JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.171.55.54

20.171.55.54 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 21%: ?

21%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.171.55.54

Whois 20.171.55.54

IP Abuse Reports for 20.171.55.54:

This IP address has been reported a total of 55 times from 23 distinct sources. 20.171.55.54 was first reported on February 4th 2026, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-27 12:39:05 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.171.55.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.171.55.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 08:38:59.037767 2026] [security2:error] [pid 31252:tid 31252] [client 20.171.55.54:10296] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hawleyrentals.com"] [uri "/.env"] [unique_id "ahbl43gPqLFGhBt1K0ZKNQAAABg"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 10:09:59 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.171.55.54 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.171.55.54 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 06:09:55.878552 2026] [security2:error] [pid 22935:tid 22935] [client 20.171.55.54:10305] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "brandov.fatcavestudios.com"] [uri "/.env"] [unique_id "ahbC85fmvsRiUoir0oqgwAAAAAI"], referer: https://chat.openai.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Dominik Lysiak	2026-05-27 10:06:10 (3 weeks ago)	20.171.55.54 - - [27/May/2026:12:06:07 +0200] "GET /.env HTTP/2.0" 422 496 "-" "Mozilla/5.0 (Linux; ... show more 20.171.55.54 - - [27/May/2026:12:06:07 +0200] "GET /.env HTTP/2.0" 422 496 "-" "Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" 20.171.55.54 - - [27/May/2026:12:06:09 +0200] "GET /.git/config HTTP/2.0" 422 496 "https://stackoverflow.com/" "Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" 20.171.55.54 - - [27/May/2026:12:06:09 +0200] "GET /.env HTTP/2.0" 422 496 "-" "Mozilla/5.0 (Linux; Android 14; SM-S928B) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack
🇫🇷 SpaceHost-Server	2026-05-17 22:37:11 (1 month ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-05-16 22:28:42 (1 month ago)		Brute-Force Web App Attack
🇱🇻 garmtech.com	2026-05-16 07:38:46 (1 month ago)	IM360 WAF: Direct access to sensitive file or dotfile MV:/.env	Web App Attack
🇩🇪 macrob	2026-05-16 07:38:44 (1 month ago)	2026/05/16 07:38:39 [error] 1702612#1702612: 231322580 access forbidden by rule, client: 20.171.55. ... show more 2026/05/16 07:38:39 [error] 1702612#1702612: 231322580 access forbidden by rule, client: 20.171.55.54, server: binixo.pl, request: "GET /.git/config HTTP/2.0", host: "binixo.pl" 2026/05/16 07:38:41 [error] 1702612#1702612: 231322580 access forbidden by rule, client: 20.171.55.54, server: binixo.pl, request: "GET /.env HTTP/2.0", host: "binixo.pl" 2026/05/16 07:38:43 [error] 1702614#1702614: 231317040 access forbidden by rule, client: 20.171.55.54, server: binixo.pl, request: "GET /config.php.bak HTTP/2.0", host: "binixo.pl" ... show less	Web App Attack
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 05:09:25 (4 months ago)	2026-02-05T05:03:50.884995shield sshd\[13470\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T05:03:50.884995shield sshd\[13470\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T05:03:52.768527shield sshd\[13470\]: Failed password for root from 20.171.55.54 port 30594 ssh2 2026-02-05T05:06:36.785378shield sshd\[13593\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T05:06:38.788689shield sshd\[13593\]: Failed password for root from 20.171.55.54 port 30596 ssh2 2026-02-05T05:09:24.738259shield sshd\[13718\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 04:52:59 (4 months ago)	2026-02-05T04:47:36.386315shield sshd\[12704\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T04:47:36.386315shield sshd\[12704\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:47:38.224882shield sshd\[12704\]: Failed password for root from 20.171.55.54 port 30600 ssh2 2026-02-05T04:50:14.571699shield sshd\[12794\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:50:16.766432shield sshd\[12794\]: Failed password for root from 20.171.55.54 port 30597 