14 (3 weeks ago)	20.161.58.224 - - [02/Jun/2026:08:47:45 +0200] "GET /.git/HEAD HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Win ... show more 20.161.58.224 - - [02/Jun/2026:08:47:45 +0200] "GET /.git/HEAD HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "US" "Boydton" "36.66940" "-78.38770" 20.161.58.224 - - [02/Jun/2026:08:47:46 +0200] "GET /.git/config HTTP/1.1" 499 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "US" "Boydton" "36.66940" "-78.38770" 20.161.58.224 - - [02/Jun/2026:08:47:52 +0200] "GET /.env.production HTTP/1.1" 499 0 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "US" "Boydton" "36.66940" "-78.38770" 20.161.58.224 - - [02/Jun/2026:08:47:54 +0200] "GET /.env.backup HTTP/1.1" 499 0 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "US" "Boydton" "36.66940" "-78.38770" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇹🇷 Threat.live	2026-06-02 06:45:08 (3 weeks ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 xmission.com	2026-06-02 06:37:14 (3 weeks ago)	Blocked by UFW (TCP on 2087) Source port: 22357 TTL: 49 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2087) Source port: 22357 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 20.161.58.224) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇺 FireGuard Server	2026-06-02 06:15:06 (3 weeks ago)	Blocked by OPNsense firewall; 6 hits, proto=tcp, ports=2082,2083,2086,2087,8080,8443	Port Scan Hacking
🇺🇸 MPL	2026-06-02 06:03:08 (3 weeks ago)	tcp port scan (3 or more attempts)	Port Scan
🇺🇸 donarev419	2026-06-02 04:44:13 (3 weeks ago)	Port scan detected on port 8080 (connection without data transfer)	Port Scan
🇺🇸 RAP	2026-06-02 03:08:24 (3 weeks ago)	2026-06-02 03:08:24 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-06-02 03:01:06 (3 weeks ago)	tcp port scan (8 or more attempts)	Port Scan
🇮🇱 spd.co.il	2026-05-18 08:03:12 (1 month ago)	Web application attack detected	Hacking Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇪 190.97.253.81

🇻🇳 103.78.1.33

🇭🇰 101.36.122.183

🇹🇼 101.13.5.30

🇱🇹 89.40.3.184

🇨🇦 85.217.149.41

🇮🇳 45.112.136.214

🇬🇧 45.82.76.101

🇬🇧 35.203.211.150

🇸🇮 31.57.184.222

🇺🇸 216.25.89.122

🇺🇸 216.25.89.71

🇸🇬 206.189.152.33

🇧🇷 205.210.31.235

🇧🇷 205.210.31.213

🇲🇽 201.163.128.50

🇹🇼 198.235.24.70

🇳🇱 195.178.110.42

🇬🇧 194.50.235.149

🇳🇱 193.176.31.201