JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.15.231

20.55.15.231 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.15.231

Whois 20.55.15.231

IP Abuse Reports for 20.55.15.231:

This IP address has been reported a total of 38 times from 24 distinct sources. 20.55.15.231 was first reported on April 8th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-09 22:17:45 (13 hours ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-09 22:15:36 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 18:15:30.299526 2026] [security2:error] [pid 9386:tid 9386] [client 20.55.15.231:9214] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.13"] [uri "/.git/HEAD"] [unique_id "aiiQghrSqEAD6T7JZ3nXUgAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 wupinyin	2026-06-09 21:19:22 (14 hours ago)	CrowdSec ban: ET WEB_SERVER WEB-PHP phpinfo access	Port Scan Hacking
Anonymous	2026-06-09 21:13:12 (14 hours ago)		Web App Attack
🇧🇾 lns.bz	2026-06-09 19:41:09 (16 hours ago)	Too many 404 requests [BY]	Web App Attack
🇩🇪 Axel	2026-06-09 18:31:09 (17 hours ago)	[2026-06-09 18:31:09 UTC] Honeypot HTTP-Alt connection attempt \| AXFRA HONEYPOT	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 18:13:32 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 14:13:24.328949 2026] [security2:error] [pid 1539:tid 1539] [client 20.55.15.231:9394] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.245"] [uri "/.git/HEAD"] [unique_id "aihXxJs0DOy_pZJiSUFuHwAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 17:34:12 (18 hours ago)	20.55.15.231 - - [09/Jun/2026:19:34:11 +0200] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 ( ... show more 20.55.15.231 - - [09/Jun/2026:19:34:11 +0200] "GET /.git/config HTTP/1.1" 301 169 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 17:06:05 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.15.231 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:06:00.524405 2026] [security2:error] [pid 18384:tid 18384] [client 20.55.15.231:9847] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.57"] [uri "/.git/HEAD"] [unique_id "aihH-DdwVpSTQs0NgL5F0AAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 begou.dev	2026-06-09 16:42:34 (19 hours ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/8080	Port Scan
🇯🇵 demonsword	2026-06-07 10:30:45 (3 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: fapi.binance.com:443 show less	Open Proxy Port Scan
🇫🇮 [email protected]	2026-06-02 06:53:36 (1 week ago)	Attack attempt against Interwebbi servers; Port Scan detected from 20.55.15.231 (US/United States/ ... show more Attack attempt against Interwebbi servers; Port Scan detected from 20.55.15.231 (US/United States/-). 5 hits in the last 160 seconds; IP: 20.55.15.231; Ports: *; Direction: 0; Trigger: PS_LIMIT; show less	Brute-Force
🇺🇸 MPL	2026-06-02 04:22:31 (1 week ago)	tcp port scan (3 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-02 04:04:22 (1 week ago)	2026-06-02 04:04:22 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
Anonymous	2026-06-02 02:41:13 (1 week ago)	Unauthorized access (tcp/80/http)	Port Scan Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 149.40.242.155

🇨🇳 114.88.168.69

🇩🇪 46.224.239.112

🇸🇬 194.5.82.161

🇦🇲 185.215.55.125

🇺🇸 151.240.254.51

🇻🇳 103.28.36.99

🇭🇰 101.36.124.127

🇨🇳 39.156.173.54

🇨🇳 36.134.208.91

🇸🇬 194.5.82.145

🇸🇬 194.5.82.135

🇸🇬 194.5.82.120

🇮🇶 185.166.25.150

🇮🇩 180.252.169.228

🇧🇷 152.234.98.128

🇺🇸 97.93.43.157

🇺🇸 96.44.174.248

🇳🇱 45.148.10.147

🇨🇳 39.101.95.78