JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.88.55.172

20.88.55.172 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 42%: ?

42%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.88.55.172

Whois 20.88.55.172

IP Abuse Reports for 20.88.55.172:

This IP address has been reported a total of 9 times from 5 distinct sources. 20.88.55.172 was first reported on June 20th 2026, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-21 03:58:32 (20 minutes ago)	(mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 23:58:25.409478 2026] [security2:error] [pid 4207:tid 4207] [client 20.88.55.172:62183] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.fuentevictoria.com"] [uri "/.env"] [unique_id "ajdhYfBQYO4qDAkkdk9KIwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-06-21 03:56:12 (23 minutes ago)	Accessed trap at '/.env'	Web App Attack
🇺🇸 TPI-Abuse	2026-06-21 00:18:09 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 20:18:04.139411 2026] [security2:error] [pid 9309:tid 9309] [client 20.88.55.172:61602] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.karsini-services.com"] [uri "/.env"] [unique_id "ajctvATmMMWo4GSUKXYo6wAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fortypoundhead	2026-06-20 23:53:32 (4 hours ago)	SQL Injection Attempt	SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 23:19:45 (4 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 19:19:37.284934 2026] [security2:error] [pid 23495:tid 23495] [client 20.88.55.172:57197] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "old.renju.net"] [uri "/.env"] [unique_id "ajcgCccb47P5ymL-7dG8LwAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-20 21:05:30 (7 hours ago)	(db_admin_scan) srv104 DB admin scan 20.88.55.172 (US/United States/-): 1 in the last 3600 secs; Por ... show more (db_admin_scan) srv104 DB admin scan 20.88.55.172 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 21:02:13 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 17:02:08.994913 2026] [security2:error] [pid 21694:tid 21700] [client 20.88.55.172:50181] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ecothermtech.com"] [uri "/.env"] [unique_id "ajb_0NamqIWkMXZy6zx_XAAAAUQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 20:43:21 (7 hours ago)	(mod_security) mod_security (id:210580) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210580) triggered by 20.88.55.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 16:43:13.480087 2026] [security2:error] [pid 25841:tid 25841] [client 20.88.55.172:56351] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "etc/passwd" at ARGS:utm_source. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|advancedmotorsports.com\|F\|2"] [data "Matched Data: etc/passwd found within ARGS:utm_source: ../../../../../../../../../etc/passwd"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "advancedmotorsports.com"] [uri "/cgi-sys/suspendedpage.cgi"] [unique_id "ajb7YdYGdkztL-y2kdHeNwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 AvonleaConsulting	2026-06-20 19:15:56 (9 hours ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.238

🇺🇸 173.255.223.62

🇺🇸 173.252.167.180

🇧🇷 164.163.24.11

🇺🇸 147.185.132.233

🇺🇸 147.185.132.43

🇨🇳 106.117.87.242

🇭🇰 103.14.33.174

🇺🇸 98.242.91.251

🇬🇧 87.236.176.12

🇪🇸 82.199.49.85

🇳🇱 45.148.10.141

🇳🇱 5.83.143.123

🇧🇷 205.210.31.169

🇹🇭 182.52.205.74

🇸🇬 173.239.196.57

🇺🇸 162.216.150.180

🇮🇹 151.95.211.132

🇫🇮 147.185.133.204

🇺🇸 147.185.132.23