JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.56.95

20.104.56.95 was found in our database!

This IP was reported 102 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.56.95

Whois 20.104.56.95

IP Abuse Reports for 20.104.56.95:

This IP address has been reported a total of 102 times from 97 distinct sources. 20.104.56.95 was first reported on June 10th 2026, and the most recent report was 4 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Roderic	2026-06-10 13:37:24 (4 minutes ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇫🇷 PacketFilter	2026-06-10 13:35:15 (6 minutes ago)	Fail2Ban	Hacking Web App Attack
🇫🇮 Some Body	2026-06-10 13:34:29 (7 minutes ago)	Aggressive web scan	Brute-Force Web App Attack
🇧🇪 taivas.nl	2026-06-10 13:32:12 (9 minutes ago)	Site scraper	Web App Attack
🇺🇸 WellSpring	2026-06-10 13:26:29 (15 minutes ago)	wordpress scan on 614.today/wp-includes/blocks/post-comments-form/ — WellSpr.ing/NetSentinel civic-A ... show more wordpress scan on 614.today/wp-includes/blocks/post-comments-form/ — WellSpr.ing/NetSentinel civic-AI security layer show less	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-10 13:25:55 (16 minutes ago)	Too much 404 requests in 1 hour. Operator GE matched 50 at IP:block_script. (4002-135)	Hacking Web App Attack
🇳🇱 thedreamer.nl	2026-06-10 13:24:08 (18 minutes ago)	20.104.56.95 - - [10/Jun/2026:15:18:34 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.104.56.95 - - [10/Jun/2026:15:18:34 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "CA" "Toronto" "43.70900" "-79.40570" 20.104.56.95 - - [10/Jun/2026:15:18:36 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "CA" "Toronto" "43.70900" "-79.40570" 20.104.56.95 - - [10/Jun/2026:15:18:36 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "CA" "Toronto" "43.70900" "-79.40570" 20.104.56.95 - - [10/Jun/2026:15:18:37 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "CA" "Toronto" "43.70900" "-79.40570" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
🇦🇹 mindrider	2026-06-10 13:21:46 (20 minutes ago)	20.104.56.95 - - [10/Jun/2026:15:21:41 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.104.56.95 - - [10/Jun/2026:15:21:41 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" "-" 20.104.56.95 - - [10/Jun/2026:15:21:42 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 2968 "-" "-" "-" 20.104.56.95 - - [10/Jun/2026:15:21:42 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 301 162 "-" "-" "-" 20.104.56.95 - - [10/Jun/2026:15:21:43 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 2968 "-" "-" "-" 20.104.56.95 - - [10/Jun/2026:15:21:43 +0200] "GET /classgoto24.php HTTP/1.1" 301 162 "-" "-" "-" ... show less	Bad Web Bot
🇩🇪 Hans Wurst	2026-06-10 13:16:46 (25 minutes ago)	Many 404-Error: Suspicion of URL-Fuzzing/Bot-Scan.	Web App Attack
🇩🇪 0x44	2026-06-10 13:13:23 (28 minutes ago)	Abusive host detected - Web probing for vulnerabilities	Web App Attack Hacking
🇺🇸 mccsoft.io	2026-06-10 13:13:15 (28 minutes ago)	Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). So ... show more Web application attack / vulnerability scanning against our public nginx web server (TCP 80/443). Source matched a blocked-path security rule (jail nginx-444); server returned HTTP 444 (connection closed without response). TCP three-way handshake completed (full HTTP request received). show less	Bad Web Bot Web App Attack
🇩🇪 Lino Project	2026-06-10 13:12:45 (29 minutes ago)	20.104.56.95 - - [10/Jun/2026:15:12:42 +0200] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.macub ... show more 20.104.56.95 - - [10/Jun/2026:15:12:42 +0200] "GET /wp-login.php?redirect_to=https%3A%2F%2Fwww.macubedrone.com%2Fwp-admin%2F&reauth=1 HTTP/1.1" 403 595 "-" "-" ... show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 [email protected]	2026-06-10 13:12:01 (30 minutes ago)	[Wed Jun 10 15:12:01.490431 2026] [proxy_fcgi:error] [pid 2201487:tid 2201546] [client 20.104.56.95: ... show more [Wed Jun 10 15:12:01.490431 2026] [proxy_fcgi:error] [pid 2201487:tid 2201546] [client 20.104.56.95:56731] AH01071: Got error "Primary script unknown" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 13:10:27 (31 minutes ago)	(mod_security) mod_security (id:210730) triggered by 20.104.56.95 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 20.104.56.95 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 09:10:21.748358 2026] [security2:error] [pid 12334:tid 12334] [client 20.104.56.95:43113] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|gamepart.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "gamepart.com"] [uri "/home/tancedi1/gamepart.com"] [unique_id "ailiPWQsP57h232fKWGCuQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Lunix	2026-06-10 13:10:19 (31 minutes ago)		Brute-Force Web App Attack

Showing 1 to 15 of 102 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇻🇳 222.254.178.97

🇲🇽 201.130.218.205

🇬🇧 185.247.137.78

🇨🇳 171.114.230.5

🇧🇬 79.124.62.134

🇳🇱 45.148.10.200

🇳🇱 45.142.193.8

🇺🇸 24.5.244.85

🇨🇳 183.191.123.210

🇮🇳 182.95.228.102

🇳🇱 176.65.139.11

🇺🇸 173.255.226.194

🇺🇸 172.110.223.195

🇭🇰 118.193.37.241

🇨🇳 112.103.72.128

🇳🇱 95.85.226.199

🇸🇬 43.134.0.85

🇮🇳 42.106.236.54

🇺🇸 20.169.49.249

🇺🇸 20.65.201.12