JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.61.126.216

20.61.126.216 was found in our database!

This IP was reported 239 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.61.126.216

Whois 20.61.126.216

IP Abuse Reports for 20.61.126.216:

This IP address has been reported a total of 239 times from 96 distinct sources. 20.61.126.216 was first reported on October 9th 2024, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 19:49:20 (1 day ago)	fail2ban:mail3:14,18	Port Scan Brute-Force
🇫🇷 Ozelot	2026-06-02 19:12:35 (1 day ago)	2026-06-02T20:10:48.561147+01:00 ozelot sshd-session[765232]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-02T20:10:48.561147+01:00 ozelot sshd-session[765232]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.61.126.216 2026-06-02T20:10:50.346992+01:00 ozelot sshd-session[765232]: Failed password for invalid user r00t from 20.61.126.216 port 42521 ssh2 2026-06-02T20:12:35.079755+01:00 ozelot sshd-session[783795]: Invalid user r00t from 20.61.126.216 port 42522 show less	Brute-Force SSH
🇫🇷 Ozelot	2026-06-02 18:37:32 (1 day ago)	2026-06-02T19:32:07.820115+01:00 ozelot sshd-session[408433]: pam_unix(sshd:auth): authentication fa ... show more 2026-06-02T19:32:07.820115+01:00 ozelot sshd-session[408433]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.61.126.216 2026-06-02T19:32:10.121358+01:00 ozelot sshd-session[408433]: Failed password for invalid user r00t from 20.61.126.216 port 42520 ssh2 2026-06-02T19:37:31.539748+01:00 ozelot sshd-session[459760]: Invalid user r00t from 20.61.126.216 port 42522 show less	Brute-Force SSH
🇺🇸 vestibtech	2026-05-31 22:26:18 (3 days ago)	2026-05-31T18:26:17.570176-04:00 Host-KEWR-E amavis[11067]: (11067-06) Blocked SPAM {RejectedOpenRel ... show more 2026-05-31T18:26:17.570176-04:00 Host-KEWR-E amavis[11067]: (11067-06) Blocked SPAM {RejectedOpenRelay}, AM.PDP-SOCK [20.61.126.216] [20.61.126.216] <[email protected]> -> <[email protected]>, Queue-ID: AE7708D, Message-ID: <[email protected]>, mail_id: DqSx1G0Yqpk2, Hits: 22.752, size: 8947, 5430 ms ... show less	Email Spam
Anonymous	2026-05-29 20:19:06 (5 days ago)	SMTP scanner - relay access denied	Brute-Force Exploited Host
🇩🇪 NxtGenIT	2026-05-28 18:49:15 (6 days ago)	Honeytrap Honeypot hit	FTP Brute-Force
🇦🇹 begou.dev	2026-05-28 18:48:10 (6 days ago)	[Threat Intelligence] Port Scanning and/or Unauthorized access -> TCP/25565	Port Scan
🇩🇪 Justin F. \| AS204464	2026-05-28 18:46:31 (6 days ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: Justin F. show less	Port Scan
🇬🇧 gbzret4d	2026-05-28 18:46:06 (6 days ago)	Honeypot [uk-production01]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP	Port Scan
🇩🇪 dispaisyenterprises	2026-05-28 18:45:43 (6 days ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇵🇱 sefinek.net	2026-05-28 18:45:02 (6 days ago)	Honeypot hit: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: https://github. ... show more Honeypot hit: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇲🇹 neilcaruana	2026-05-28 18:43:53 (6 days ago)	Sentinel detected an attack on port [25565]	Hacking
🇩🇪 femboy.cat	2026-05-28 18:42:39 (6 days ago)	Port scan to tcp/25565 from 20.61.126.216	Brute-Force
🇺🇸 Bankbook8585	2026-05-28 18:42:33 (6 days ago)	T-Pot honeypot \| Honeytrap: port 25565	Port Scan Hacking
🇯🇵 mkaraki	2026-05-28 18:40:50 (6 days ago)	1779993649 # Service_probe # SIGNATURE_SEND # source_ip:20.61.126.216 # dst_port:25565 ...	Port Scan

Showing 1 to 15 of 239 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 217.216.59.228

🇬🇧 198.178.235.35

🇩🇪 192.109.200.101

🇲🇽 186.96.145.241

🇨🇳 125.124.226.217

🇰🇷 121.125.67.137

🇪🇬 62.193.91.121

🇺🇸 54.172.193.21

🇮🇳 13.71.92.229

🇺🇸 216.180.246.246

🇳🇱 185.223.235.47

🇺🇸 162.216.149.143

🇮🇳 128.185.204.30

🇮🇳 103.69.243.106

🇱🇺 83.142.209.162

🇺🇸 50.6.197.105

🇻🇳 42.118.170.190

🇰🇷 1.213.214.233

🇺🇸 2602:fb54:1a00::3e

🇻🇳 27.79.43.15