JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.169.53.190

20.169.53.190 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 89%: ?

89%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.169.53.190

Whois 20.169.53.190

IP Abuse Reports for 20.169.53.190:

This IP address has been reported a total of 20 times from 18 distinct sources. 20.169.53.190 was first reported on June 3rd 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 sid3windr	2026-06-12 09:07:39 (2 days ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇦🇹 urnilxfgbez	2026-06-11 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇵🇱 Wepted	2026-06-10 22:17:03 (3 days ago)	Port scan detected by honeypot	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-10 20:16:51 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 20.169.53.190 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.169.53.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 16:16:43.793065 2026] [security2:error] [pid 12584:tid 12584] [client 20.169.53.190:28879] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.95"] [uri "/.git/HEAD"] [unique_id "ainGK6ETDikgDo99VGczyQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-10 20:10:03 (3 days ago)	2026-06-10 20:10:03 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 17:41:42 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 20.169.53.190 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.169.53.190 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 13:41:35.548079 2026] [security2:error] [pid 9333:tid 9333] [client 20.169.53.190:28822] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.19"] [uri "/.git/HEAD"] [unique_id "aimhz_kZIpECRRfUOmFNIQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-10 17:06:28 (4 days ago)	Sensitive File Probe	Web App Attack
🇳🇱 knock	2026-06-10 17:01:41 (4 days ago)	Knock-Knock honeypot brute-force: proto8 (13 total hits)	Brute-Force
🇹🇷 sgonul71	2026-06-10 17:00:08 (4 days ago)	Web app attacks (IIS logs)	Web App Attack
🇧🇷 SOC Blue Team	2026-06-03 05:26:12 (1 week ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇹🇷 SeczarSecureOps	2026-06-03 04:54:26 (1 week ago)	Seczar SecureOps — Port Scan Detection (8 events) — quarantined 43200m on fgdcapi	Port Scan
🇸🇬 drewf.ink	2026-06-03 04:02:07 (1 week ago)	[04:02] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇮🇪 AutosOnShow	2026-06-03 04:00:08 (1 week ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 03:59:11.315 \|	Web App Attack
🇩🇪 Richie	2026-06-03 03:04:28 (1 week ago)	[HOST1] Port Scan detected	Port Scan
Anonymous	2026-06-03 02:03:43 (1 week ago)	PORT & IP Scan.	Port Scan Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.74.196.10

🇲🇽 187.216.224.85

🇧🇴 181.188.176.242

🇨🇳 120.230.21.41

🇨🇳 112.12.159.92

🇩🇪 46.101.150.99

🇰🇷 1.235.192.214

🇺🇸 136.117.57.173

🇺🇸 135.237.126.114

🇨🇳 115.55.29.173

🇮🇳 103.175.62.33

🇮🇳 103.97.215.11

🇬🇧 87.106.44.172

🇮🇱 35.252.12.165

🇫🇮 35.228.82.22

🇨🇳 8.138.85.185

🇦🇲 178.160.228.254

🇨🇳 163.204.42.139

🇮🇩 114.10.47.235

🇵🇱 87.251.64.149