JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.83.158.241

20.83.158.241 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 59%: ?

59%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.83.158.241

Whois 20.83.158.241

IP Abuse Reports for 20.83.158.241:

This IP address has been reported a total of 19 times from 17 distinct sources. 20.83.158.241 was first reported on July 5th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-24 15:31:42 (2 days ago)	SIEM ALERT AUTO REPORT	Email Spam
🇺🇸 MPL	2026-06-24 15:07:27 (2 days ago)	tcp port scan (8 or more attempts)	Port Scan
🇩🇪 maxpower	2026-06-24 11:14:19 (2 days ago)	(exploit_critical) REGOLA 2 - Critical File Exploit Attempt 20.83.158.241 (US/United States/-): 2 in ... show more (exploit_critical) REGOLA 2 - Critical File Exploit Attempt 20.83.158.241 (US/United States/-): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.83.158.241 - - [24/Jun/2026:13:14:13 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 548 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" host=51.89.2.99 20.83.158.241 - - [24/Jun/2026:13:14:14 +0200] "GET /.aws/credentials HTTP/1.1" 404 10387 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "-" host=51.89.2.99 show less	Port Scan
Anonymous	2026-06-03 06:41:06 (3 weeks ago)	20.83.158.241 46.39.185.24 - [03/Jun/2026:08:41:04 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Moz ... show more 20.83.158.241 46.39.185.24 - [03/Jun/2026:08:41:04 +0200] "GET /.git/config HTTP/1.1" 301 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇹🇷 SeczarSecureOps	2026-06-03 06:34:29 (3 weeks ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (6 events in 10min) at 2026-06-03 06:34	Port Scan
🇬🇧 PeravixGroup	2026-06-03 05:08:36 (3 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 RAP	2026-06-03 04:41:01 (3 weeks ago)	2026-06-03 04:41:01 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇮🇪 AutosOnShow	2026-06-03 04:14:05 (3 weeks ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-03 04:13:11.543 \|	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 04:04:44 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 20.83.158.241 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 20.83.158.241 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:04:41.897219 2026] [security2:error] [pid 23900:tid 23900] [client 20.83.158.241:59939] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.242"] [uri "/.git/config"] [unique_id "ah-n2X-hv0p_NQznvTzQ8QAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 elf	2026-06-02 04:43:58 (3 weeks ago)	[Fail2Ban]: Jail apache-fakegooglebot triggered 1 time(s) for 20.83.158.241. 20.83.158.241 - - [02/J ... show more [Fail2Ban]: Jail apache-fakegooglebot triggered 1 time(s) for 20.83.158.241. 20.83.158.241 - - [02/Jun/2026:06:43:58 +0200] "GET /app/config/parameters.yml HTTP/1.1" 403 459 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-01 12:51:59 (3 weeks ago)	Blocked by UFW (TCP on 8443) Source port: 6656 TTL: 48 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 8443) Source port: 6656 TTL: 48 Packet length: 60 TOS: 0x00 This report (for 20.83.158.241) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇵🇱 nfsec.pl	2026-06-01 11:29:58 (3 weeks ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇺🇸 MPL	2026-06-01 10:54:30 (3 weeks ago)	tcp port scan (8 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-01 08:05:27 (3 weeks ago)	2026-06-01 08:05:27 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇷🇸 Scan	2026-06-01 08:01:51 (3 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.28

🇺🇸 64.224.17.57

🇰🇷 220.88.220.59

🇮🇳 210.212.136.3

🇪🇨 186.68.12.244

🇮🇷 185.116.163.22

🇩🇪 167.94.146.60

🇺🇸 144.172.103.8

🇭🇰 103.112.173.87

🇸🇬 98.159.43.49

🇳🇱 89.190.159.181

🇺🇸 74.125.75.91

🇫🇷 62.210.189.225

🇹🇭 49.231.192.36

🇷🇴 2.57.121.112

🇩🇪 213.209.159.11

🇦🇷 201.254.253.11

🇧🇷 191.253.54.255

🇦🇷 190.114.237.167

🇸🇬 172.69.176.24