JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.222.81

20.55.222.81 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 51%: ?

51%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.222.81

Whois 20.55.222.81

IP Abuse Reports for 20.55.222.81:

This IP address has been reported a total of 39 times from 27 distinct sources. 20.55.222.81 was first reported on August 24th 2025, and the most recent report was 48 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 its101	2026-06-04 13:55:09 (48 minutes ago)	Automated detection by LockdownAccess security system. Attack type(s): git_exposure, env_grab, wp_pr ... show more Automated detection by LockdownAccess security system. Attack type(s): git_exposure, env_grab, wp_probe, framework_probe, config_probe, data_exposure. Reason: Nginx: git_exposure attack. Path targeted: unknown. Blocked in Cloudflare. show less	Web App Attack
🇫🇷 Version Net	2026-06-04 13:09:33 (1 hour ago)	IPS Detection: Spring.Boot.Actuator.Unauthorized.Access	Hacking
Anonymous	2026-06-04 13:08:52 (1 hour ago)	Jun 4 09:08:51 localhost kernel: [108923844.616734] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:9 ... show more Jun 4 09:08:51 localhost kernel: [108923844.616734] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.222.81 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=43 ID=24276 DF PROTO=TCP SPT=18724 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 4 09:08:51 localhost kernel: [108923844.616764] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.222.81 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=43 ID=24276 DF PROTO=TCP SPT=18724 DPT=2083 SEQ=1413729989 ACK=0 WINDOW=64240 RES=0x00 SYN URGP=0 OPT (020405A00402080A426F8E5D000000000103030A) Jun 4 09:08:51 localhost kernel: [108923844.625943] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e:08:00 SRC=20.55.222.81 DST=[mungedIP2] LEN=60 TOS=0x00 PREC=0x40 TTL=46 ID=11870 DF PROTO=TCP SPT=18688 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 Jun 4 09:08:51 localhost kernel: [108923844.628540] iptables_INPUT_denied: IN=eth0 OUT= MAC=f2:3c:91:84:83:95:00:00:0c:9f:f0:1e show less	Port Scan
🇧🇾 lns.bz	2026-06-04 12:14:26 (2 hours ago)	Too many 404 requests [BY]	Web App Attack
Anonymous	2026-06-04 12:00:11 (2 hours ago)	[Thu Jun 04 15:00:07.620760 2026] [authz_core:error] [pid 24233] [client 20.55.222.81:18889] AH01630 ... show more [Thu Jun 04 15:00:07.620760 2026] [authz_core:error] [pid 24233] [client 20.55.222.81:18889] AH01630: client denied by server configuration: /var/www/html/.git [Thu Jun 04 15:00:08.770698 2026] [authz_core:error] [pid 6611] [client 20.55.222.81:18898] AH01630: client denied by server configuration: /var/www/html/.git [Thu Jun 04 15:00:10.704008 2026] [authz_core:error] [pid 24264] [client 20.55.222.81:19598] AH01630: client denied by server configuration: /var/www/html/.env show less	Bad Web Bot
🇳🇱 homeshowdomain.nl	2026-04-12 22:01:40 (1 month ago)	Auto-ban: >3000 req/min op 2026-04-12	Web App Attack SSH Hacking
🇺🇸 octageeks.com	2026-04-12 04:07:24 (1 month ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇬🇧 consul.to	2026-04-12 00:45:34 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇧🇪 cmbplf	2026-04-12 00:33:23 (1 month ago)	1.656 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇩🇪 wsyq	2026-04-12 00:29:20 (1 month ago)	Fail2Ban - \[NGINX\]40x-Forcing to access a restricted resource ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 00:14:35 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 20.55.222.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.222.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 20:14:32.129268 2026] [security2:error] [pid 2406288:tid 2406288] [client 20.55.222.81:36800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jgraue.com"] [uri "/.git/config"] [unique_id "adrj6O3SDmsKxOTFYld8gQAAACY"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 debestelapp	2026-04-12 00:05:07 (1 month ago)		Web App Attack
🇩🇪 FeG Deutschland	2026-04-11 23:56:45 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
🇺🇸 RogueAutomata	2026-04-11 23:52:25 (1 month ago)	Detected malicious request: GET /.git/config Detections triggered: Environment/config probe	Web App Attack
🇺🇸 TPI-Abuse	2026-04-11 23:44:39 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 20.55.222.81 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.222.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 19:44:35.915462 2026] [security2:error] [pid 3587225:tid 3587225] [client 20.55.222.81:35156] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "vexxarr.com"] [uri "/.git/config"] [unique_id "adrc44CFQxq55fosLdbBPgAAAA4"], referer: https://mail.google.com/ show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.39.18.175

🇰🇷 183.108.192.120

🇨🇳 180.124.230.90

🇧🇷 179.87.159.193

🇲🇾 145.79.30.56

🇮🇩 103.165.206.238

🇳🇱 45.148.10.240

🇨🇳 220.197.78.89

🇧🇷 201.17.146.173

🇬🇧 193.163.125.2

🇳🇱 176.65.139.238

🇷🇺 81.23.173.32

🇷🇴 80.94.92.177

🇺🇸 66.132.195.73

🇺🇸 34.122.147.229

🇮🇳 139.59.21.124

🇺🇸 65.49.1.172

🇱🇺 46.151.182.161

🇺🇸 34.72.176.129

🇮🇳 2401:4900:b408:f8f5:34bb:b773:747d:ac61