JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.15.4

20.55.15.4 was found in our database!

This IP was reported 43 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.15.4

Whois 20.55.15.4

IP Abuse Reports for 20.55.15.4:

This IP address has been reported a total of 43 times from 35 distinct sources. 20.55.15.4 was first reported on September 22nd 2025, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 gu-alvareza	2026-06-11 07:05:08 (4 days ago)	Spring.Boot.Actuator.Unauthorized.Access	Brute-Force
Anonymous	2026-06-10 20:06:37 (4 days ago)	Portscan: TCP/2087, TCP/80, TCP/8080, TCP/8443, TCP/2082, TCP/2083, TCP/2086	Port Scan
🇷🇺 loveprod	2026-06-10 19:21:43 (4 days ago)	20.55.15.4 - - [10/Jun/2026:22:21:38 +0300] "GET /.git/HEAD HTTP/1.1" 404 495 "-" "Mozilla/5.0 (comp ... show more 20.55.15.4 - - [10/Jun/2026:22:21:38 +0300] "GET /.git/HEAD HTTP/1.1" 404 495 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 20.55.15.4 - - [10/Jun/2026:22:21:42 +0300] "GET /.env HTTP/1.1" 404 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-10 18:41:37 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 20.55.15.4 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 20.55.15.4 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:41:32.870822 2026] [security2:error] [pid 1735:tid 1735] [client 20.55.15.4:57311] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.197"] [uri "/.git/HEAD"] [unique_id "aimv3Gy07XR6QhKg9SrZxgAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NXTwoThou	2026-06-10 15:03:19 (4 days ago)	/___proxy_subdomain_whm/login/%3Flogin_only=1	Web App Attack
Anonymous	2026-06-10 14:47:04 (4 days ago)	Bad bot	Bad Web Bot
Anonymous	2026-06-10 14:25:08 (4 days ago)	Bot / scanning and/or hacking attempts: GET /.DS_Store HTTP/1.1, GET /config.php HTTP/1.1, GET /phpi ... show more Bot / scanning and/or hacking attempts: GET /.DS_Store HTTP/1.1, GET /config.php HTTP/1.1, GET /phpinfo.php HTTP/1.1, GET /server-status HTTP/1.1, GET /wp-config.php.bak HTTP/1.1, GET /.env.local HTTP/1.1, GET /dump.sql HTTP/1.1, GET /config/database.yml HTTP/1.1, GET /.aws/credentials HTTP/1.1, GET /___proxy_subdomain_whm/login/ HTTP/1.1, GET /.htpasswd HTTP/1.1, GET /.env.save HTTP/1.1, GET /.git/HEAD HTTP/1.1, GET /backup.sql HTTP/1.1, POST /___proxy_subdomain_whm/login/?login_only=1 HTTP/1.1, GET /actuator/env HTTP/1.1, GET /wp-config.php HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 Power Ca	2026-06-10 14:16:27 (4 days ago)	20.55.15.4 - - [10/Jun/2026:14:16:26 +0000] "GET /.env HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Linux; An ... show more 20.55.15.4 - - [10/Jun/2026:14:16:26 +0000] "GET /.env HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack Hacking
🇨🇦 aks4226	2026-06-10 05:47:50 (5 days ago)	Bot search, attacking common web applications.	Web App Attack
🇫🇮 TrafficAnalyser	2026-06-10 05:30:34 (5 days ago)	Port scanning	Port Scan
Anonymous	2026-06-10 05:30:07 (5 days ago)	Jun 10 01:30:07 localhost kernel: [109414708.577432] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 10 01:30:07 localhost kernel: [109414708.577432] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.15.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=42 ID=17071 DF PROTO=TCP SPT=9871 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 10 01:30:07 localhost kernel: [109414708.577453] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.15.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=42 ID=17071 DF PROTO=TCP SPT=9871 DPT=2087 SEQ=145806980 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A65CB9426000000000103030A) Jun 10 01:30:07 localhost kernel: [109414708.745997] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.15.4 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=46 ID=22382 DF PROTO=TCP SPT=9837 DPT=8443 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 10 01:30:07 localhost kernel: [109414708.746006] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC show less	Port Scan
🇺🇸 masterguru	2026-06-10 04:25:43 (5 days ago)	Host header is a numeric IP address. Pattern match "^ (920350-164)	Hacking Bad Web Bot
🇩🇪 bescared	2026-06-10 04:11:31 (5 days ago)	F2B - Malicious activity detected. Excessive port scans. -c23856ef-	Port Scan
🇺🇸 MPL	2026-06-10 03:48:21 (5 days ago)	tcp port scan (8 or more attempts)	Port Scan
🇹🇷 Domainhizmetleri.com	2026-06-10 03:46:33 (5 days ago)	[honeypot] - MS-SQL-PROBE	Port Scan Hacking

Showing 1 to 15 of 43 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 65.49.1.220

🇺🇸 65.49.1.212

🇺🇸 52.177.169.196

🇨🇦 15.235.27.160

🇮🇩 202.51.214.98

🇸🇦 188.53.164.143

🇺🇸 172.217.37.208

🇮🇩 118.137.101.7

🇵🇭 113.19.138.135

🇮🇳 103.172.49.69

🇳🇱 91.92.40.10

🇱🇹 81.30.98.158

🇺🇸 47.253.137.20

🇺🇦 37.221.140.254

🇧🇷 35.199.124.128

🇦🇺 35.189.36.78

🇸🇬 18.141.145.136

🇨🇦 15.235.27.251

🇨🇳 8.141.62.240

🇧🇬 5.188.206.34