JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.81.158.146

20.81.158.146 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.81.158.146

Whois 20.81.158.146

IP Abuse Reports for 20.81.158.146:

This IP address has been reported a total of 30 times from 25 distinct sources. 20.81.158.146 was first reported on September 27th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (5 hours ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 xmission.com	2026-06-03 05:37:09 (22 hours ago)	Blocked by UFW (TCP on 2087) Source port: 8304 TTL: 49 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 2087) Source port: 8304 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 20.81.158.146) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 Teufel100	2026-06-03 04:27:01 (1 day ago)	ModSecurity rejected a query'	Brute-Force Hacking Web App Attack
🇹🇭 Sawasdee	2026-06-03 04:12:25 (1 day ago)	Port Scan ...	Port Scan
🇧🇷 SOC Blue Team	2026-06-03 03:25:57 (1 day ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 MPL	2026-06-03 02:46:32 (1 day ago)	tcp port scan (8 or more attempts)	Port Scan
🇧🇾 lns.bz	2026-06-03 02:14:54 (1 day ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 Ar1s	2026-06-03 02:13:09 (1 day ago)	[1:2610542] TGI HUNT gitrepo HTTP Probe ::: Port: 80/TCP	Exploited Host
🇺🇸 ISPLtd	2026-06-03 01:49:19 (1 day ago)	Jun 2 19:49:19 20.81.158.146 TCP SPT=7425 DPT=2087 SYN Jun 2 19:49:19 20.81.158.146 TCP SPT=7478 D ... show more Jun 2 19:49:19 20.81.158.146 TCP SPT=7425 DPT=2087 SYN Jun 2 19:49:19 20.81.158.146 TCP SPT=7478 DPT=2082 SYN Jun 2 19:49:19 20.81.158.146 TCP SPT=7426 DPT=8080 ... show less	Port Scan
🇳🇱 donarev419	2026-06-03 00:58:53 (1 day ago)	Port scan detected on port 80 (connection without data transfer)	Port Scan
🇩🇪 markawes	2026-06-03 00:56:24 (1 day ago)	[SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence: 20.81.158.146 ... show more [SynFast] Auto banned by Fail2Ban. Reason: Web vulnerability scan detected. Evidence: 20.81.158.146 - - [03/Jun/2026:00:56:21 +0000] "GET /.git/HEAD HTTP/1.1" 404 134 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 20.81.158.146 - - [03/Jun/2026:00:56:23 +0000] "GET /.env HTTP/1.1" 404 134 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" show less	Web App Attack Port Scan
🇮🇪 AutosOnShow	2026-06-03 00:44:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 00:43:34.872 \|	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 00:43:31 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 20.81.158.146 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.81.158.146 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:43:24.602051 2026] [security2:error] [pid 31654:tid 31654] [client 20.81.158.146:7196] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.224"] [uri "/.git/HEAD"] [unique_id "ah94rEsyojo8u6oA1Em-lQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 00:33:35 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇫🇷 dynamix	2026-06-03 00:21:33 (1 day ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.38

🇲🇽 159.54.148.142

🇺🇸 146.70.211.87

🇨🇳 123.59.4.98

🇹🇷 78.186.116.161

🇳🇱 77.83.39.154

🇫🇷 51.44.216.204

🇭🇰 45.142.154.103

🇫🇷 15.188.23.138

🇨🇳 14.103.220.97

🇨🇦 3.98.89.59

🇧🇪 198.235.24.232

🇨🇭 176.65.144.128

🇨🇳 119.249.100.110

🇻🇳 113.177.159.48

🇰🇪 105.161.150.34

🇲🇦 105.156.83.219

🇺🇦 91.204.122.189

🇮🇪 54.195.204.225

🇮🇳 43.230.201.87