20.120.227.37 Threat Intelligence Report

Risk Level: MEDIUM — 665 abuse reports from 2 sources

Threat Intelligence Summary

IP address 20.120.227.37 has been flagged in 665 abuse reports across 2 independent threat intelligence sources, resulting in a threat score of 44.0/100 (medium risk). The primary activity associated with this IP is aggregated threat, along with rdp bruteforce.

This IP is geolocated in United States and belongs to the network Microsoft Corporation (AS8075). Reports span from 2024-07-11 to 2026-04-16.

Assessment: 20.120.227.37 has been reported 665 times, suggesting a pattern of moderately suspicious behavior rather than isolated incidents. Monitoring is recommended; consider rate limiting if this IP contacts your systems directly.

Geolocation

Country United States

Region Washington

ISP/ASN Microsoft Corporation

Timezone America/Los_Angeles

Threat Status

Overall Status Medium Risk

Threat Score 44.0%

Report Count 665

Sources 2

First Seen 2024-07-11

Last Seen 2026-04-16

AI Analysis

Check IPs automatically with the WAYSCloud API

Free tier: 1,000 lookups/day. Get threat scores, geolocation, and abuse reports via REST API.

Explore the API →

See how we classify and verify threats →

Related Intelligence

United States Threat Intelligence → AS8075 Network Intelligence → See all top malicious IPs → View latest attacks →

Learn about these threats:

How to Block This IP