JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.79.71

20.104.79.71 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.79.71

Whois 20.104.79.71

IP Abuse Reports for 20.104.79.71:

This IP address has been reported a total of 154 times from 136 distinct sources. 20.104.79.71 was first reported on June 9th 2026, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mw	2026-06-10 00:35:22 (2 minutes ago)	GET /wp-admin/js/ HTTP/1.1	Web App Attack
🇫🇮 kumiko	2026-06-10 00:28:40 (9 minutes ago)	[2026-06-10 03:28:40] Probing for exploits [1 requests] "GET //f6.php HTTP/1.1" 301	Brute-Force Bad Web Bot Web App Attack
🇫🇷 ✨	2026-06-10 00:21:13 (16 minutes ago)	Domain : ormag.net Rule : hack 2026-06-10 00:19:41 213.32.108.231 GET /222.php - 80 - 20.104.79.71 H ... show more Domain : ormag.net Rule : hack 2026-06-10 00:19:41 213.32.108.231 GET /222.php - 80 - 20.104.79.71 HTTP/1.1 - - mail.win10.ormag.net 301 0 0 392 53 156 - - show less	Hacking SQL Injection Brute-Force
🇫🇷 cydit.eu	2026-06-10 00:16:13 (21 minutes ago)	phpMyAdmin attack detected by fail2ban on thor.cydit.eu	Web App Attack
🇩🇪 macrob	2026-06-10 00:12:30 (25 minutes ago)	2026/06/10 00:12:21 [error] 1824568#1824568: 293681833 access forbidden by rule, client: 20.104.79. ... show more 2026/06/10 00:12:21 [error] 1824568#1824568: 293681833 access forbidden by rule, client: 20.104.79.71, server: binixo.ph, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "binixo.ph" 2026/06/10 00:12:29 [error] 1824568#1824568: 293681833 access forbidden by rule, client: 20.104.79.71, server: binixo.ph, request: "GET /modules/mod_simplefileuploadv1.3/elements/filemanager.php?p= HTTP/1.1", host: "binixo.ph" 2026/06/10 00:12:29 [error] 1824568#1824568: 293681833 access forbidden by rule, client: 20.104.79.71, server: binixo.ph, request: "GET /wp-includes/blocks/post-comments-form/ HTTP/1.1", host: "binixo.ph" ... show less	Web App Attack
🇺🇸 mnsf	2026-06-10 00:10:43 (27 minutes ago)	Too many Status 40X (69) Request Overload (154)	Brute-Force Web App Attack
🇫🇮 kumiko	2026-06-10 00:08:41 (29 minutes ago)	[2026-06-10 03:08:40] Apache auth failure: brute force attempt, file probing	Brute-Force Bad Web Bot
🇩🇪 MusicLibrary	2026-06-10 00:01:45 (36 minutes ago)	Probing for non-existent scripts or executables	Bad Web Bot Web App Attack
🇳🇱 MacLotsen	2026-06-09 23:46:04 (51 minutes ago)	[Wed Jun 10 01:46:02.873243 2026] [php7:error] [pid 229757] [client 20.104.79.71:14848] script '/var ... show more [Wed Jun 10 01:46:02.873243 2026] [php7:error] [pid 229757] [client 20.104.79.71:14848] script '/var/www/degastrobar.nl/this_is_a_new_hello_world.php' not found or unable to stat [Wed Jun 10 01:46:03.374850 2026] [php7:error] [pid 229909] [client 20.104.79.71:14865] script '/var/www/degastrobar.nl/x.php' not found or unable to stat [Wed Jun 10 01:46:03.856820 2026] [php7:error] [pid 229736] [client 20.104.79.71:14886] script '/var/www/degastrobar.nl/wp-star.php' not found or unable to stat ... show less	Web App Attack Brute-Force
