JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.227.130.11

20.227.130.11 was found in our database!

This IP was reported 48 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇦🇺 Australia
City	Canberra, Australian Capital Territory

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.227.130.11

Whois 20.227.130.11

IP Abuse Reports for 20.227.130.11:

This IP address has been reported a total of 48 times from 30 distinct sources. 20.227.130.11 was first reported on August 17th 2022, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-06-17 04:44:32 (16 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-17 04:02:58 (17 hours ago)	PARMACOM WEBEXPLOIT 20.227.130.11 (20.227.130.11)	Web App Attack
Anonymous	2026-06-16 11:51:12 (1 day ago)	Bot / seems abusive / Apache connections: 21	DDoS Attack Web Spam Bad Web Bot Web App Attack
🇦🇺 paulshipley.com.au	2026-06-16 09:19:33 (1 day ago)	levellapromotions.com.au:443 20.227.130.11 - - [16/Jun/2026:19:19:31 +1000] "GET /?author=1 HTTP/1.1 ... show more levellapromotions.com.au:443 20.227.130.11 - - [16/Jun/2026:19:19:31 +1000] "GET /?author=1 HTTP/1.1" 404 346160 "https://duckduckgo.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:118.0) Gecko/20100101 Firefox/118.0" ... show less	Web App Attack
🇳🇱 ConsulHosting	2026-06-16 06:13:05 (1 day ago)	Excessive failed CAPTCHA attempts (CAPTCHA DoS)	Web App Attack
🇩🇪 LRob.fr	2026-06-16 03:15:04 (1 day ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇲🇾 Rizzy	2026-06-15 22:44:41 (1 day ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-06-15 21:04:10 (2 days ago)	Attac	Brute-Force
🇬🇷 setupgr	2026-06-15 14:11:09 (2 days ago)	(mod_security) mod_security (id:900001) triggered by 20.227.130.11: 1 in the last 86400 secs; Ports: ... show more (mod_security) mod_security (id:900001) triggered by 20.227.130.11: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Mon Jun 15 17:11:05.643291 2026] [security2:error] [pid 921871:tid 922010] [client 20.227.130.11:59216] ModSecurity: Access denied with code 403 (phase 1). Match of "rx ^(www\\\\.)?(pankoskal\\\\.gr\|sea-sound\\\\.com)$" against "REQUEST_HEADERS:Host" required. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "74"] [id "900001"] [msg "Blocked WP Login attempt on domain: cpanagiotou.gr"] [severity "CRITICAL"] [tag "security"] [hostname "cpanagiotou.gr"] [uri "/wp-login.php"] [unique_id "ajAH-e2clReoPvlJKljCagAAAMU"], referer: https://wordpress.org/ show less	Port Scan
🇩🇪 abdubhai	2026-06-15 10:04:00 (2 days ago)	20.227.130.11 - - [15/Jun/2026:1 ...	Brute-Force
🇺🇸 rsiddall	2026-06-15 07:38:11 (2 days ago)	20.227.130.11 - - [15/Jun/2026:03:28:01 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.har ... show more 20.227.130.11 - - [15/Jun/2026:03:28:01 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0" 20.227.130.11 - - [15/Jun/2026:03:28:04 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:118.0) Gecko/20100101 Firefox/118.0" 20.227.130.11 - - [15/Jun/2026:03:28:06 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.227.130.11 - - [15/Jun/2026:03:28:08 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 20.227.130.11 - - [15/Jun/2026:03:38:05 -0400] "POST /wp-login.ph ... show less	Brute-Force
🇺🇸 rsiddall	2026-06-15 07:17:16 (2 days ago)	20.227.130.11 - - [15/Jun/2026:03:16:58 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.har ... show more 20.227.130.11 - - [15/Jun/2026:03:16:58 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/121.0.0.0 Safari/537.36" 20.227.130.11 - - [15/Jun/2026:03:17:04 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36" 20.227.130.11 - - [15/Jun/2026:03:17:07 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 20.227.130.11 - - [15/Jun/2026:03:17:09 -0400] "POST /wp-login.php HTTP/1.1" 301 254 "http://www.hartfordhumanists.org/wp-login.php" "Mozilla/5.0 (Windows NT 11.0; Win64; x64; rv:120.0) Gecko/20100101 Firefox/120.0" 20.227.130.11 - - [15/Jun/2026:03:17:12 -0 ... show less	Brute-Force
🇵🇱 lns.bz	2026-06-15 02:34:46 (2 days ago)	Web app attack [PL.Lu]	Exploited Host Web App Attack
Anonymous	2026-06-14 19:10:41 (3 days ago)	2026-06-14T21:10:32.587615+02:00 wordpress(www.infinityvision.de)[2312148]: Blocked user enumeratio ... show more 2026-06-14T21:10:32.587615+02:00 wordpress(www.infinityvision.de)[2312148]: Blocked user enumeration attempt from 20.227.130.11 show less	Web Spam Blog Spam Brute-Force Web App Attack
🇧🇪 cmbplf	2026-06-14 17:02:09 (3 days ago)	2.968 requests from abuseipdb.com blacklisted IP (1yr10mos3w)	Brute-Force Bad Web Bot

Showing 1 to 15 of 48 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 40.124.173.90

🇨🇳 218.92.251.198

🇺🇸 198.98.56.227

🇬🇧 195.96.139.163

🇺🇸 184.168.21.211

🇨🇳 180.76.171.14

🇺🇸 162.216.150.247

🇰🇷 121.152.152.177

🇺🇸 100.29.192.10

🇳🇱 91.92.42.195

🇺🇸 44.220.185.211

🇺🇸 34.196.114.170

🇺🇸 205.210.31.67

🇲🇽 148.216.255.251

🇨🇳 118.122.117.64

🇭🇰 43.250.173.130

🇨🇳 39.154.15.65

🇨🇳 39.149.14.193

🇺🇸 32.197.121.68

🇳🇱 31.14.32.5