JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.100.173.24

20.100.173.24 was found in our database!

This IP was reported 267 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.100.173.24

Whois 20.100.173.24

IP Abuse Reports for 20.100.173.24:

This IP address has been reported a total of 267 times from 218 distinct sources. 20.100.173.24 was first reported on June 25th 2026, and the most recent report was 6 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇦 URAN Publishing Service	2026-06-26 01:09:50 (6 minutes ago)	20.100.173.24 - - [26/Jun/2026:04:09:49 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.100.173.24 - - [26/Jun/2026:04:09:49 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 713 "-" "-" ... show less	Web App Attack
🇧🇷 dominioz	2026-06-26 01:03:20 (13 minutes ago)	2026-06-26 01:02:34 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.100.173.24 HTTP/1.1 ... show more 2026-06-26 01:02:34 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.100.173.24 HTTP/1.1 - - 404 104631 2026-06-26 01:02:35 GET /this_is_a_new_hello_world.php - - 20.100.173.24 HTTP/1.1 - - 404 104631 2026-06-26 01:02:36 GET /x.php - - 20.100.173.24 HTTP/1.1 - - 404 104631 2026-06-26 01:02:37 GET /wss.php - - 20.100.173.24 HTTP/1.1 - - 404 104631 ... show less	Web App Attack
🇳🇱 Mangelot Hosting	2026-06-26 01:01:04 (15 minutes ago)	(php_susp_dir) srv103 PHP in suspicious dir 20.100.173.24 (NO/Norway/-): 1 in the last 3600 secs; Po ... show more (php_susp_dir) srv103 PHP in suspicious dir 20.100.173.24 (NO/Norway/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇬🇧 andypiper	2026-06-26 01:00:19 (16 minutes ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
Anonymous	2026-06-26 00:51:26 (25 minutes ago)	20.100.173.24 - - [26/Jun/2026:08:51:24 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.100.173.24 - - [26/Jun/2026:08:51:24 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 196 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:24 +0800] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:24 +0800] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:25 +0800] "GET /mass.php HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:25 +0800] "GET /mass.php HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:25 +0800] "GET /spawns.php?p= HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:25 +0800] "GET /spawns.php?p= HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:26 +0800] "GET /3PJcpMFsD8B.php HTTP/1.1" 404 16 "-" "-" 20.100.173.24 - - [26/Jun/2026:08:51:26 +0800] "GET /3PJcpMFsD8B.php HTTP/1.1" 404 16 "-" "-" ... show less	Bad Web Bot Web App Attack
🇫🇷 EvelynOctavia	2026-06-26 00:46:59 (29 minutes ago)	20.100.173.24 - - [26/Jun/2026:00:46:58 +0000] "GET /bbn.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 ... show more 20.100.173.24 - - [26/Jun/2026:00:46:58 +0000] "GET /bbn.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:46:58 +0000] "GET /ddd.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:46:58 +0000] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 404 162 "-" "-" ... show less	Bad Web Bot Web App Attack
🇺🇸 ph	2026-06-26 00:39:55 (36 minutes ago)	Bad web bot attempting to run wp-content on non-WP site	Hacking Bad Web Bot Web App Attack
🇵🇱 Roper123	2026-06-26 00:39:15 (37 minutes ago)	WP-LOGIN brute-force	Brute-Force Web App Attack
🇫🇷 EvelynOctavia	2026-06-26 00:31:55 (44 minutes ago)	20.100.173.24 - - [26/Jun/2026:00:31:54 +0000] "GET /file6.php HTTP/1.1" 404 162 "-" "-" 20.100.173. ... show more 20.100.173.24 - - [26/Jun/2026:00:31:54 +0000] "GET /file6.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:31:54 +0000] "GET /cabs.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:31:54 +0000] "GET //wp-includes/assets/ HTTP/1.1" 404 162 "-" "-" ... show less	Bad Web Bot Web App Attack
🇩🇪 rico-j.de	2026-06-26 00:20:02 (56 minutes ago)	2026/06/26 02:19:57 [error] 96038#96038: 1018552 open() "/var/www/rico-j.de/cgi-bin/index.php" fail ... show more 2026/06/26 02:19:57 [error] 96038#96038: 1018552 open() "/var/www/rico-j.de/cgi-bin/index.php" failed (2: No such file or directory), client: 20.100.173.24, server: rico-j.de, request: "GET //cgi-bin/index.php HTTP/1.1", host: "imap.rico-j.de" 2026/06/26 02:20:02 [error] 96038#96038: *1018552 open() "/var/www/rico-j.de/cgi-bin/admin.php" failed (2: No such file or directory), client: 20.100.173.24, server: rico-j.de, request: "GET //cgi-bin/admin.php HTTP/1.1", host: "imap.rico-j.de" ... show less	Bad Web Bot
🇫🇷 EvelynOctavia	2026-06-26 00:16:54 (59 minutes ago)	20.100.173.24 - - [26/Jun/2026:00:16:53 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.100.173.24 - - [26/Jun/2026:00:16:53 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:16:53 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 162 "-" "-" 20.100.173.24 - - [26/Jun/2026:00:16:53 +0000] "GET /mass.php HTTP/1.1" 404 162 "-" "-" ... show less	Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-06-26 00:03:12 (1 hour ago)	2026-06-26 @ 02:03:12 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filema ... show more 2026-06-26 @ 02:03:12 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇨🇦 lakered	2026-06-26 00:01:35 (1 hour ago)	Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkho ... show more Detectors: [NGINX] \| Reasons: Automated scan targeting an unauthorized host or default server sinkhole \| Nginx Honeypot: Administration interface scan \| TCP Fingerprint: Modern Windows (Link:IPIP or SIT, Uptime:0m) show less	Port Scan Web App Attack Bad Web Bot
🇦🇺 2000cn.com.au	2026-06-25 23:56:47 (1 hour ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-admin-interface-probing	Web App Attack Hacking
🇩🇪 Skyrider	2026-06-25 23:56:17 (1 hour ago)	Nginx: HTTP 4xx probe/scan attempts. Automated fail2ban report.	Bad Web Bot Web App Attack

Showing 1 to 15 of 267 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.249.167.66

🇻🇳 103.81.85.17

🇳🇬 102.90.96.192

🇩🇪 87.123.243.226

🇲🇾 47.250.133.235

🇻🇳 14.191.1.23

🇷🇺 5.1.49.8

🇩🇪 2a01:4f8:2210:1490:e266:c4f7:c8c:1

🇲🇽 200.77.172.159

🇷🇺 195.94.241.98

🇬🇧 193.163.125.251

🇺🇸 147.185.132.10

🇨🇳 120.48.26.185

🇮🇩 103.189.249.161

🇿🇦 102.68.120.61

🇺🇸 100.16.197.21

🇺🇸 91.230.168.91

🇺🇸 68.183.162.82

🇫🇷 62.210.57.9

🇨🇳 58.23.166.145