JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.213.117

20.55.213.117 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 91%: ?

91%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.213.117

Whois 20.55.213.117

IP Abuse Reports for 20.55.213.117:

This IP address has been reported a total of 19 times from 18 distinct sources. 20.55.213.117 was first reported on January 8th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 Kepler-1649c	2026-06-02 22:05:26 (1 day ago)	Detected Attack: HTPasswd.Access	Hacking
🇧🇷 SOC Blue Team	2026-06-02 13:27:58 (1 day ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 antlac1	2026-06-02 12:48:15 (1 day ago)	crowdsecurity/http-sensitive-files	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 12:45:31 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 20.55.213.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.55.213.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 08:45:26.055029 2026] [security2:error] [pid 21464:tid 21464] [client 20.55.213.117:41584] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.19"] [uri "/.git/HEAD"] [unique_id "ah7QZvOCFRJdEI6A1u2l0wAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Version Net	2026-06-02 12:39:00 (1 day ago)	IPS Detection: HTPasswd.Access	Hacking
🇵🇱 dzpk	2026-06-02 12:09:31 (1 day ago)	[02/Jun/2026:14:09:24 +0200] 178040216475.033704 20.55.213.117 40912 HOST 80 [02/Jun/2026:14:09:27 + ... show more [02/Jun/2026:14:09:24 +0200] 178040216475.033704 20.55.213.117 40912 HOST 80 [02/Jun/2026:14:09:27 +0200] 178040216730.128146 20.55.213.117 40897 HOST 80 [02/Jun/2026:14:09:30 +0200] 178040217094.536565 20.55.213.117 40724 HOST 80 show less	Web App Attack
🇫🇷 dynamix	2026-06-02 11:57:13 (1 day ago)	Multiple WAF Violations	Web App Attack
🇺🇸 ShadowWhisperer	2026-06-02 11:22:44 (1 day ago)	HTTP GET /.git/HEAD UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KH	Web App Attack
🇬🇧 ISPLtd	2026-06-02 11:06:48 (1 day ago)	Jun 2 08:06:47 20.55.213.117 TCP SPT=40048 DPT=2082 SYN Jun 2 08:06:47 20.55.213.117 TCP SPT=40027 ... show more Jun 2 08:06:47 20.55.213.117 TCP SPT=40048 DPT=2082 SYN Jun 2 08:06:47 20.55.213.117 TCP SPT=40027 DPT=2087 SYN Jun 2 08:06:47 20.55.213.117 TCP SPT=40043 DPT=8443 ... show less	Port Scan
🇺🇸 EricTheRedFL	2026-06-02 11:03:37 (1 day ago)	web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:17 -0400] "GET /.env.backup HTTP/1.1" 301 599 ... show more web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:17 -0400] "GET /.env.backup HTTP/1.1" 301 599 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:19 -0400] "GET /.env.save HTTP/1.1" 301 595 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:23 -0400] "GET /.aws/credentials HTTP/1.1" 301 609 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:25 -0400] "GET /config/database.yml HTTP/1.1" 301 615 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" web.ab-data.us:80 20.55.213.117 - - [02/Jun/2026:07:03:35 -0400] "GET /config.php HTTP/ ... show less	Hacking Brute-Force Web App Attack
🇨🇦 Blinker73	2026-06-02 10:48:20 (1 day ago)	2026-06-02T06:48 kernel: OUT= SRC=20.55.213.117 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=42693 DF P ... show more 2026-06-02T06:48 kernel: OUT= SRC=20.55.213.117 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=42693 DF PROTO=TCP SPT=40607 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-02T06:48 kernel: OUT= SRC=20.55.213.117 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=25614 DF PROTO=TCP SPT=40616 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-02T06:48 kernel: OUT= SRC=20.55.213.117 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=52743 DF PROTO=TCP SPT=40597 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP= show less	Port Scan
🇹🇭 Sawasdee	2026-06-02 10:42:43 (1 day ago)	Port Scan ...	Port Scan
Anonymous	2026-06-02 10:31:34 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-06-02 10:16:52 (1 day ago)	2026-06-02 10:16:52 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇨🇦 Slackin' Jack	2026-06-02 10:06:07 (1 day ago)	Triggered honeypot on port 2083. (20.55.213.117)	Port Scan

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2401:4900:1f39:2f58:5da5:4005:eaac:c6fa

🇺🇸 147.124.202.130

🇨🇳 118.239.5.240

🇺🇸 104.248.11.46

🇺🇸 74.125.78.147

🇻🇳 36.50.177.171

🇺🇸 35.93.193.46

🇨🇳 219.143.174.162

🇫🇷 167.86.71.49

🇭🇰 152.32.187.177

🇮🇳 103.50.83.35

🇨🇦 99.250.108.2

🇺🇸 64.62.156.219

🇺🇸 54.201.117.232

🇲🇾 49.125.201.66

🇲🇾 49.124.155.162

🇲🇾 49.124.154.166

🇰🇷 211.106.137.135

🇰🇷 115.178.75.243

🇧🇩 103.80.2.243