JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.87.132

20.55.87.132 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.87.132

Whois 20.55.87.132

IP Abuse Reports for 20.55.87.132:

This IP address has been reported a total of 46 times from 40 distinct sources. 20.55.87.132 was first reported on May 13th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC-BR	2026-06-03 07:26:26 (1 week ago)	Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 1 ... show more Attack detected by Fortinet - applications3: Spring.Boot.Actuator.Unauthorized.Access - 2026-06-02 14:48:45 - Source Port 17509 show less	Port Scan Hacking
🇹🇭 Sawasdee	2026-06-03 06:42:06 (1 week ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-03 05:41:24 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇫🇮 6kilowatti	2026-06-03 05:32:00 (1 week ago)	2026-06-03T08:31:59.849429+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:f ... show more 2026-06-03T08:31:59.849429+03:00 koti kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:bd:29:2d:18:fd:74:70:71:9e:08:00 SRC=20.55.87.132 DST=10.0.0.30 LEN=60 TOS=0x00 PREC=0x00 TTL=48 ID=17066 DF PROTO=TCP SPT=39643 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 05:28:11 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.55.87.132 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.87.132 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:28:07.732982 2026] [security2:error] [pid 15916:tid 15916] [client 20.55.87.132:39351] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.10"] [uri "/.env"] [unique_id "ah-7Z7orbc5GRu5kjr5BbwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC Blue Team	2026-06-03 05:26:08 (1 week ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇧🇷 diego	2026-06-03 04:30:20 (1 week ago)	[probe-44-49] 2026-06-03 04:12:27, Client: 20.55.87.132, Protocol: 6, Unauthorized activity to HTTP: ... show more [probe-44-49] 2026-06-03 04:12:27, Client: 20.55.87.132, Protocol: 6, Unauthorized activity to HTTP: POST /___proxy_subdomain_whm/login/ show less	Web App Attack
🇧🇪 Lunix	2026-06-03 04:21:53 (1 week ago)		Brute-Force Web App Attack
🇺🇸 RAP	2026-06-03 04:03:42 (1 week ago)	2026-06-03 04:03:42 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇦🇺 Telemetry2U.com	2026-06-03 03:32:18 (1 week ago)	Unauthorized connection attempt to port 8080	Hacking
🇩🇪 Phenix Info	2026-06-03 02:42:15 (1 week ago)	SmallGuard.fr/Prestashop Forbidden Ext.	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-06-03 02:36:33 (1 week ago)	Persistent port scanning or vulnerability scanning	Port Scan
Anonymous	2026-06-03 02:35:02 (1 week ago)	suspicious request in access.log	Web App Attack
Anonymous	2026-06-02 23:00:00 (1 week ago)	SSH Brute-Force	DDoS Attack Port Scan Hacking Brute-Force SSH
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan

Showing 1 to 15 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇷 166.1.2.18

🇲🇱 196.200.95.26

🇧🇷 170.233.184.99

🇻🇳 152.32.250.21

🇳🇱 107.189.27.179

🇺🇸 91.230.168.95

🇺🇸 66.132.195.90

🇺🇸 66.132.172.32

🇫🇮 65.109.175.177

🇺🇸 65.49.1.192

🇰🇪 41.60.144.202

🇺🇸 35.185.83.164

🇮🇩 34.50.66.223

🇸🇬 34.21.215.109

🇪🇪 213.35.128.24

🇰🇷 211.63.34.149

🇧🇷 187.0.238.211

🇧🇷 186.209.52.199

🇨🇳 183.92.234.190

🇫🇮 80.66.83.151