JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.81.159.116

20.81.159.116 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 85%: ?

85%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.81.159.116

Whois 20.81.159.116

IP Abuse Reports for 20.81.159.116:

This IP address has been reported a total of 38 times from 29 distinct sources. 20.81.159.116 was first reported on August 23rd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 MPL	2026-06-17 02:35:49 (2 days ago)	tcp port scan (9 or more attempts)	Port Scan
🇩🇪 paissangroup	2026-06-17 01:40:17 (2 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Axel	2026-06-17 00:36:43 (2 days ago)	Blocked by UFW on MVI [2095/tcp] \| SPT: 18804 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2095/tcp] \| SPT: 18804 \| TTL: 48 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-17 00:19:14 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 paulo.apoloni	2026-06-10 20:28:09 (1 week ago)	20.81.159.116 - - [10/Jun/2026:17:28:04 -0300] "GET /.git/HEAD HTTP/1.1" 404 118 "-" "Mozilla/5.0 (M ... show more 20.81.159.116 - - [10/Jun/2026:17:28:04 -0300] "GET /.git/HEAD HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" 20.81.159.116 - - [10/Jun/2026:17:28:05 -0300] "GET /.git/config HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 20.81.159.116 - - [10/Jun/2026:17:28:06 -0300] "GET /.env HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" 20.81.159.116 - - [10/Jun/2026:17:28:07 -0300] "GET /.env.local HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" 20.81.159.116 - - [10/Jun/2026:17:28:09 -0300] "GET /.env.production HTTP/1.1" 404 118 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇺🇸 MPL	2026-06-10 18:55:47 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇮🇹 clamehost.it	2026-06-10 18:50:16 (1 week ago)	Automatic report - Brute Force attack using this IP address	Brute-Force
Anonymous	2026-06-10 18:42:37 (1 week ago)	20.81.159.116 - - [10/Jun/2026:20:42:33 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Lin ... show more 20.81.159.116 - - [10/Jun/2026:20:42:33 +0200] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" 20.81.159.116 - - [10/Jun/2026:20:42:36 +0200] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" ... show less	Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-10 16:31:43 (1 week ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Cyber Crusader	2026-06-10 13:45:35 (1 week ago)	Hundreds of Attempts (at least) to Connect to and Access Firewall Ports	Port Scan Hacking Brute-Force
🇧🇾 lns.bz	2026-06-08 07:17:05 (1 week ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 TPI-Abuse	2026-06-08 07:00:49 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.81.159.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.81.159.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 03:00:45.022843 2026] [security2:error] [pid 23593:tid 23593] [client 20.81.159.116:16699] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.224"] [uri "/.git/HEAD"] [unique_id "aiZonZG1y99b0IVtHtsuZgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-08 06:41:43 (1 week ago)	SIEM ALERT AUTO REPORT	Email Spam
🇺🇸 MPL	2026-06-08 06:38:30 (1 week ago)	tcp port scan (16 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-08 05:45:15 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 20.81.159.116 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.81.159.116 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 08 01:45:11.642838 2026] [security2:error] [pid 23231:tid 23231] [client 20.81.159.116:16753] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.241"] [uri "/.git/HEAD"] [unique_id "aiZW5yXfwKJ2SQzDF2h2twAAABU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.237

🇨🇴 8.243.68.188

🇺🇸 216.25.89.64

🇨🇳 202.111.183.254

🇧🇪 198.235.24.178

🇳🇱 192.142.24.156

🇨🇳 180.76.105.165

🇫🇮 147.185.133.139

🇨🇳 117.72.154.73

🇨🇳 113.201.90.17

🇺🇸 91.230.168.233

🇳🇱 91.92.40.204

🇺🇸 44.165.128.181

🇮🇳 223.237.187.227

🇩🇪 217.160.162.192

🇨🇴 190.143.75.12

🇨🇳 140.206.195.3

🇫🇷 91.196.152.179

🇮🇷 89.42.136.2

🇳🇱 45.148.10.240