JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.98.161.9

20.98.161.9 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.98.161.9

Whois 20.98.161.9

IP Abuse Reports for 20.98.161.9:

This IP address has been reported a total of 24 times from 15 distinct sources. 20.98.161.9 was first reported on June 14th 2021, and the most recent report was 4 years ago.

Old Reports: The most recent abuse report for this IP address is from 4 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 HJ5Ss4Ju	2021-07-19 18:17:11 (4 years ago)	Forbidden directory scan :: 2021/07/19 22:17:10 [error] 21386#21386: 107116 access forbidden by rul ... show more Forbidden directory scan :: 2021/07/19 22:17:10 [error] 21386#21386: 107116 access forbidden by rule, client: 20.98.161.9, server: [censored_1], request: "GET //wp-content/plugins/iwp-client/readme.txt HTTP/1.1", host: "[censored_1]" show less	Hacking
🇦🇺 ozisp.com.au	2021-07-19 17:23:19 (4 years ago)	US_Microsoft_<177>1626729798 [1:2019182:1] ET WEB_SERVER HTTP POST Generic eval of base64_decode [Cl ... show more US_Microsoft_<177>1626729798 [1:2019182:1] ET WEB_SERVER HTTP POST Generic eval of base64_decode [Classification: A Network Trojan was detected] [Priority: 1]: <seconione-ens192-1> {TCP} 20.98.161.9:48498 show less	Hacking
🇬🇧 UKFast Security	2021-07-19 01:45:57 (4 years ago)	CMS (WordPress or Joomla) brute force attempt.	Brute-Force
🇩🇪 marcel-knorr.de	2021-07-14 19:46:19 (4 years ago)	[MK-Root1] Blocked by UFW	Port Scan Brute-Force
🇨🇿 0x44	2021-07-13 23:51:51 (4 years ago)	[Wed Jul 14 05:51:47.242893 2021] [Spam host detected, attacker try to exploit known vulnerabilities ... show more [Wed Jul 14 05:51:47.242893 2021] [Spam host detected, attacker try to exploit known vulnerabilities] ... show less	Exploited Host Web App Attack
🇭🇺 whitehoodie	2021-07-13 20:47:46 (4 years ago)	AUTOMATED REPORT: Tried to access .env file	Hacking Bad Web Bot Web App Attack
🇺🇸 jormaster3k	2021-07-13 17:27:20 (4 years ago)	fail2ban - Attack against Apache (too many 404s)	Web App Attack
🇺🇸 MortimerCat	2021-07-13 14:59:58 (4 years ago)	Attempting to download environment file	Web App Attack
🇮🇩 hermawan	2021-07-13 12:05:13 (4 years ago)	[Tue Jul 13 23:05:09.008577 2021] [:error] [pid 18402:tid 139721846019840] [client 20.98.161.9:46544 ... show more [Tue Jul 13 23:05:09.008577 2021] [:error] [pid 18402:tid 139721846019840] [client 20.98.161.9:46544] [client 20.98.161.9] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/coreruleset-3.3.2/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "773"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/.env"] [unique_id "YO25tfuEaP6kvupJceA9HgAAAPk"] ... show less	Hacking Web App Attack
🇲🇾 syokadmin	2021-07-12 23:18:48 (4 years ago)	(mod_security) mod_security (id:949110) triggered by 20.98.161.9 (US/United States/-): 1 in the last ... show more (mod_security) mod_security (id:949110) triggered by 20.98.161.9 (US/United States/-): 1 in the last 3600 secs show less	Brute-Force
🇺🇸 jormaster3k	2021-07-12 12:30:51 (4 years ago)	fail2ban - Attack against Apache (too many 404s)	Web App Attack
🇭🇰 roy	2021-07-11 23:56:31 (4 years ago)	scanner, scan for phpmyadmin database files	Port Scan Hacking SQL Injection
🇭🇺 whitehoodie	2021-07-11 11:41:17 (4 years ago)	AUTOMATED REPORT: Tried to access .env file	Hacking Bad Web Bot Web App Attack
🇩🇪 marcel-knorr.de	2021-07-10 08:13:17 (4 years ago)	[MK-Root1] Blocked by UFW	Port Scan Brute-Force
🇫🇷 jk jk	2021-07-09 16:33:31 (4 years ago)	WAF_blocked	Hacking Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 219.78.63.235

🇦🇷 181.209.76.203

🇳🇱 172.211.56.214

🇰🇷 125.132.34.65

🇺🇸 113.20.0.58

🇮🇳 103.98.191.41

🇩🇪 69.5.169.7

🇨🇳 14.18.77.99

🇻🇳 203.210.240.63

🇨🇳 82.156.141.83

🇷🇴 80.94.92.166

🇨🇦 64.29.18.47

🇺🇸 52.230.250.68

🇺🇸 34.122.38.224

🇺🇸 31.56.178.132

🇺🇸 2607:f8b0:4004:c29::12d

🇺🇸 2604:a880:400:d1:0:4:9e83:5001

🇰🇷 211.253.37.225

🇺🇸 172.203.134.70

🇻🇳 171.244.37.97