JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.163.83.242

20.163.83.242 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 54%: ?

54%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.163.83.242

Whois 20.163.83.242

IP Abuse Reports for 20.163.83.242:

This IP address has been reported a total of 26 times from 19 distinct sources. 20.163.83.242 was first reported on September 17th 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-11 22:45:00 (4 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇭🇰 chanatl	2026-06-11 00:38:00 (5 days ago)	Requested for /backup.sql, /.htpasswd, /server-status, /.env.backup, /.env.production, /.git/config, ... show more Requested for /backup.sql, /.htpasswd, /server-status, /.env.backup, /.env.production, /.git/config, /.git/HEAD 2026-06-11 02:36:25.789 - 2026-06-11 02:36:52.314 GMT+8 show less	Web App Attack
🇫🇷 GabrielJST	2026-06-10 21:19:14 (5 days ago)	Port Scan detected from 20.163.83.242 (US/United States/-).	Port Scan
🇩🇪 cloudmax	2026-06-10 21:01:53 (6 days ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 19:44:05 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 20.163.83.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.163.83.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:43:58.788763 2026] [security2:error] [pid 30789:tid 30807] [client 20.163.83.242:35221] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.85"] [uri "/.git/HEAD"] [unique_id "aim-fqQwGxx9Iux8j_OddgAAAFA"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-10 19:09:24 (6 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 18:47:49 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 20.163.83.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.163.83.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:47:45.833511 2026] [security2:error] [pid 13853:tid 13853] [client 20.163.83.242:34672] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.7"] [uri "/.git/config"] [unique_id "aimxUdcpY12Zsc5EsYe4XQAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 danieljamesbertrand	2026-06-10 18:32:00 (6 days ago)	fail2ban jail=nginx-access-exploit on canadapaywall.com (automatic report; categories 19,21)	Bad Web Bot Web App Attack
🇨🇦 alexbfr	2026-06-10 17:34:44 (6 days ago)	Fail2Ban Report, nginx-bot-trap jail: Automated honeypot detection.	Port Scan
🇸🇬 drewf.ink	2026-06-01 09:45:25 (2 weeks ago)	[09:45] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇺🇸 drewf.ink	2026-06-01 06:59:24 (2 weeks ago)	[06:59] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇫🇷 GabrielJST	2026-06-01 06:50:26 (2 weeks ago)	Port Scan detected from 20.163.83.242 (US/United States/-).	Port Scan
🇨🇦 Blinker73	2026-06-01 05:48:18 (2 weeks ago)	2026-06-01T01:48 kernel: OUT= SRC=20.163.83.242 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=55682 DF P ... show more 2026-06-01T01:48 kernel: OUT= SRC=20.163.83.242 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=55682 DF PROTO=TCP SPT=13328 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-01T01:48 kernel: OUT= SRC=20.163.83.242 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=53219 DF PROTO=TCP SPT=13328 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-01T01:48 kernel: OUT= SRC=20.163.83.242 LEN=60 TOS=0x00 PREC=0x00 TTL=39 ID=11507 DF PROTO=TCP SPT=13328 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP= show less	Port Scan
🇬🇧 2048	2026-04-17 13:08:11 (1 month ago)	2026-04-17T14:08:09.037061+01:00 machodeer kernel: [4688109.093070] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-04-17T14:08:09.037061+01:00 machodeer kernel: [4688109.093070] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.163.83.242 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=31484 DF PROTO=TCP SPT=29712 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-17T14:08:10.038791+01:00 machodeer kernel: [4688110.094312] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.163.83.242 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=31485 DF PROTO=TCP SPT=29712 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-17T14:08:11.062791+01:00 machodeer kernel: [4688111.118398] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=20.163.83.242 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=44 ID=31486 DF PROTO=TCP SPT=29712 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 pduggusa	2026-03-24 02:01:03 (2 months ago)	Detected attacking dugganusa.com at 2026-03-24T02:01:03.590Z \| Source: DugganUSA PreCog auto-block	Hacking

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.69

🇷🇸 178.220.77.109

🇹🇷 176.240.167.38

🇨🇳 175.30.48.7

🇦🇺 168.138.25.154

🇧🇭 149.104.106.153

🇺🇸 143.244.153.5

🇮🇳 135.13.28.35

🇨🇳 119.117.86.66

🇧🇬 79.124.62.230

🇺🇸 74.64.33.189

🇨🇳 59.47.110.98

🇧🇷 45.4.179.2

🇧🇷 43.157.151.226

🇺🇸 38.55.111.79

🇮🇷 37.202.155.236

🇯🇵 20.243.208.191

🇨🇳 8.138.232.250

🇩🇪 3.122.254.233

🇲🇽 177.238.18.126