ssh2 2026-02-05T04:52:58.891812shield sshd\[12869\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 04:36:40 (4 months ago)	2026-02-05T04:31:23.780237shield sshd\[12173\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T04:31:23.780237shield sshd\[12173\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:31:26.045059shield sshd\[12173\]: Failed password for root from 20.171.55.54 port 30599 ssh2 2026-02-05T04:33:56.763767shield sshd\[12277\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:33:58.697242shield sshd\[12277\]: Failed password for root from 20.171.55.54 port 30596 ssh2 2026-02-05T04:36:39.553904shield sshd\[12327\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH
🇮🇹 cazae	2026-02-05 04:34:05 (4 months ago)	2026-02-05T05:28:38.942102+01:00 server1 sshd-session[1567175]: Failed password for root from 20.171 ... show more 2026-02-05T05:28:38.942102+01:00 server1 sshd-session[1567175]: Failed password for root from 20.171.55.54 port 30597 ssh2 2026-02-05T05:31:39.644160+01:00 server1 sshd-session[1567245]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T05:31:41.559095+01:00 server1 sshd-session[1567245]: Failed password for root from 20.171.55.54 port 30600 ssh2 2026-02-05T05:34:03.075199+01:00 server1 sshd-session[1567271]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T05:34:04.827400+01:00 server1 sshd-session[1567271]: Failed password for root from 20.171.55.54 port 30593 ssh2 ... show less	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 04:20:23 (4 months ago)	2026-02-05T04:15:16.487886shield sshd\[11664\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T04:15:16.487886shield sshd\[11664\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:15:17.664102shield sshd\[11664\]: Failed password for root from 20.171.55.54 port 30657 ssh2 2026-02-05T04:17:39.237842shield sshd\[11713\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:17:41.377573shield sshd\[11713\]: Failed password for root from 20.171.55.54 port 30592 ssh2 2026-02-05T04:20:22.730002shield sshd\[11798\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 04:04:17 (4 months ago)	2026-02-05T03:58:42.354154shield sshd\[11150\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T03:58:42.354154shield sshd\[11150\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T03:58:44.739325shield sshd\[11150\]: Failed password for root from 20.171.55.54 port 30660 ssh2 2026-02-05T04:01:24.321871shield sshd\[11252\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T04:01:26.279970shield sshd\[11252\]: Failed password for root from 20.171.55.54 port 30663 ssh2 2026-02-05T04:04:16.870451shield sshd\[11302\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH
🇸🇬 itachi1706	2026-02-05 03:51:48 (4 months ago)	2026-02-05T03:51:47.099729+00:00 sg-jumphost-server sshd[975461]: Connection closed by authenticatin ... show more 2026-02-05T03:51:47.099729+00:00 sg-jumphost-server sshd[975461]: Connection closed by authenticating user root 20.171.55.54 port 30662 [preauth] ... show less	Brute-Force SSH
🇺🇸 whitehat AbuseIPDB Official	2026-02-05 03:47:55 (4 months ago)	2026-02-05T03:42:31.594800shield sshd\[10611\]: pam_unix\(sshd:auth\): authentication failure\; logn ... show more 2026-02-05T03:42:31.594800shield sshd\[10611\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T03:42:33.343536shield sshd\[10611\]: Failed password for root from 20.171.55.54 port 30659 ssh2 2026-02-05T03:45:14.808949shield sshd\[10685\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root 2026-02-05T03:45:16.271777shield sshd\[10685\]: Failed password for root from 20.171.55.54 port 30657 ssh2 2026-02-05T03:47:55.423495shield sshd\[10750\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.171.55.54 user=root show less	Brute-Force SSH

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2604:a880:400:d1:0:4:9e83:6001

🇰🇷 211.228.217.178

🇰🇷 211.186.115.74

🇹🇼 198.235.24.59

🇩🇪 159.65.123.129

🇵🇰 139.135.55.13

🇻🇳 125.212.244.35

🇨🇳 120.48.181.68

🇧🇪 198.235.24.153

🇧🇷 186.193.46.71

🇻🇳 183.91.11.36

🇨🇳 150.242.246.221

🇨🇳 113.78.240.176

🇺🇸 104.248.177.83

🇫🇮 74.125.46.148

🇯🇵 58.98.197.137

🇮🇶 37.236.18.11

🇳🇱 31.42.176.142

🇪🇬 197.44.255.11

🇲🇽 187.191.48.23