🇦🇺 paulshipley.com.au	2026-06-09 23:45:32 (52 minutes ago)	[Wed Jun 10 09:45:31.452927 2026] [security2:error] [pid 325849] [client 20.104.79.71:13914] [client ... show more [Wed Jun 10 09:45:31.452927 2026] [security2:error] [pid 325849] [client 20.104.79.71:13914] [client 20.104.79.71] ModSecurity: Access denied with code 403 (phase 4). Operator GE matched 4 at TX:outbound_anomaly_score. [file "/etc/modsecurity/crs/rules/RESPONSE-959-BLOCKING-EVALUATION.conf"] [line "77"] [id "959100"] [msg "Outbound Anomaly Score Exceeded (Total Score: 4)"] [ver "OWASP_CRS/3.3.4"] [tag "anomaly-evaluation"] [hostname "support.paulshipley.com.au"] [uri "/wp-includes/blocks/post-comments-form/"] [unique_id "aiilm2HSqWGv-R0zxLWfEQAAAAo"] ... show less	Web App Attack
🇧🇷 ufn.edu.br	2026-06-09 23:42:27 (55 minutes ago)	[Tue Jun 09 20:32:09.101494 2026] [access_compat:error] [pid 23311] [client 20.104.79.71:21366] AH01 ... show more [Tue Jun 09 20:32:09.101494 2026] [access_compat:error] [pid 23311] [client 20.104.79.71:21366] AH01797: client denied by server configuration: /var/www/html/this_is_a_new_hello_world.php [Tue Jun 09 20:32:09.272269 2026] [access_compat:error] [pid 23311] [client 20.104.79.71:21366] AH01797: client denied by server configuration: /var/www/html/aaf.php [Tue Jun 09 20:32:09.444913 2026] [access_compat:error] [pid 23311] [client 20.104.79.71:21366] AH01797: client denied by server configuration: /var/www/html/66t.php ... show less	Exploited Host Web App Attack
🇩🇪 mondor.ro	2026-06-09 23:37:44 (1 hour ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, TEMPDENY 20.104.79.71, Reas ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, TEMPDENY 20.104.79.71, Reason:[20.104.79.71 (CA/Canada/-), more than 60 Apache 404 hits in the last 3600 secs]; Ports: 80,443; Direction: in; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇺🇸 Gabriel Camargo	2026-06-09 23:27:57 (1 hour ago)	20.104.79.71 - - [09/Jun/2026:18:27:57 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.104.79.71 - - [09/Jun/2026:18:27:57 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:18:27:57 -0500] "GET /this_is_a_new_hello_world.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:18:27:57 -0500] "GET /x.php HTTP/1.1" 301 178 "-" "-" ... show less	Brute-Force SSH
🇫🇷 guillaume illien	2026-06-09 23:24:26 (1 hour ago)	20.104.79.71 - - [09/Jun/2026:23:24:18 +0000] "GET /ws77.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 ... show more 20.104.79.71 - - [09/Jun/2026:23:24:18 +0000] "GET /ws77.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:21 +0000] "GET /vx.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:22 +0000] "GET /a5e0a.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:23 +0000] "GET /term.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:23 +0000] "GET /edit.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:25 +0000] "GET /55b76.php HTTP/1.1" 301 178 "-" "-" 20.104.79.71 - - [09/Jun/2026:23:24:26 +0000] "GET /asd.php HTTP/1.1" 301 178 "-" "-" ... show less	Hacking Brute-Force Web App Attack SSH
🇹🇭 thaizone.com	2026-06-09 23:19:35 (1 hour ago)	Hacking attempts against websites (D1) #1	Web App Attack Hacking

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 178.104.133.247

🇫🇷 92.103.134.183

🇨🇳 58.57.170.206

🇰🇷 43.164.133.93

🇻🇳 14.225.7.70

🇮🇪 3.254.47.185

🇬🇧 161.35.35.172

🇮🇳 128.185.249.46

🇹🇼 128.14.236.41

🇨🇳 113.31.115.157

🇹🇼 111.70.43.169

🇦🇪 92.97.2.253

🇮🇩 69.5.7.218

🇱🇹 45.227.254.170

🇰🇷 221.156.126.1

🇺🇸 195.184.76.187

🇺🇸 195.184.76.102

🇺🇸 137.184.228.138

🇸🇬 118.139.164.171

🇦🇺 109.123.227.128