JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.25.10.68

20.25.10.68 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.25.10.68

Whois 20.25.10.68

IP Abuse Reports for 20.25.10.68:

This IP address has been reported a total of 23 times from 18 distinct sources. 20.25.10.68 was first reported on May 31st 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Axel	2026-06-16 08:20:51 (1 day ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 31681 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 31681 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-09 15:04:18 (1 week ago)	PORT & IP Scan.	Port Scan Brute-Force
Anonymous	2026-06-09 11:00:00 (1 week ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
Anonymous	2026-06-09 00:10:37 (1 week ago)	abuse ssl access	Hacking Brute-Force Web App Attack
🇩🇪 cloudmax	2026-06-08 23:03:19 (1 week ago)	Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnera ... show more Cloudmax IPS Block - Suspicious activity. Possible port scanning, service reconnaissance, or vulnerability probing show less	Port Scan
🇺🇦 RatCommander	2026-06-08 22:58:57 (1 week ago)	CrowdSec: crowdsecurity/http-probing	Port Scan Web App Attack
Anonymous	2026-06-08 22:46:32 (1 week ago)	Repeated unauthorized connection attempts to restricted service observed.	Port Scan Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-08 22:42:37 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 18:42:33.410631 2026] [security2:error] [pid 27801:tid 27801] [client 20.25.10.68:24538] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.187"] [uri "/.git/HEAD"] [unique_id "aidFWZR1sZc7SAypSNHDIQAAADA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 22:37:29 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇫🇷 dynamix	2026-06-08 22:09:56 (1 week ago)	Multiple WAF Violations	Web App Attack
🇨🇿 Honzas	2026-06-08 22:07:02 (1 week ago)	Unsolicited connection attemp, port 443/TCP	Port Scan
🇫🇮 iamxorum	2026-06-08 21:46:26 (1 week ago)	2026-06-08T21:46:25.947509+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74 ... show more 2026-06-08T21:46:25.947509+00:00 XRM-01 kernel: [HONEYPORT] IN=eth0 OUT= MAC=92:00:06:e6:da:95:d2:74:7f:6e:37:e3:08:00 SRC=20.25.10.68 DST=46.62.222.43 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=28146 DF PROTO=TCP SPT=24943 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-08 20:35:43 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 16:35:36.383763 2026] [security2:error] [pid 9490:tid 9490] [client 20.25.10.68:25434] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.38"] [uri "/.git/HEAD"] [unique_id "aicnmGWOH0bCxxGN6sTaTQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 XICTRON	2026-06-08 19:45:03 (1 week ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 19:36:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 20.25.10.68 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 15:36:11.612940 2026] [security2:error] [pid 12512:tid 12512] [client 20.25.10.68:25319] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.195"] [uri "/.git/HEAD"] [unique_id "aicZq6w9nw6KPEEWyK9T-QAAABo"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 182.95.189.66

🇨🇳 125.46.38.18

🇨🇳 120.48.38.223

🇵🇰 103.86.52.211

🇫🇷 91.231.89.154

🇻🇪 201.249.69.50

🇮🇩 103.186.31.66

🇻🇳 103.60.242.169

🇹🇼 101.13.4.120

🇳🇱 45.142.193.18

🇺🇸 34.48.184.237

🇷🇺 31.173.8.170

🇩🇪 213.209.159.108

🇳🇬 197.211.58.51

🇧🇬 193.24.211.247

🇵🇰 139.135.59.145

🇨🇳 120.26.210.195

🇹🇼 115.43.150.20

🇨🇳 106.75.184.142

🇲🇽 101.44.189.37