JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.72.147

20.104.72.147 was found in our database!

This IP was reported 335 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.72.147

Whois 20.104.72.147

IP Abuse Reports for 20.104.72.147:

This IP address has been reported a total of 335 times from 278 distinct sources. 20.104.72.147 was first reported on June 10th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 15:58:00 (2 hours ago)	124 hits. Web App Attack from midnight. Automated vulnerability scanner searching for backdoor websh ... show more 124 hits. Web App Attack from midnight. Automated vulnerability scanner searching for backdoor webshells, malicious PHP scripts, and hidden entry points including /wp-content/plugins/hellopress/wp_filemanager.php and /sadcut1.php. show less	Bad Web Bot Web App Attack
Anonymous	2026-06-11 13:08:10 (5 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Backup file probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-11 13:05:39 (5 hours ago)	Too many Status 40X (11)	Brute-Force Web App Attack
🇺🇸 stvnrdg.me	2026-06-11 08:57:38 (9 hours ago)	20.104.72.147 - - [11/Jun/2026:08:57:38 +0000] "GET /hub/wp-content/plugins/hellopress/wp_filemanage ... show more 20.104.72.147 - - [11/Jun/2026:08:57:38 +0000] "GET /hub/wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 5134 "-" "-" ... show less	Hacking
🇩🇪 macrob	2026-06-11 08:54:16 (9 hours ago)	2026/06/11 08:53:43 [error] 2041204#2041204: 297491312 access forbidden by rule, client: 20.104.72. ... show more 2026/06/11 08:53:43 [error] 2041204#2041204: 297491312 access forbidden by rule, client: 20.104.72.147, server: binofferes.com, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "binofferes.com" 2026/06/11 08:53:49 [error] 2041204#2041204: 297491312 access forbidden by rule, client: 20.104.72.147, server: binofferes.com, request: "GET /wp-admin/css/colors/blue/file.php HTTP/1.1", host: "binofferes.com" 2026/06/11 08:54:15 [error] 2041204#2041204: 297491312 access forbidden by rule, client: 20.104.72.147, server: binofferes.com, request: "GET /wp-admin/network/edit.php HTTP/1.1", host: "binofferes.com" ... show less	Web App Attack
🇫🇷 ISPLtd	2026-06-11 08:45:09 (9 hours ago)	20.104.72.147 [11/Jun/2026:05:45:07 -0300] gloria.target.domain:80 URL:/wp-content/plugins/hellopres ... show more 20.104.72.147 [11/Jun/2026:05:45:07 -0300] gloria.target.domain:80 URL:/wp-content/plugins/hellopress/wp_filemanager.php "GET /wp-content/plugins/hellopress/wp_filemanager.php 20.104.72.147 [11/Jun/2026:05:45:08 -0300] gloria.target.domain:80 URL:/wp-PII/css/colors/blue/file.php "GET /wp-PII/css/colors/blue/file.php ... show less	Hacking Web App Attack
🇵🇱 srebrakowski.com	2026-06-11 08:37:22 (9 hours ago)	crowdsec/waf-detected-exploits	Brute-Force
🇫🇷 lindi	2026-06-11 08:36:45 (9 hours ago)	Probing for resource vulnerabilities ...	Web Spam Brute-Force Bad Web Bot Exploited Host Web App Attack
🇺🇸 LotPhantom	2026-06-11 08:32:01 (9 hours ago)	20.104.72.147 - - [11/Jun/2026:08:31:43 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.104.72.147 - - [11/Jun/2026:08:31:43 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 39 "-" "-" "0" ... show less	Web App Attack
Anonymous	2026-06-11 08:27:50 (9 hours ago)	20.104.72.147 - - [11/Jun/2026:10:27:45 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.104.72.147 - - [11/Jun/2026:10:27:45 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 5615 20.104.72.147 - - [11/Jun/2026:10:27:46 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:46 +0200] "GET /ff.php HTTP/1.1" 404 5615 20.104.72.147 - - [11/Jun/2026:10:27:46 +0200] "GET /x.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:47 +0200] "GET /tires.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:47 +0200] "GET /wp-block.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:47 +0200] "GET /wp-der.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:47 +0200] "GET /ah25.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:47 +0200] "GET /samll.php HTTP/1.1" 404 578 20.104.72.147 - - [11/Jun/2026:10:27:48 +0200] "GET /favicon.php HTTP/1.1" 404 578 ... show less	Web Spam Web App Attack
Anonymous	2026-06-11 08:26:10 (9 hours ago)	[Thu Jun 11 10:26:08.553325 2026] [proxy_fcgi:error] [pid 211675:tid 211766] [client 20.104.72.147:3 ... show more [Thu Jun 11 10:26:08.553325 2026] [proxy_fcgi:error] [pid 211675:tid 211766] [client 20.104.72.147:39511] AH01071: Got error 'Primary script unknown' [Thu Jun 11 10:26:08.887755 2026] [proxy_fcgi:error] [pid 211675:tid 211777] [client 20.104.72.147:39511] AH01071: Got error 'Primary script unknown' [Thu Jun 11 10:26:09.108890 2026] [proxy_fcgi:error] [pid 211675:tid 211763] [client 20.104.72.147:39511] AH01071: Got error 'Primary script unknown' [Thu Jun 11 10:26:09.383601 2026] [proxy_fcgi:error] [pid 211675:tid 211771] [client 20.104.72.147:39511] AH01071: Got error 'Primary script unknown' [Thu Jun 11 10:26:09.650922 2026] [proxy_fcgi:error] [pid 211675:tid 211768] [client 20.104.72.147:39511] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Web App Attack
🇧🇷 Halux	2026-06-11 08:25:40 (9 hours ago)	20.104.72.147 Probing protected path or service	Web App Attack
Anonymous	2026-06-11 08:24:14 (9 hours ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇸🇬 fazar	2026-06-11 08:17:27 (9 hours ago)	bad-behavior: 10 attempts from 20.104.72.147 on node: sgp01	Exploited Host Web App Attack
Anonymous	2026-06-11 08:09:24 (10 hours ago)	Caught with rate limiting - Excessive Requests or DDOS Attack	DDoS Attack Bad Web Bot

Showing 1 to 15 of 335 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:6000::7e

🇧🇩 203.190.11.3

🇩🇪 185.249.74.198

🇺🇸 162.217.165.220

🇨🇳 120.211.189.58

🇨🇳 101.96.203.31

🇺🇸 69.164.214.243

🇳🇱 45.148.10.141

🇻🇳 171.244.37.103

🇸🇪 171.25.158.82

🇨🇳 115.190.155.5

🇳🇱 91.92.241.35

🇮🇳 61.246.201.82

🇪🇸 217.154.106.153

🇨🇦 199.21.149.124

🇩🇪 194.59.206.2

🇺🇸 162.241.129.208

🇫🇮 147.185.133.16

🇫🇮 135.181.182.250

🇧🇷 45.232.73.84