JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.38.4.117

20.38.4.117 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.38.4.117

Whois 20.38.4.117

IP Abuse Reports for 20.38.4.117:

This IP address has been reported a total of 14 times from 13 distinct sources. 20.38.4.117 was first reported on April 28th 2023, and the most recent report was 3 years ago.

Old Reports: The most recent abuse report for this IP address is from 3 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇴 adalbertoreyes.org	2023-04-29 18:16:54 (3 years ago)	CategoryPortScan	Port Scan
🇧🇷 TM	2023-04-28 14:39:33 (3 years ago)	GET /...nvOpzp; AND 1=1 OR (<'">iKO)), HTTP/1.1	Hacking SQL Injection Web App Attack
🇪🇸 IT Infraestructura	2023-04-28 13:43:10 (3 years ago)	SQL Injection blocked from IP 20.38.4.117	SQL Injection
🇩🇰 JBH	2023-04-28 13:08:42 (3 years ago)	Tamper HTTP Requests by script code injection	Hacking SQL Injection
🇯🇵 HeliJP	2023-04-28 09:14:12 (3 years ago)	2023-04-28 06:44:21 - Recognized attacks\bad behavior from IP address 20.38.4.117 on port 443\80 (9 ... show more 2023-04-28 06:44:21 - Recognized attacks\bad behavior from IP address 20.38.4.117 on port 443\80 (9 daily hits): SQL Injection Attack, SQL Injection Attack Detected via libinjection, SQL Injection Attack: SQL Tautology Detected show less	Hacking SQL Injection
🇮🇩 hermawan	2023-04-28 08:54:06 (3 years ago)	[Fri Apr 28 15:54:04.328634 2023] [security2:error] [pid 192131:tid 140386676749888] [client 20.38.4 ... show more [Fri Apr 28 15:54:04.328634 2023] [security2:error] [pid 192131:tid 140386676749888] [client 20.38.4.117:59278] [client 20.38.4.117] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){12})" at ARGS:id. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1393"] [id "942430"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal- found within ARGS:id: 555555611:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-18-25-april-2017"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "p ... show less	Hacking Web App Attack
🇺🇸 antbr.com	2023-04-28 06:34:00 (3 years ago)	AntBR.com =>/index2.php?page=news%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&p=4%27nvOpzp;%20A ... show more AntBR.com =>/index2.php?page=news%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&p=4%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), show less	Web App Attack
🇭🇺 Sotlatnuh	2023-04-28 06:06:08 (3 years ago)	Web App Attack: Attempts to probe for or exploit installed web applications such as a CMS like WordP ... show more Web App Attack: Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software plugins/solutions. show less	Hacking Web App Attack
🇳🇱 webtales.org	2023-04-28 05:55:46 (3 years ago)	SQL Injection attack (Automatically banned forever)	Hacking SQL Injection
🇺🇸 SiliSoftware	2023-04-28 05:17:33 (3 years ago)	/phpBB3/viewtopic.php?f=4&t=525&p=1678&hilit=overwrite_tags	Web App Attack
🇹🇼 kk_it_man	2023-04-28 05:10:19 (3 years ago)	hack	Hacking
🇮🇩 hermawan	2023-04-28 03:24:56 (3 years ago)	[Fri Apr 28 10:24:54.348805 2023] [security2:error] [pid 129305:tid 140053699352128] [client 20.38.4 ... show more [Fri Apr 28 10:24:54.348805 2023] [security2:error] [pid 129305:tid 140053699352128] [client 20.38.4.117:62766] [client 20.38.4.117] ModSecurity: Access denied with code 403 (phase 2). Pattern match "((?:[~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>][^~!@#\\\\$%\\\\^&\\\\\\\$\\\$\\\\-\\\\+=\\\\{\\\\}\\\\[\\\\]\\\\\|:;\\"'\\xc2\\xb4\\xe2\\x80\\x99\\xe2\\x80\\x98`<>]*?){12})" at ARGS:id. [file "/etc/modsecurity/coreruleset-3.3.4/rules/REQUEST-942-APPLICATION-ATTACK-SQLI.conf"] [line "1393"] [id "942430"] [msg "Restricted SQL Character Anomaly Detection (args): # of special characters exceeded (12)"] [data "Matched Data: :prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal- found within ARGS:id: 555555611:prakiraan-cuaca-daerah-malang-dan-batu-seminggu-ke-depan-berlaku-tanggal-18-25-april-2017"] [severity "WARNING"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "p ... show less	Hacking Web App Attack
🇫🇷 Tonga-Soa	2023-04-28 02:43:40 (3 years ago)	"Inject nvopzp"	Hacking SQL Injection
🇩🇪 Sklurk	2023-04-28 02:08:35 (3 years ago)	Web App Attack	Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.194.174.116

🇺🇸 209.126.80.127

🇧🇷 205.210.31.196

🇵🇰 182.189.70.24

🇩🇪 167.94.145.21

🇱🇹 81.30.98.144

🇺🇸 72.10.32.138

🇳🇱 45.148.10.147

🇨🇳 220.181.108.105

🇺🇸 208.87.243.61

🇳🇱 195.178.110.30

🇧🇷 190.115.84.25

🇷🇴 80.94.92.166

🇺🇸 74.7.175.144

🇺🇸 44.56.237.164

🇺🇸 44.23.165.54

🇨🇳 1.24.16.156

🇧🇴 200.105.172.184

🇧🇪 198.235.24.209

🇻🇳 180.93.0.54