JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.42.50.59

20.42.50.59 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.42.50.59

Whois 20.42.50.59

IP Abuse Reports for 20.42.50.59:

This IP address has been reported a total of 38 times from 17 distinct sources. 20.42.50.59 was first reported on June 28th 2024, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 CommanderRoot	2024-07-26 05:29:34 (1 year ago)	HTTP request flood, even after hitting rate limiting	DDoS Attack Web Spam
🇩🇪 Packets-Decreaser.NET	2024-07-23 14:18:13 (1 year ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 octageeks.com	2024-07-07 04:09:01 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇮🇪 Jim Keir	2024-07-06 14:00:02 (1 year ago)	2024-07-06 14:00:01 20.42.50.59 File scanning, blocking 20.42.50.59 for 5 minutes	Web App Attack
🇺🇸 TPI-Abuse	2024-07-05 23:10:11 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 05 19:10:04.510242 2024] [security2:error] [pid 13115] [client 20.42.50.59:42952] [client 20.42.50.59] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 20.42.50.59 (+1 hits since last alert)\|www.efsews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.efsews.com"] [uri "/xmlrpc.php"] [unique_id "Zoh9TDILHlTPcCVfcCrGEgAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2024-07-05 04:09:05 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 dtorrer	2024-07-04 13:59:01 (1 year ago)	Brute-force general attack.	Brute-Force
🇺🇸 octageeks.com	2024-07-04 04:09:00 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇳🇱 Linuxmalwarehuntingnl	2024-07-03 08:55:15 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇺🇸 RLDD	2024-07-03 05:05:05 (1 year ago)	WP login attempts -mob	Brute-Force
🇺🇸 TPI-Abuse	2024-07-03 03:12:40 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 23:12:36.275418 2024] [security2:error] [pid 8364] [client 20.42.50.59:37508] [client 20.42.50.59] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 20.42.50.59 (+1 hits since last alert)\|www.plazahacienda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.plazahacienda.com"] [uri "/xmlrpc.php"] [unique_id "ZoTBpF1N11VqVk6hbWh6nQAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 21:00:46 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 17:00:41.251189 2024] [security2:error] [pid 7964] [client 20.42.50.59:48016] [client 20.42.50.59] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 20.42.50.59 (+1 hits since last alert)\|www.thenarrowpodcast.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.thenarrowpodcast.com"] [uri "/xmlrpc.php"] [unique_id "ZoRqeUxFI3BwCiQue0khbwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 11:07:54 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 07:07:47.130583 2024] [security2:error] [pid 11790] [client 20.42.50.59:38532] [client 20.42.50.59] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 20.42.50.59 (+1 hits since last alert)\|farsipraiseclub.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "farsipraiseclub.com"] [uri "/xmlrpc.php"] [unique_id "ZoPfg5MEganPtnk2uDhpKQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-07-02 08:56:58 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240335) triggered by 20.42.50.59 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jul 02 04:56:50.954994 2024] [security2:error] [pid 24544:tid 47309457876736] [client 20.42.50.59:38556] [client 20.42.50.59] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 20.42.50.59 (+1 hits since last alert)\|www.seriousgames.global\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.seriousgames.global"] [uri "/xmlrpc.php"] [unique_id "ZoPA0p8oP0IJGknHCZKmTwAAARM"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 applemooz	2024-07-02 07:53:54 (1 year ago)	WordPress XMLRPC Brute Force Attacks ...	Brute-Force Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇬 41.210.131.212

🇺🇸 216.218.206.66

🇺🇸 205.210.31.47

🇧🇷 170.231.129.215

🇨🇮 154.0.30.137

🇻🇳 113.173.3.136

🇨🇱 45.236.128.46

🇬🇧 5.226.140.96

🇬🇧 195.140.214.23

🇲🇽 189.138.32.1

🇳🇱 185.224.128.16

🇺🇸 162.243.228.110

🇸🇬 152.42.212.128

🇫🇮 147.185.133.119

🇺🇸 69.164.216.98

🇺🇸 44.220.188.136

🇨🇳 36.133.184.250

🇬🇧 35.203.210.47

🇦🇺 34.40.145.110

🇬🇧 5.181.124.7