JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.100.170.235

20.100.170.235 was found in our database!

This IP was reported 264 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.100.170.235

Whois 20.100.170.235

IP Abuse Reports for 20.100.170.235:

This IP address has been reported a total of 264 times from 234 distinct sources. 20.100.170.235 was first reported on June 27th 2026, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Lino Project	2026-06-28 02:13:06 (10 minutes ago)	20.100.170.235 - - [28/Jun/2026:04:13:03 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.100.170.235 - - [28/Jun/2026:04:13:03 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 94785 "-" "-" ... show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 enjoyably	2026-06-28 02:09:37 (13 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-crawl-non_statics	Web App Attack Bad Web Bot
🇫🇷 Feelautom	2026-06-28 02:06:23 (16 minutes ago)	[FeelAutom Auto-Ban] SuspiciousExtension: /wp.php (Score: 200)	Port Scan
🇺🇸 etu brutus	2026-06-28 02:00:36 (22 minutes ago)	20.100.170.235 Blocked by [Attack Vector List] ...	Hacking Brute-Force Exploited Host
🇺🇸 Epimetheus	2026-06-28 01:54:11 (29 minutes ago)	Unauthorized access attempts: [GET] /cro.php [GET] /olik.php [GET] /wp-pass.php [GET] /xxa.php [GET ... show more Unauthorized access attempts: [GET] /cro.php [GET] /olik.php [GET] /wp-pass.php [GET] /xxa.php [GET] /xwpg.php [GET] /ccs.php [GET] /file61.php [GET] /ad.php [GET] /cc3.php [GET] /nwflm.php [GET] /wp-info.php [GET] /ingfo.php [GET] /ortasekerli1.php [GET] /100.php [GET] /jj.php [GET] /19.php UA: Unknown show less	Web App Attack
🇺🇸 conrad10781	2026-06-28 01:36:32 (46 minutes ago)	nginx-4xx	Web App Attack
🇺🇸 zwebvigil	2026-06-28 01:34:57 (48 minutes ago)	20.100.170.235 [27/Jun/2026:18:34:55 -0700] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.100.170.235 [27/Jun/2026:18:34:55 -0700] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" "-" "<host>" 7857 20.100.170.235 [27/Jun/2026:18:34:56 -0700] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" "-" "<host>" 3459 20.100.170.235 [27/Jun/2026:18:34:56 -0700] "GET /water.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" "-" "<host>" 4637 20.100.170.235 [27/Jun/2026:18:34:56 -0700] "GET /3PJcpMFsD8B.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" "-" "<host>" 4040 20.100.170.235 [27/Jun/2026:18:34:57 -0700] "GET /sid4.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" "-" "<host>" 3248 20.100.170.235 [27/Jun/2026:18:34:57 -0700] "GET /ortasekerli1.php HTTP/1.1" 404 22 "-" port=32034 "-" "-" " show less	Web App Attack
🇩🇪 Skyrider	2026-06-28 01:26:50 (56 minutes ago)	crowdsecurity/http-probing	Web App Attack
🇩🇪 igerman	2026-06-28 01:09:51 (1 hour ago)	caddy probes: web: GET /100.php(DROP), GET /19.php(DROP), GET /3PJcpMFsD8B.php(DROP), GET /a1.php(DR ... show more caddy probes: web: GET /100.php(DROP), GET /19.php(DROP), GET /3PJcpMFsD8B.php(DROP), GET /a1.php(DROP), GET /academy.php(DROP), GET /dx.php(DROP), GET /flox.php(DROP), GET /ggb.php(DROP), GET /insc.php(DROP), GET /jj.php(DROP), GET /like.php(DROP), GET /mg.php(DROP), GET /moon.php(DROP), GET /ortasekerli1.php(DROP), GET /s1.php(DROP), GET /sec.php(DROP), GET /sid4.php(DROP), GET /this_is_a_new_hello_world.php(DROP), GET /w.php(DROP), GET /water.php(DROP), GET /wdone1.php(DROP), GET /we.php(DROP), GET /wmore1.php(DROP), GET /wp.php(DROP) \| wordpress: GET /wp-content/plugins/hellopress/wp_filemanager.php(DROP) show less	Web App Attack
🇬🇧 andypiper	2026-06-28 01:00:26 (1 hour ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
Anonymous	2026-06-28 00:54:44 (1 hour ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 itsolon	2026-06-28 00:46:17 (1 hour ago)	[28/Jun/2026:02:46:16 +0200] 178260757684.648285 20.100.170.235 19701 217.154.7.177 443 [28/Jun/2026 ... show more [28/Jun/2026:02:46:16 +0200] 178260757684.648285 20.100.170.235 19701 217.154.7.177 443 [28/Jun/2026:02:46:16 +0200] 178260757693.384979 20.100.170.235 19701 217.154.7.177 443 [28/Jun/2026:02:46:16 +0200] 17826075762.550120 20.100.170.235 19701 217.154.7.177 443 [28/Jun/2026:02:46:16 +0200] 178260757670.391152 20.100.170.235 19701 217.154.7.177 443 [28/Jun/2026:02:46:17 +0200] 178260757799.611730 20.100.170.235 19701 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇩🇪 febrian.de	2026-06-28 00:44:10 (1 hour ago)	Excessive HTTP(S) probing or bad web bot detected by Fail2Ban	Bad Web Bot Web App Attack
🇺🇸 Hmorrin	2026-06-28 00:16:27 (2 hours ago)		Port Scan
🇩🇪 Philister11	2026-06-28 00:15:27 (2 hours ago)	CrowdSec: crowdsecurity/http-probing (NO/AS8075)	Web App Attack Hacking

Showing 1 to 15 of 264 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 119.203.251.187

🇷🇺 90.151.171.109

🇺🇸 35.169.206.177

🇬🇧 195.96.139.51

🇬🇧 134.209.186.182

🇻🇳 112.137.143.2

🇮🇩 103.121.171.163

🇬🇧 87.236.176.60

🇧🇬 79.124.62.126

🇧🇬 78.128.113.46

🇺🇸 66.132.172.152

🇳🇱 51.158.205.47

🇧🇷 43.164.195.160

🇸🇬 34.21.212.234

🇹🇼 210.61.48.101

🇧🇷 177.72.198.103

🇺🇸 162.216.149.27

🇮🇳 157.49.175.112

🇲🇱 154.118.186.244

🇫🇮 147.185.133.171