JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.87.132

20.55.87.132 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.87.132

Whois 20.55.87.132

IP Abuse Reports for 20.55.87.132:

This IP address has been reported a total of 46 times from 40 distinct sources. 20.55.87.132 was first reported on May 13th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC-BR	2026-06-03 07:26:26 (16 hours ago)	Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 1 ... show more Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 14:48:45 - Source Port 17509 show less	Port Scan Hacking
🇹🇭 Sawasdee	2026-06-03 06:42:06 (17 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-03 05:41:24 (18 hours ago)	tcp port scan (8 or more attempts)	Port Scan
🇫🇮 6kilowatti	2026-06-03 05:32:00 (18 hours ago)	2026-06-03T08:31:59.849429+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:f ... show more 2026-06-03T08:31:59.849429+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:fd:74:70:71:9e:08:00 SRC=20.55.87.132 DST=10.0.0.30 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=17066 DF PROTO=TCP SPT=39643 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 05:28:11 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.55.87.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.87.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:28:07.732982 2026] [security2:error] [pid 15916:tid 15916] [client 20.55.87.132:39351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.10"] [uri "/.env"] [unique_id "ah-7Z7orbc5GRu5kjr5BbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC Blue Team	2026-06-03 05:26:08 (18 hours ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇧🇷 diego	2026-06-03 04:30:20 (19 hours ago)	[probe-44-49] 2026-06-03 04:12:27, Client: 20.55.87.132, Protocol: 6, Unauthorized activity to HTTP: ... show more [probe-44-49] 2026-06-03 04:12:27, Client: 20.55.87.132, Protocol: 6, Unauthorized activity to HTTP: POST /___proxy_subdomain_whm/login/ show less	Web App Attack
🇧🇪 Lunix	2026-06-03 04:21:53 (19 hours ago)		Brute-Force Web App Attack
🇺🇸 RAP	2026-06-03 04:03:42 (20 hours ago)	2026-06-03 04:03:42 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇦🇺 Telemetry2U.com	2026-06-03 03:32:18 (20 hours ago)	Unauthorized connection attempt to port 8080	Hacking
🇩🇪 Phenix Info	2026-06-03 02:42:15 (21 hours ago)	SmallGuard.fr/Prestashop Forbidden Ext.	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-06-03 02:36:33 (21 hours ago)	Persistent port scanning or vulnerability scanning	Port Scan
Anonymous	2026-06-03 02:35:02 (21 hours ago)	suspicious request in access.log	Web App Attack
Anonymous	2026-06-02 23:00:00 (1 day ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 157.245.35.213

🇸🇬 148.66.132.204

🇨🇳 218.89.240.144

🇩🇪 213.209.159.235

🇺🇸 192.0.86.185

🇺🇸 174.160.224.71

🇻🇳 160.191.54.27

🇩🇪 144.31.157.103

🇰🇷 121.131.220.157

🇵🇰 103.186.114.73

🇭🇰 103.146.158.57

🇫🇷 91.231.89.78

🇦🇪 20.203.42.204

🇸🇦 5.82.250.208

🇨🇳 222.176.200.224

🇳🇱 195.178.110.204

🇵🇪 190.119.132.43

🇩🇪 172.70.240.122

🇮🇳 135.13.11.134

🇳🇱 92.112.126.183