JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.61.127.57

20.61.127.57 was found in our database!

This IP was reported 132 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.61.127.57

Whois 20.61.127.57

IP Abuse Reports for 20.61.127.57:

This IP address has been reported a total of 132 times from 92 distinct sources. 20.61.127.57 was first reported on January 15th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 sasbau	2026-06-13 18:40:48 (1 hour ago)	Jun 13 20:40:45 * sshd[1128207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 ... show more Jun 13 20:40:45 * sshd[1128207]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.61.127.57 user=root Jun 13 20:40:47 * sshd[1128207]: Failed password for root from 20.61.127.57 port 31322 ssh2 Jun 13 20:40:47 * sshd[1128211]: Invalid user r00t from 20.61.127.57 port 31320 show less	Brute-Force SSH
🇫🇷 Coco Bongo	2026-06-13 18:39:58 (1 hour ago)	Jun 13 20:39:56 [redacted] sshd[1593482]: pam_unix(sshd:auth): authentication failure; logname= uid= ... show more Jun 13 20:39:56 [redacted] sshd[1593482]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.61.127.57 user=root Jun 13 20:39:58 [redacted] sshd[1593482]: Failed ... show less	Brute-Force SSH
🇸🇬 itachi1706	2026-06-13 18:35:12 (1 hour ago)	2026-06-14T02:35:09.448306+08:00 vmi996132.contaboserver.net sshd[2488200]: pam_unix(sshd:auth): aut ... show more 2026-06-14T02:35:09.448306+08:00 vmi996132.contaboserver.net sshd[2488200]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=20.61.127.57 user=root 2026-06-14T02:35:11.657561+08:00 vmi996132.contaboserver.net sshd[2488200]: Failed password for root from 20.61.127.57 port 31321 ssh2 ... show less	Brute-Force SSH
🇫🇷 MrIPBreaker	2026-06-13 18:28:44 (1 hour ago)	Jun 13 20:00:39 vmd80284 sshd[4281]: Invalid user r00t from 20.61.127.57 port 31323 Jun 13 20:26:00 ... show more Jun 13 20:00:39 vmd80284 sshd[4281]: Invalid user r00t from 20.61.127.57 port 31323 Jun 13 20:26:00 vmd80284 sshd[4874]: Invalid user r00t from 20.61.127.57 port 31323 Jun 13 20:28:44 vmd80284 sshd[4942]: Invalid user r00t from 20.61.127.57 port 31323 ... show less	Brute-Force SSH
🇨🇿 plzenskypruvodce.cz	2026-06-13 18:11:06 (1 hour ago)	2026-06-13T20:11:06.059644+02:00 eproxy sshd[2072761]: User root not allowed because account is lock ... show more 2026-06-13T20:11:06.059644+02:00 eproxy sshd[2072761]: User root not allowed because account is locked 2026-06-13T20:11:06.179837+02:00 eproxy sshd[2072761]: Connection closed by invalid user root 20.61.127.57 port 31322 [preauth] ... show less	Web App Attack
Anonymous	2026-06-13 18:08:09 (1 hour ago)	SSH brute force detected ...	Brute-Force SSH
🇫🇷 maxxsense	2026-06-13 17:42:39 (2 hours ago)	(sshd) Failed SSH login from 20.61.127.57 (-)	Brute-Force SSH
🇫🇷 TheHoneyPotter	2026-06-13 17:40:01 (2 hours ago)	Honeypot [fc-honeypot]: Unauthorized traffic (24 bytes of payload); 25565 [2] TCP Reported by: https ... show more Honeypot [fc-honeypot]: Unauthorized traffic (24 bytes of payload); 25565 [2] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 dispaisyenterprises	2026-06-13 17:39:53 (2 hours ago)	Honeypot [fra-de-honeypot]: Unauthorized traffic (22 bytes of payload); 25565 [2] TCP Reported by Di ... show more Honeypot [fra-de-honeypot]: Unauthorized traffic (22 bytes of payload); 25565 [2] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 drewf.ink	2026-06-13 17:36:39 (2 hours ago)	[17:36] Port scanning. Port(s) scanned: TCP/25565	Port Scan
🇩🇪 Justin F. \| AS204464	2026-06-13 17:34:38 (2 hours ago)	Honeypot [nx-infrastructure]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: ... show more Honeypot [nx-infrastructure]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP Reported by: Justin F. show less	Port Scan
🇩🇪 femboy.cat	2026-06-13 17:34:15 (2 hours ago)	Port scan to tcp/25565 from 20.61.127.57	Brute-Force
🇬🇧 sandra361	2026-06-13 17:34:03 (2 hours ago)	Port scan detected: 7 attempts across 1 ports (25565). \| Evidence: REAPER_TARPIT: IN=enp1s0f0 SRC=20 ... show more Port scan detected: 7 attempts across 1 ports (25565). \| Evidence: REAPER_TARPIT: IN=enp1s0f0 SRC=20.61.127.57 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=18075 DF PROTO=TCP SPT=39512 DPT=25565 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇲🇹 neilcaruana	2026-06-13 17:34:01 (2 hours ago)	Sentinel detected an attack on port [25565]	Hacking
🇬🇧 gbzret4d	2026-06-13 17:33:48 (2 hours ago)	Honeypot [uk-production01]: Unauthorized traffic (22 bytes of payload); 25565 [1] TCP	Port Scan

Showing 1 to 15 of 132 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.141.9

🇺🇸 124.198.131.220

🇱🇰 124.43.10.98

🇺🇸 74.249.178.114

🇯🇵 34.104.141.158

🇧🇩 14.128.15.191

🇧🇪 198.235.24.137

🇨🇳 182.203.176.204

🇩🇪 142.93.101.131

🇺🇸 124.198.131.185

🇫🇷 88.125.169.83

🇫🇷 51.159.95.39

🇳🇱 45.148.10.67

🇨🇳 39.154.15.74

🇬🇧 35.203.211.240

🇨🇳 1.24.16.221

🇰🇷 211.46.188.16

🇲🇩 188.214.144.172

🇲🇽 187.251.132.2

🇨🇳 180.76.53.175