JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.116.17.49

20.116.17.49 was found in our database!

This IP was reported 338 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.116.17.49

Whois 20.116.17.49

IP Abuse Reports for 20.116.17.49:

This IP address has been reported a total of 338 times from 279 distinct sources. 20.116.17.49 was first reported on July 31st 2022, and the most recent report was 4 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-19 22:13:11 (4 hours ago)	Unauthorized web scan.	Web App Attack
Anonymous	2026-06-19 03:46:12 (23 hours ago)		Bad Web Bot
🇨🇦 zXero	2026-06-18 21:12:01 (1 day ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇳🇱 Site.eu	2026-06-18 08:33:33 (1 day ago)	Excessive multi-domain requests	Brute-Force
Anonymous	2026-06-18 03:46:11 (1 day ago)		Bad Web Bot
🇫🇷 ACE-INFORMATIQUE.NC	2026-06-17 19:00:04 (2 days ago)	Bad Web Bot + Web App Attack blocked by Fail2ban	Bad Web Bot Web App Attack
Anonymous	2026-06-17 13:05:55 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇮🇳 walkintoadmin	2026-06-17 08:47:34 (2 days ago)	122 reqs all scanner paths	Bad Web Bot Web App Attack
🇳🇱 JCB	2026-06-17 08:26:00 (2 days ago)	20.116.17.49 - - [17/Jun/2026:01:03:48 +0300] "GET /cu.php HTTP/1.1" 404 236 "-" "-" 20.116.17.49 - ... show more 20.116.17.49 - - [17/Jun/2026:01:03:48 +0300] "GET /cu.php HTTP/1.1" 404 236 "-" "-" 20.116.17.49 - - [17/Jun/2026:01:03:48 +0300] "GET /4PJcpMFsD8B.php HTTP/1.1" 404 236 "-" "-" ... show less	Web App Attack
🇭🇺 DumaNet	2026-06-17 07:37:00 (2 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 16. 23:29:58 Source IP: 20.116 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 16. 23:29:58 Source IP: 20.116.17.49 Portion of the log(s): 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /a1.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /casp1.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /mar.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /doc.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /dostshell.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /zoper1.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:57 +0200] "GET /lib.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:56 +0200] "GET /moshou.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:56 +0200] "GET /tx79.php HTTP/1.1" 404 153 "-" "-" 20.116.17.49 - [16/Jun/2026:23:29:56 +0200] "GET /bc.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
Anonymous	2026-06-17 07:07:57 (2 days ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇳🇨 ACE-INFORMATIQUE.NC	2026-06-17 06:00:03 (2 days ago)	HTTP authentication brute-force blocked by Fail2ban	Brute-Force
🇮🇩 David Koswari	2026-06-17 05:58:00 (2 days ago)	REQ_BLOCKED_SECURITY	DDoS Attack FTP Brute-Force Ping of Death Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇬🇧 openstrike.co.uk	2026-06-17 05:13:54 (2 days ago)	1163 attacks on PHP URLs: GET /sid3.php HTTP/1.1	Web App Attack
🇱🇮 wmek	2026-06-17 03:21:29 (2 days ago)	Attack (3x confirmed): cpfence-block(15x),cpfence-block(35x),cpfence-block(55x). Port: 443/tcp. URI: ... show more Attack (3x confirmed): cpfence-block(15x),cpfence-block(35x),cpfence-block(55x). Port: 443/tcp. URI: web-service. WAF rule: 0. Protocol: HTTPS. Detected by: WAF/IDS (OWASP CRS ModSecurity). show less	Web App Attack Port Scan

Showing 1 to 15 of 338 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 182.54.23.92

🇸🇪 178.20.30.248

🇳🇱 176.65.139.181

🇨🇳 118.81.196.159

🇸🇬 101.47.156.21

🇺🇸 97.242.34.94

🇺🇸 65.111.6.250

🇳🇱 45.148.10.152

🇯🇵 40.81.200.172

🇮🇩 36.64.131.68

🇧🇪 34.140.225.37

🇧🇪 34.14.99.170

🇷🇺 31.129.55.212

🇧🇬 5.188.206.66

🇬🇧 2a06:4880:6000::89

🇹🇼 221.120.73.25

🇺🇸 198.11.179.46

🇳🇱 194.48.251.50

🇬🇧 188.240.59.54

🇨🇳 159.75.94.165