20.2.92.83 — Microsoft Corporation, HK — Very High (97%)

Check an IP Address, Domain Name, Subnet, or ASN

20.2.92.83 was found in our database!

Confidence Level

97%

Very High?

Geolocation

🇭🇰

Hong KongHong Kong

ISPMicrosoft Corporation

ASNAS8075

Activity Timeline

First seenFeb 13, 2026, 11:40 PM

Last seen7d ago

490Sessions

490Events

Protocol Breakdown

HTTP

490 / 490

20.2.92.83 has a very high threat confidence level of 97%, originating from Hong Kong, Hong Kong, on the Microsoft Corporation network (8075). It has been observed across 490 sessions targeting HTTP, with detected attack patterns including http dotenv file exposure probe, First observed on February 13, 2026, most recently active February 26, 2026.

Behaviors

Classified behavioral patterns observed

Http Dotenv File Exposure Probe

high14x

Identifies HTTP GET requests targeting the /.env file, indicating attempts to access exposed environment configuration files commonly containing application secrets such as database credentials, API keys, and service tokens.

Http Root Path Request

info172x

Identifies HTTP requests targeting the web server root path ("/"), typically used for initial service discovery, host validation, or baseline content inspection prior to deeper enumeration.

Primitives

Individual actions observed

Http Method Get197 Http Path Dotenv14 Http Path App Dotenv10

Related Threats

Explore related threat intelligence

🇭🇰More threats fromHong Kong ASMore threats fromMicrosoft Corporation HTTPMore threats targetingHTTP { }Browse allAttack Patterns

WHOIS Lookup

IP Address	Confidence	Events
20.171.9.108	68%	119
20.64.105.243	62%	119
9.234.10.190	54%	80
20.65.195.19	72%	90
20.119.86.71	69%	132

IP Address	Confidence	Events
165.154.6.69	100%	417
118.26.36.195	100%	787
152.32.131.77	100%	352
101.36.108.134	100%	698
47.242.213.10	84%	1,483