JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.18.4

20.104.18.4 was found in our database!

This IP was reported 768 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.18.4

Whois 20.104.18.4

IP Abuse Reports for 20.104.18.4:

This IP address has been reported a total of 768 times from 480 distinct sources. 20.104.18.4 was first reported on April 11th 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Bedios GmbH	2026-04-11 21:13:22 (1 month ago)	Wordpress hacking attempt	Web App Attack
Anonymous	2026-04-11 21:12:10 (1 month ago)	ModSecurity rejected a query	Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-04-11 21:11:37 (1 month ago)	Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. ... show more Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇵🇱 strefapi_com	2026-04-11 21:10:50 (1 month ago)	Brute-force on web app ...	Brute-Force Web App Attack
🇺🇸 cybsecaoccol	2026-04-11 21:10:02 (1 month ago)	Brute Force SASL Attack	Hacking Brute-Force Web App Attack
🇵🇹 rnl	2026-04-11 21:08:20 (1 month ago)	2026/04/11 22:08:18 [error] 23083#0: 97663084 open() "/var/www/host/htdocs/mailer.php" failed (2: N ... show more 2026/04/11 22:08:18 [error] 23083#0: 97663084 open() "/var/www/host/htdocs/mailer.php" failed (2: No such file or directory), client: 20.104.18.4, server: host.[munged], request: "GET /mailer.php HTTP/1.1", host: "host.[munged]" 2026/04/11 22:08:20 [error] 23083#0: *97663087 open() "/var/www/host/htdocs/mailer.php" failed (2: No such file or directory), client: 20.104.18.4, server: host.[munged], request: "GET /mailer.php HTTP/1.1", host: "host.rnl.tecnico.ul ... show less	Web App Attack
🇩🇪 bescared	2026-04-11 21:08:00 (1 month ago)		Bad Web Bot Web App Attack
Anonymous	2026-04-11 21:07:15 (1 month ago)	[Sat Apr 11 21:07:13.956689 2026] [proxy_fcgi:error] [pid 1509588:tid 140655102113472] [client 20.10 ... show more [Sat Apr 11 21:07:13.956689 2026] [proxy_fcgi:error] [pid 1509588:tid 140655102113472] [client 20.104.18.4:10195] AH01071: Got error 'Primary script unknown' [Sat Apr 11 21:07:14.175794 2026] [proxy_fcgi:error] [pid 1509588:tid 140654969595584] [client 20.104.18.4:10195] AH01071: Got error 'Primary script unknown' [Sat Apr 11 21:07:14.418120 2026] [proxy_fcgi:error] [pid 1509588:tid 140654676014784] [client 20.104.18.4:10195] AH01071: Got error 'Primary script unknown' ... show less	Bad Web Bot Web App Attack
🇬🇧 adnscom.net	2026-04-11 21:06:36 (1 month ago)	IPS trigger: Brute force WebApp/CMS scanning/attack	Brute-Force Web App Attack
🇩🇪 dklueh79	2026-04-11 21:05:53 (1 month ago)	Probe for vulnerabilities. Path attempted: /wp-content/plugins/hellopress/wp_filemanager.php	Web App Attack
Anonymous	2026-04-11 21:05:40 (1 month ago)	Attempted search for exploits and vulnerabilities detected by fail2ban ...	Port Scan Brute-Force
🇩🇪 strxmpp	2026-04-11 21:03:46 (1 month ago)	20.104.18.4 - - [11/Apr/2026:23:03:45 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.104.18.4 - - [11/Apr/2026:23:03:45 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 477 "-" "-" ... show less	Bad Web Bot
🇦🇹 René Hickersberger	2026-04-11 21:02:51 (1 month ago)	malicious bot detected: violations="hit-honeypot"; user_agent=""	Web App Attack
🇸🇪 KIDOS	2026-04-11 21:02:06 (1 month ago)	malicious activity	Web App Attack
🇫🇷 LRNP	2026-04-11 21:01:34 (1 month ago)	_:80 20.104.18.4 - - [11/Apr/2026:20:51:29 +0000] "GET /wp-one.php HTTP/1.1" 404 146 "-" "-" _:80 20 ... show more _:80 20.104.18.4 - - [11/Apr/2026:20:51:29 +0000] "GET /wp-one.php HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:31 +0000] "GET /wp-confiig.php HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:31 +0000] "GET /file-manager.php HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:33 +0000] "GET /uploader.php HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:33 +0000] "GET /leafmailer.php HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:33 +0000] "GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:33 +0000] "GET /.well-known/ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:33 +0000] "GET /tmp_images/alfacgiapi/perl.alfa HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:34 +0000] "GET /wp-admin/alfacgiapi/perl.alfa HTTP/1.1" 404 146 "-" "-" _:80 20.104.18.4 - - [11/Apr/2026:21:01:34 +0000] "GET ... show less	Bad Web Bot Web App Attack

Showing 646 to 660 of 768 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇨🇳 119.53.253.2

🇧🇩 103.114.166.226

🇳🇱 45.153.34.32

🇳🇱 45.148.10.152

🇨🇳 42.5.108.130

🇨🇳 223.223.199.221

🇰🇷 222.232.176.7

🇮🇶 212.237.119.29

🇨🇱 200.29.173.201

🇬🇧 193.176.29.3

🇳🇱 172.94.9.166

🇳🇱 172.94.9.65

🇸🇬 148.66.142.9

🇺🇿 144.124.192.68

🇻🇳 113.161.39.122

🇭🇰 103.115.56.3

🇨🇳 220.168.118.133

🇪🇹 196.188.116.56

🇳🇱 185.242.226.126