JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.201.234

20.104.201.234 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.201.234

Whois 20.104.201.234

IP Abuse Reports for 20.104.201.234:

This IP address has been reported a total of 175 times from 153 distinct sources. 20.104.201.234 was first reported on June 21st 2026, and the most recent report was 59 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 IRISIO	2026-06-23 09:00:08 (59 minutes ago)	scans/SQL injection/spam posts : 87 queries	Web App Attack SQL Injection
🇬🇧 sc user	2026-06-23 05:29:09 (4 hours ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
Anonymous	2026-06-22 12:06:08 (21 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇪🇸 pipeline.es	2026-06-22 09:41:20 (1 day ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇧🇪 Ivo Vynckier	2026-06-22 09:28:00 (1 day ago)	20.104.201.234 - - [21/Jun/2026:18:14:37 +0200] "GET /x.php HTTP/1.1" 301 291 "-" "-" 20.104.201.23 ... show more 20.104.201.234 - - [21/Jun/2026:18:14:37 +0200] "GET /x.php HTTP/1.1" 301 291 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:37 +0200] "GET /by.php HTTP/1.1" 301 292 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:38 +0200] "GET /cxs.php HTTP/1.1" 301 293 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:38 +0200] "GET /coffexium.php HTTP/1.1" 301 299 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:38 +0200] "GET /asdf.php HTTP/1.1" 301 294 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:39 +0200] "GET /red.php HTTP/1.1" 301 293 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:40 +0200] "GET /wp-includes/sodium_compat/ HTTP/1.1" 301 312 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:41 +0200] "GET /footer.php HTTP/1.1" 301 296 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:41 +0200] "GET /wp-content/uploads/ HTTP/1.1" 301 305 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:42 +0200] "GET /zoro.php HTTP/1.1" 301 294 "-" "-" 20.104.201.234 - - [21/Jun/2026:18:14:43 +0200] "GET /wm.php HTTP/1.1" 301 292 "-" "-" show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-22 05:13:52 (1 day ago)	460 attacks on PHP URLs: GET /wp-admin/network/plugins.php HTTP/1.1	Web App Attack
Anonymous	2026-06-21 22:58:05 (1 day ago)	Portscan: TCP/80 (8x)	Port Scan
🇳🇱 homeshowdomain.nl	2026-06-21 22:00:59 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-21	Web App Attack SSH Hacking
🇫🇷 tecnicorioja	2026-06-21 22:00:41 (1 day ago)	wp-login attack [21/Jun/2026:19:09:56	Brute-Force Web App Attack
Anonymous	2026-06-21 21:09:37 (1 day ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-21 20:06:02 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-21 19:05:03 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇫🇷 mrcrassi	2026-06-21 18:42:25 (1 day ago)	Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /wp-admin/network/plugins.php UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-21 18:29:04 (1 day ago)	20.104.201.234 - - [22/Jun/2026:02:28:52 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.104.201.234 - - [22/Jun/2026:02:28:52 +0800] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:54 +0800] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:55 +0800] "GET /x.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:56 +0800] "GET /wss.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:57 +0800] "GET /ty.php?p= HTTP/1.1" 404 299876 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:58 +0800] "GET /Ar.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:28:59 +0800] "GET /wpconf.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:29:01 +0800] "GET /aaf.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:29:02 +0800] "GET /tw0.php HTTP/1.1" 404 299862 "-" "-" 20.104.201.234 - - [22/Jun/2026:02:29:03 +0800] "GET /v2.php HTTP/1.1" 404 299862 "-" "-" ... show less	Bad Web Bot Web App Attack
🇫🇷 Bruno	2026-06-21 18:19:12 (1 day ago)	[Sun Jun 21 20:18:48.572714 2026] [proxy_fcgi:error] [pid 1134:tid 1199] [client 20.104.201.234:1474 ... show more [Sun Jun 21 20:18:48.572714 2026] [proxy_fcgi:error] [pid 1134:tid 1199] [client 20.104.201.234:14740] AH01071: Got error 'Primary script unknown' [Sun Jun 21 20:19:10.977178 2026] [proxy_fcgi:error] [pid 1133:tid 1206] [client 20.104.201.234:14726] AH01071: Got error 'Primary script unknown' [Sun Jun 21 20:19:11.258742 2026] [proxy_fcgi:error] [pid 1133:tid 1190] [client 20.104.201.234:14726] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack

Showing 1 to 15 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇬 197.210.226.132

🇪🇹 196.188.244.158

🇳🇱 185.107.80.93

🇿🇦 147.136.66.100

🇮🇩 124.40.249.190

🇨🇳 123.178.210.207

🇺🇸 108.174.63.2

🇸🇬 104.250.53.240

🇫🇷 92.140.46.112

🇷🇺 46.161.50.108

🇵🇱 45.38.215.108

🇸🇬 43.98.195.74

🇬🇧 35.203.211.79

🇮🇳 34.14.214.227

🇹🇼 1.162.239.42

🇵🇰 223.123.73.221

🇩🇪 165.245.215.64

🇮🇳 165.232.181.59

🇺🇸 162.216.149.167

🇺🇸 148.153.32.112