JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.200.136

20.104.200.136 was found in our database!

This IP was reported 365 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.200.136

Whois 20.104.200.136

IP Abuse Reports for 20.104.200.136:

This IP address has been reported a total of 365 times from 296 distinct sources. 20.104.200.136 was first reported on May 28th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 rubixstudios	2026-05-29 08:50:03 (6 days ago)	Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360	DDoS Attack Brute-Force Web App Attack
🇧🇪 sid3windr	2026-05-29 08:47:50 (6 days ago)	GET /wp-content/plugins/hellopress/wp_filemanager.php (Tarpitted for , wasted 120B)	Web App Attack
🇫🇷 Guardian	2026-05-29 08:46:13 (6 days ago)	Scanning for installed WordPress and vulnerabilities 20.104.200.136 [29/May/2026:08:46:13] "GET /wp- ... show more Scanning for installed WordPress and vulnerabilities 20.104.200.136 [29/May/2026:08:46:13] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" show less	Port Scan Web App Attack
Anonymous	2026-05-29 08:45:16 (6 days ago)		DNS Compromise DDoS Attack
🇺🇸 Gabriel Camargo	2026-05-29 08:44:10 (6 days ago)	20.104.200.136 - - [29/May/2026:03:34:43 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.104.200.136 - - [29/May/2026:03:34:43 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" 20.104.200.136 - - [29/May/2026:03:34:43 -0500] "GET /mac.php HTTP/1.1" 301 178 "-" "-" 20.104.200.136 - - [29/May/2026:03:44:10 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" ... show less	Brute-Force SSH
🇩🇰 SaltySoftworks	2026-05-29 08:40:36 (6 days ago)	User agent spoofing Page: /wp-content/plugins/hellopress/wp_filemanager.php	Spoofing Brute-Force Web App Attack Hacking
🇸🇪 SkyDancer	2026-05-29 08:39:33 (6 days ago)	Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blo ... show more Multiple intrusion attempts via http/https on known vulnerable url offsets. Attack automatically blocked by SkyDancer Ai(web-X). show less	Hacking Brute-Force
🇬🇧 rakkor	2026-05-29 08:38:43 (6 days ago)	2026-05-29T09:38:42+01:00 NAS [Fri May 29 09:38:42.183084 2026] [proxy_fcgi:error] [pid 32024:tid 32 ... show more 2026-05-29T09:38:42+01:00 NAS [Fri May 29 09:38:42.183084 2026] [proxy_fcgi:error] [pid 32024:tid 32033] [client 20.104.200.136:58780] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Hacking
🇺🇸 S.O.B.A. Dev.	2026-05-29 08:38:16 (6 days ago)	Threat Blocked by BeeHive from (ASN:8075) (Network:Microsoft Corporation) (Host:soba.dev) (Method:GE ... show more Threat Blocked by BeeHive from (ASN:8075) (Network:Microsoft Corporation) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-05-29T08:38:16Z) show less	Brute-Force Web Spam Web App Attack
🇫🇮 as211431.net	2026-05-29 08:37:47 (6 days ago)	Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from CA. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: /wp-content/plugins/hellopress/wp_filemanager.php UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 nationaleventpros.com	2026-05-29 08:36:45 (6 days ago)	vulnerability scan	Web App Attack
🇮🇩 soc-yk	2026-05-29 08:34:15 (6 days ago)	Type: web_scanning Threat: public_web_exploitation_scanner Risk: 100 Events: 76 Evidence: - Automat ... show more Type: web_scanning Threat: public_web_exploitation_scanner Risk: 100 Events: 76 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇦🇺 KevinNeale	2026-05-29 08:33:07 (6 days ago)	20.104.200.136 - - [29/May/2026:18:33:06 +1000] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.104.200.136 - - [29/May/2026:18:33:06 +1000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 716 "-" "-" 20.104.200.136 - - [29/May/2026:18:33:06 +1000] "GET /mac.php HTTP/1.1" 404 716 "-" "-" ... show less	Brute-Force Web App Attack
🇩🇪 Hazzard	2026-05-29 08:32:36 (6 days ago)	(apache-empty-ua) Failed empty apache-ua trigger with match [redacted]): (CF_ENABLE)	Hacking
🇫🇷 mrcrassi	2026-05-29 08:31:47 (6 days ago)	Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /mac.php UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot

Showing 271 to 285 of 365 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 101.96.220.35

🇺🇸 97.74.230.245

🇳🇱 176.65.139.238

🇮🇳 115.117.173.210

🇸🇾 109.224.242.53

🇨🇳 49.75.40.171

🇲🇾 47.254.195.162

🇭🇰 45.142.154.108

🇻🇳 14.241.196.25

🇷🇴 2.57.121.112

🇰🇷 203.228.30.198

🇨🇴 201.46.124.0

🇷🇺 193.37.69.113

🇨🇴 191.98.82.170

🇸🇪 170.62.100.143

🇭🇰 152.32.132.28

🇮🇳 103.176.167.193

🇷🇺 185.94.111.1

🇧🇴 181.115.171.100

🇺🇸 91.230.168.254