JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.213.116

20.55.213.116 was found in our database!

This IP was reported 184 times. Confidence of Abuse is 45%: ?

45%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.213.116

Whois 20.55.213.116

IP Abuse Reports for 20.55.213.116:

This IP address has been reported a total of 184 times from 136 distinct sources. 20.55.213.116 was first reported on August 7th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-10 22:45:00 (5 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇹🇼 kk_it_man	2026-06-10 11:00:12 (6 days ago)		Port Scan
🇺🇸 TPI-Abuse	2026-06-10 10:13:41 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 20.55.213.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.55.213.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 06:13:37.482394 2026] [security2:error] [pid 20928:tid 20928] [client 20.55.213.116:56199] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.222"] [uri "/.git/HEAD"] [unique_id "aik40a4N5WMdPaIxUdxWXQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 09:54:14 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 20.55.213.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.55.213.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 05:54:08.828502 2026] [security2:error] [pid 19917:tid 19917] [client 20.55.213.116:56129] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.217"] [uri "/.git/HEAD"] [unique_id "aik0QGNjZmnpOvp2oWr84wAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-10 09:34:02 (6 days ago)	Sensitive File Probe	Web App Attack
🇺🇸 RogueAutomata	2026-06-10 08:22:52 (6 days ago)	Detected malicious request: GET /.git/HEAD Detections triggered: Environment/config probe Access vi ... show more Detected malicious request: GET /.git/HEAD Detections triggered: Environment/config probe Access via IP addr (v4) show less	Web App Attack
🇫🇷 dynamix	2026-06-10 07:37:18 (6 days ago)	Multiple WAF Violations	Web App Attack
🇦🇺 LiftUp Hosting	2026-06-10 05:40:01 (6 days ago)	Honeypot hit: Empty payload (likely service probe); 2087 [3], 2086 [1], 2083 [1] TCP	Port Scan
🇹🇷 0xi	2026-03-13 06:00:43 (3 months ago)	SSH brute-force attack detected (57 attempts). Targeted ports: 22. Triggered sensors: P0f, Cowrie, S ... show more SSH brute-force attack detected (57 attempts). Targeted ports: 22. Triggered sensors: P0f, Cowrie, Suricata, Fatt. Post-exploitation commands were executed. Observed via distributed honeypot network. show less	Brute-Force SSH
🇩🇪 enjoyably	2026-02-28 23:02:16 (3 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/ssh-bf	SSH Brute-Force
🇹🇷 rtbh.com.tr	2026-02-28 20:11:48 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇫🇷 SiyCah	2026-02-27 07:00:04 (3 months ago)	20.55.213.116 fell into Endlessh tarpit; 0/2 total connections are currently still open. Total time ... show more 20.55.213.116 fell into Endlessh tarpit; 0/2 total connections are currently still open. Total time wasted: 7s. Total bytes sent by tarpit: 615B. Report generated by Endlessh Report Generator v1.2.3 show less	Brute-Force Port Scan SSH Hacking
🇺🇸 pduggusa	2026-02-27 01:52:15 (3 months ago)	Detected attacking dugganusa.com at 2026-02-27T01:52:15.561Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-02-27T01:52:15.561Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
🇺🇸 pduggusa	2026-02-27 00:57:08 (3 months ago)	Detected attacking dugganusa.com at 2026-02-27T00:57:08.795Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-02-27T00:57:08.795Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH
🇺🇸 pduggusa	2026-02-27 00:11:21 (3 months ago)	Detected attacking dugganusa.com at 2026-02-27T00:11:21.148Z \| Attack: External Remote Services \| So ... show more Detected attacking dugganusa.com at 2026-02-27T00:11:21.148Z \| Attack: External Remote Services \| Source: DugganUSA PreCog auto-block show less	Hacking DDoS Attack SSH

Showing 1 to 15 of 184 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.92.251.198

🇩🇪 194.187.176.239

🇳🇱 176.65.139.94

🇺🇸 172.93.106.153

🇺🇸 154.17.23.140

🇧🇷 45.164.251.106

🇨🇦 4.239.240.98

🇨🇦 216.26.233.21

🇩🇪 209.38.255.6

🇺🇸 172.202.117.213

🇩🇪 164.92.161.148

🇺🇸 143.198.151.73

🇺🇸 129.146.247.247

🇮🇳 122.165.235.131

🇬🇧 89.34.96.151

🇳🇱 45.148.10.151

🇧🇷 187.180.167.23

🇳🇱 185.99.99.95

🇧🇬 151.237.79.243

🇳🇱 45.148.10.152