JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.171.207.115

20.171.207.115 was found in our database!

This IP was reported 311 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.171.207.115

Whois 20.171.207.115

IP Abuse Reports for 20.171.207.115:

This IP address has been reported a total of 311 times from 110 distinct sources. 20.171.207.115 was first reported on November 12th 2024, and the most recent report was 8 months ago.

Old Reports: The most recent abuse report for this IP address is from 8 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 INTEQ	2025-10-29 10:30:11 (8 months ago)	Web attack from 20.171.207.115	Web App Attack
🇦🇺 MAGIC	2025-10-27 03:20:30 (8 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-10-26 01:09:39 (8 months ago)	Excessive crawling/scraping	Hacking Brute-Force
🇺🇸 Rocky Mountain Bioengineering Symposium	2025-10-24 11:01:16 (8 months ago)	[Thu Oct 23 05:00:02.552442 2025] [authz_core:error] [pid 38517:tid 139680800282176] [client 20.171. ... show more [Thu Oct 23 05:00:02.552442 2025] [authz_core:error] [pid 38517:tid 139680800282176] [client 20.171.207.115:56632] AH01630: client denied by server configuration: proxy:h2://abstracts-rmbs.org/sitemap_index.xml [Thu Oct 23 22:15:53.778663 2025] [authz_core:error] [pid 70222:tid 139680959743552] [client 20.171.207.115:42712] AH01630: client denied by server configuration: proxy:h2://abstracts-rmbs.org/login/ [Fri Oct 24 05:01:16.251929 2025] [authz_core:error] [pid 70155:tid 139680817067584] [client 20.171.207.115:50032] AH01630: client denied by server configuration: proxy:h2://abstracts-rmbs.org/sitemap_index.xml ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-23 21:48:17 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 23 17:48:10.408469 2025] [security2:error] [pid 1495:tid 1495] [client 20.171.207.115:54188] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.cameronsol.com\|F\|2"] [data ".camerongunsmith.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.cameronsol.com"] [uri "/www.camerongunsmith.com"] [unique_id "aPqimnOyrZKZJDacY0ea1gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 mgarofano80	2025-10-22 23:42:48 (8 months ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-10-22 17:51:55 (8 months ago)	(mod_security) mod_security (id:210730) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 22 13:51:47.744569 2025] [security2:error] [pid 23114:tid 23114] [client 20.171.207.115:59272] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|bahamascruisersguide.com\|F\|2"] [data ".greatmysterious.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "bahamascruisersguide.com"] [uri "/Blogs-Websites/www.greatmysterious.com"] [unique_id "aPkZs9UO13Nbs2ALGjyikgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 1gz	2025-10-20 19:57:29 (8 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/2 (GET method) Endpoint: / UA: Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; GPTBot/1.2; +https://openai.com/gptbot) This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2025-10-20 05:45:13 (8 months ago)	Excessive crawling/scraping	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-10-19 13:39:16 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Oct 19 09:39:11.461800 2025] [security2:error] [pid 5043:tid 5057] [client 20.171.207.115:37084] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.grupojdg.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.grupojdg.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aPTp_5xVcd-G2mJqyUwlXgAAAEs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-18 08:51:57 (8 months ago)	(mod_security) mod_security (id:225170) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 20.171.207.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Oct 18 04:51:54.175325 2025] [security2:error] [pid 25873:tid 25873] [client 20.171.207.115:55894] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|churchbehindthewalls.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "churchbehindthewalls.com"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aPNVKr_Kvf0fZ6AVBN-vzgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇳 Shaik Sai Meera	2025-10-12 16:05:32 (8 months ago)	IM360 WAF: Monitoring WordPress 5.3 User Enumeration attempts - Sun Oct 12 16:04:51 2025	Web App Attack
🇧🇪 taivas.nl	2025-10-09 04:32:25 (8 months ago)	Many_bad_calls	Web App Attack
🇧🇪 taivas.nl	2025-10-08 20:02:10 (8 months ago)	Bad_requests	Bad Web Bot
Anonymous	2025-10-08 18:47:56 (8 months ago)	Excessive crawling/scraping	Hacking Brute-Force

Showing 1 to 15 of 311 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 207.154.197.113

🇹🇭 202.29.225.206

🇦🇱 79.106.123.51

🇺🇸 64.62.156.209

🇦🇺 43.229.61.53

🇨🇳 171.217.92.33

🇻🇳 113.176.87.118

🇺🇸 100.50.17.159

🇸🇪 83.233.149.204

🇱🇹 81.30.98.49

🇨🇳 58.247.139.134

🇻🇳 45.119.81.245

🇬🇧 35.203.211.196

🇨🇳 1.83.223.227

🇨🇳 218.92.251.198

🇧🇷 179.134.87.159

🇧🇷 179.130.171.63

🇺🇸 172.110.223.179

🇱🇹 81.30.98.142

🇳🇱 80.82.77.75