JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.55.87.147

20.55.87.147 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 64%: ?

64%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.55.87.147

Whois 20.55.87.147

IP Abuse Reports for 20.55.87.147:

This IP address has been reported a total of 32 times from 27 distinct sources. 20.55.87.147 was first reported on September 13th 2025, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 RAP	2026-06-13 15:27:16 (3 days ago)	2026-06-13 15:27:16 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-06-13 14:15:58 (3 days ago)	tcp ports: 10000,2086 (2 or more attempts)	Port Scan
🇺🇸 xmission.com	2026-06-13 13:23:41 (3 days ago)	Blocked by UFW (TCP on 80) Source port: 22592 TTL: 45 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 22592 TTL: 45 Packet length: 60 TOS: 0x00 This report (for 20.55.87.147) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 femboy.cat	2026-06-13 12:56:15 (3 days ago)	Port scan to tcp/2086 from 20.55.87.147	Brute-Force
🇺🇸 Axel	2026-06-13 12:49:26 (3 days ago)	Blocked by UFW on MVI [2082/tcp] \| SPT: 22537 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2082/tcp] \| SPT: 22537 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 RAP	2026-06-13 10:27:37 (3 days ago)	2026-06-13 10:27:37 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
Anonymous	2026-06-03 09:40:03 (1 week ago)	PROTO=TCP DPT=2082	Port Scan Hacking
🇹🇷 SeczarSecureOps	2026-06-03 08:54:28 (1 week ago)	Seczar SecureOps — Port Scan Detection (8 events) — quarantined 43200m on fgdcapi	Port Scan
🇺🇸 MPL	2026-06-03 05:13:02 (2 weeks ago)	tcp port scan (14 or more attempts)	Port Scan
Anonymous	2026-06-01 07:59:37 (2 weeks ago)	Blocked: Reason='Suspicious traffic score=80 (review-based detection)'; Requests=57	Hacking
Anonymous	2026-05-31 22:47:42 (2 weeks ago)	2026-05-31T23:47:41.495873+01:00 vps kernel: [42007831.066650] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-05-31T23:47:41.495873+01:00 vps kernel: [42007831.066650] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=20.55.87.147 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=42 ID=61702 DF PROTO=TCP SPT=14344 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force
🇺🇸 TPI-Abuse	2026-05-25 04:54:13 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.55.87.147 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.55.87.147 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 00:54:10.256582 2026] [security2:error] [pid 7786:tid 7786] [client 20.55.87.147:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail-pmg.com"] [uri "/config/.env"] [unique_id "ahPV8u5jqCiSNLDVWP4OXgAAABI"], referer: https://chat.openai.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇲🇽 octageeks.com	2026-05-25 04:12:32 (3 weeks ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇫🇷 dynamix	2026-05-25 01:55:47 (3 weeks ago)	Multiple WAF Violations	Web App Attack
🇩🇪 FeG Deutschland	2026-05-25 01:29:14 (3 weeks ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 172.217.44.214

🇮🇩 114.198.242.174

🇰🇬 80.72.176.171

🇳🇱 185.107.80.93

🇮🇳 168.144.149.116

🇺🇸 152.232.15.193

🇺🇸 150.230.35.12

🇧🇷 138.84.59.151

🇮🇳 103.165.78.91

🇺🇸 64.62.197.133

🇨🇳 49.232.250.85

🇯🇵 43.167.157.80

🇸🇬 43.160.249.52

🇭🇰 36.255.220.145

🇸🇪 13.63.234.246

🇩🇪 213.209.159.56

🇲🇽 187.191.48.4

🇺🇸 172.179.62.187

🇨🇳 171.83.236.10

🇩🇪 87.156.176.191