JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.73.127.254

20.73.127.254 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 50%: ?

50%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.73.127.254

Whois 20.73.127.254

IP Abuse Reports for 20.73.127.254:

This IP address has been reported a total of 81 times from 39 distinct sources. 20.73.127.254 was first reported on February 18th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 21:15:07 (2 weeks ago)	CVE-2025-55182 - RSC NEXTJS Unicode RCE Exploit - HTTP (Request)	Hacking
🇹🇭 MWA SOC	2026-06-11 20:06:24 (2 weeks ago)		Hacking
Anonymous	2026-06-11 16:54:23 (2 weeks ago)	T: f2b 404 5x	Web App Attack
🇫🇷 masterguru	2026-06-11 12:47:47 (2 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.73.127.254 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.73.127.254 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇸🇬 securejdprop	2026-06-11 08:23:40 (2 weeks ago)	This IP was detected by CrowdSec triggering crowdsecurity/vpatch-CVE-2025-55182. WAF block: crowdsec ... show more This IP was detected by CrowdSec triggering crowdsecurity/vpatch-CVE-2025-55182. WAF block: crowdsecurity/vpatch-CVE-2025-55182 from 20.73.127.254 (172.22.0.5) show less	Hacking
🇵🇹 Information Security	2026-06-11 06:37:22 (2 weeks ago)	Web App Attack	Web App Attack
🇮🇪 RoboSOC	2026-06-11 03:06:07 (2 weeks ago)	React Server Components Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇩🇪 4server	2026-06-10 19:28:16 (2 weeks ago)	[WedJun1021:28:12.6032132026][security2:error][pid844521:tid844640][client20.73.127.254:0]ModSecurit ... show more [WedJun1021:28:12.6032132026][security2:error][pid844521:tid844640][client20.73.127.254:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\\\\\\\\\$\(\?:\\\\\\\\\(\(\?:\\\\\\\\\(.\\\\\\\\\$\\|.\\)\\\\\\\\\)\\|\\\\\\\\{.\\\\\\\\\}\)\\|[\<\>]\\\\\\\\$.\\\\\\\\\$\)\"atARGS:0.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"396\"][id\"393655\"][rev\"17\"][msg\"Atomicorp.comWAFRules:PossibleRemoteCommandExecution:UnixShellExpressionFound\"][data\"MatchedData:\${encodeuricomponent$string\(res$\)}307\`}\)_chunks:\$q2_formdata:{get:\$1:constructor:constructor}}}foundwithinARGS:0:{then:\$1:__proto__:thenstatus:resolved_modelreason:-1value:{then:\$b1337}_response:{_prefix:varres=$function\(${var_r=typeofrequire\!==undefined\?require:$process.mainmodule\?process.mainmodule.require.bind\(process.mainmodule$:$typeofglobalthis.require\!==undefined\?globalthis.require:null$\)return12899339148110000}\)throwobject.assign$newerror\(next_redirect${...\"][tag\"attack-rce\"][ho show less	Port Scan Brute-Force Web App Attack
Anonymous	2026-06-10 10:50:04 (2 weeks ago)	Aggressive web scan	Web App Attack
🇬🇧 Aetherweb Ark	2026-06-10 07:53:12 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 20.73.127.254 (-): N in the last X secs	Web App Attack
🇨🇿 Countryman	2026-06-10 06:00:01 (2 weeks ago)	IPS detection: React.Server.Components.react-flight.Remote.Code.Execution	Hacking
🇫🇷 masterguru	2026-06-01 11:15:19 (3 weeks ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.73.127.254 (NL/The Netherlands/-): ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.73.127.254 (NL/The Netherlands/-): 2 in the last 3600 secs (0-193) show less	Hacking
🇮🇪 RoboSOC	2026-05-31 02:08:37 (3 weeks ago)	React Server Components Remote Code Execution Vulnerability, PTR: PTR record not found	Hacking
🇨🇳 ThreatBook.io	2026-04-03 01:46:13 (2 months ago)	ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/20.73.127.254	SSH
🇹🇷 rtbh.com.tr	2026-04-01 08:12:20 (2 months ago)	list.rtbh.com.tr report: tcp/23	Brute-Force

Showing 1 to 15 of 81 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 103.157.169.86

🇱🇹 62.60.130.219

🇧🇷 187.16.96.250

🇰🇷 182.210.76.170

🇺🇸 162.216.150.83

🇺🇸 104.23.203.161

🇺🇸 103.143.10.140

🇺🇸 74.7.227.170

🇺🇸 44.185.71.71

🇺🇸 44.82.168.71

🇬🇧 35.203.211.244

🇺🇸 138.0.240.166

🇳🇱 92.63.197.5

🇨🇦 85.217.149.10

🇳🇱 85.11.167.7

🇺🇸 65.49.20.109

🇮🇳 49.249.219.214

🇺🇸 45.135.1.186

🇺🇸 44.253.112.115

🇺🇸 205.210.31.86