JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.169.75.242

20.169.75.242 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 95%: ?

95%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.169.75.242

Whois 20.169.75.242

IP Abuse Reports for 20.169.75.242:

This IP address has been reported a total of 19 times from 18 distinct sources. 20.169.75.242 was first reported on December 2nd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gu-alvareza	2026-06-15 07:05:23 (2 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
Anonymous	2026-06-15 05:56:41 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇸🇬 securejdprop	2026-06-15 02:58:05 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET INFO Request to Hidden Environment File - Inbound). Ip 20.169.75.242 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-15 02:58:04.149304129 +0000 UTC show less	Hacking Web App Attack
🇺🇸 valornode	2026-06-15 02:32:13 (2 days ago)	Detected by CrowdSec on www.iambrayden.net-47d88224: CrowdSec: crowdsecurity/http-probing \| ASN: 807 ... show more Detected by CrowdSec on www.iambrayden.net-47d88224: CrowdSec: crowdsecurity/http-probing \| ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK) \| Country: US \| Range: 20.160.0.0/12 show less	Brute-Force SSH
🇰🇷 windykc	2026-06-15 02:30:19 (2 days ago)	Honeypot capture. HTTP: 11 attacks (sample URIs: ['/.env', '/.git/config', '/.env.production', '/.aw ... show more Honeypot capture. HTTP: 11 attacks (sample URIs: ['/.env', '/.git/config', '/.env.production', '/.aws/credentials', '/.env.backup']). RCE/web-shell attempts: 3 (fake-shell endpoint). Geo/ISP: US/Microsoft Corporation. Last seen: 2026-06-15T10:57:31Z. show less	Hacking Web App Attack
Anonymous	2026-06-15 02:01:04 (2 days ago)	20.169.75.242 detected on srv01	Port Scan
🇷🇸 Scan	2026-06-15 00:33:00 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇩🇪 dpsbs	2026-06-14 23:05:59 (2 days ago)	multiple ips intrustions detected	Hacking
🇺🇸 MPL	2026-06-14 23:03:52 (2 days ago)	tcp port scan (11 or more attempts)	Port Scan
🇯🇵 VXG-NET	2026-06-14 22:48:13 (2 days ago)	port=80, indicator_type=info-leak	Hacking
🇩🇪 SCHAPPY	2026-06-14 22:45:08 (2 days ago)	Mutliple attempts to access forbidden web resources, HTTP code 403.	Web App Attack
🇺🇸 sumnone	2026-06-14 22:17:12 (2 days ago)	Port probing on unauthorized port 2077	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-14 22:08:28 (2 days ago)	(mod_security) mod_security (id:210730) triggered by 20.169.75.242 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 20.169.75.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 18:08:20.492509 2026] [security2:error] [pid 22310:tid 22332] [client 20.169.75.242:2647] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.133\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.133"] [uri "/backup.sql"] [unique_id "ai8mVM6Oz0RydmJK5Nrt1AAAAYg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 20:30:08 (2 days ago)	Triggered: repeated knocking on closed ports.	Port Scan
🇹🇷 Threat.live	2026-06-14 20:05:02 (2 days ago)	Suspicious Connection Attempts	Brute-Force

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 163.53.18.118

🇮🇳 122.187.229.119

🇨🇳 182.138.158.151

🇳🇱 164.215.103.71

🇸🇬 152.42.203.191

🇺🇸 52.14.59.159

🇺🇸 20.163.76.6

🇰🇷 14.40.114.86

🇷🇴 2.57.121.25

🇫🇮 216.40.72.247

🇸🇳 213.154.80.51

🇳🇱 178.16.54.99

🇺🇸 172.172.30.73

🇺🇸 172.96.161.212

🇺🇸 155.117.87.29

🇮🇳 122.163.127.14

🇨🇳 110.167.122.90

🇰🇿 92.47.129.251

🇺🇸 74.82.47.61

🇸🇬 47.236.86.103