JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.203.252.50

20.203.252.50 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 41%: ?

41%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.203.252.50

Whois 20.203.252.50

IP Abuse Reports for 20.203.252.50:

This IP address has been reported a total of 8 times from 6 distinct sources. 20.203.252.50 was first reported on June 26th 2026, and the most recent report was 18 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 lakered	2026-06-29 04:45:04 (18 hours ago)	Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkho ... show more Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkhole \| bad_user_agent \| Evidence: TCP/IP-Spoofing-Detected (bad_sw: 2) \| TCP Fingerprint: Modern Linux (Kernel 3.x+) (Link:IPIP or SIT, Uptime:43518m) show less	Port Scan Bad Web Bot
🇺🇸 johnkarlhill	2026-06-28 16:30:03 (1 day ago)	WebKnight blocked malicious web request on johnkarlhill.com	Brute-Force SSH
🇺🇸 xmission.com	2026-06-28 11:06:02 (1 day ago)	Blocked by UFW (TCP on 80) Source port: 60700 TTL: 37 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 60700 TTL: 37 Packet length: 60 TOS: 0x00 This report (for 20.203.252.50) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 xmission.com	2026-06-28 10:06:18 (1 day ago)	Blocked by UFW (TCP on 80) Source port: 2774 TTL: 37 Packet length: 60 TOS: 0x00 This report (for 2 ... show more Blocked by UFW (TCP on 80) Source port: 2774 TTL: 37 Packet length: 60 TOS: 0x00 This report (for 20.203.252.50) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇬🇷 setupgr	2026-06-28 07:55:02 (1 day ago)	(mod_security) mod_security (id:9999001) triggered by 20.203.252.50 (CH/Switzerland/Zurich/Zurich/-/ ... show more (mod_security) mod_security (id:9999001) triggered by 20.203.252.50 (CH/Switzerland/Zurich/Zurich/-/[AS8075 Microsoft Corporation]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Sun Jun 28 10:54:59.115703 2026] [security2:error] [pid 1766617:tid 1766800] [client 20.203.252.50:37110] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^154\\\\.57\\\\.7\\\\.73$" at REQUEST_HEADERS:Host. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "154"] [id "9999001"] [msg "Direct incoming request to server shared IP blocked by admin"] [hostname "154.57.7.73"] [uri "/"] [unique_id "akDTUiIUCWOJUadvaoQB7AAAAdc"] show less	Port Scan
🇩🇪 SCHAPPY	2026-06-28 03:57:45 (1 day ago)	Faked HTTP referer string using numeric IP address of destination host instead of host name.	Hacking Web App Attack
Anonymous	2026-06-27 22:11:17 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-26 20:08:06 (3 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.92

🇨🇳 120.238.58.10

🇨🇳 118.212.120.247

🇮🇳 98.70.127.17

🇲🇽 38.35.232.14

🇺🇸 38.34.217.49

🇺🇸 3.138.191.36

🇺🇸 205.210.31.36

🇺🇸 192.3.134.24

🇮🇳 103.147.248.44

🇰🇼 94.128.96.80

🇩🇪 45.86.202.242

🇩🇪 45.86.202.235

🇨🇳 39.184.13.46

🇧🇷 38.252.204.52

🇦🇷 38.236.194.46

🇧🇷 38.191.127.76

🇻🇳 115.74.234.146

🇺🇸 104.192.205.181

🇺🇸 91.230.168.95