IP address 20.203.59.187 has been flagged in 91 abuse reports across 20 independent threat intelligence sources, resulting in a threat score of 100.0/100 (critical risk). The primary activity associated with this IP is abuseipdb blacklist, along with aggregated threat, attacks, brute force, bruteforce, malware c2, malware infrastructure, reconnaissance, ssh bruteforce, suspicious activity, voip attack.
This IP is geolocated in United Arab Emirates (Dubai) and belongs to the network Microsoft Corporation (AS8075). Reports span from 2026-01-02 to 2026-04-17.
Assessment: Despite a lower report volume, the severity and nature of activity from 20.203.59.187 has triggered critical-level alerts across our threat detection network. The IP has been observed conducting automated SSH login attempts against internet-facing servers, a technique commonly used to gain unauthorized access to systems. This IP belongs to Microsoft Corporation, a major cloud/hosting provider — the malicious activity likely originates from a compromised or rented virtual server rather than the provider's own infrastructure.