JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.151.112.53

20.151.112.53 was found in our database!

This IP was reported 183 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.151.112.53

Whois 20.151.112.53

IP Abuse Reports for 20.151.112.53:

This IP address has been reported a total of 183 times from 155 distinct sources. 20.151.112.53 was first reported on May 26th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-05-26 21:53:06 (1 week ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
Anonymous	2026-05-26 21:01:05 (1 week ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
Anonymous	2026-05-26 16:30:02 (1 week ago)	\| [Normal/Canada] Aggressive IP 20.151.112.53 (~350 hits). Type: DoS Defender- Web server 400 error ... show more \| [Normal/Canada] Aggressive IP 20.151.112.53 (~350 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇬🇧 thetomtaylor.co.uk	2026-05-26 14:05:02 (1 week ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 itsolon	2026-05-26 13:56:48 (1 week ago)	[26/May/2026:15:56:46 +0200] 177980380641.257754 20.151.112.53 9166 217.154.7.177 80 [26/May/2026:15 ... show more [26/May/2026:15:56:46 +0200] 177980380641.257754 20.151.112.53 9166 217.154.7.177 80 [26/May/2026:15:56:46 +0200] 177980380628.062346 20.151.112.53 9166 217.154.7.177 80 [26/May/2026:15:56:47 +0200] 177980380767.033465 20.151.112.53 9166 217.154.7.177 80 [26/May/2026:15:56:47 +0200] 177980380787.858942 20.151.112.53 9166 217.154.7.177 80 [26/May/2026:15:56:47 +0200] 177980380756.638523 20.151.112.53 9166 217.154.7.177 80 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇵🇱 itsvic.dev	2026-05-26 13:51:52 (1 week ago)	20.151.112.53 - - [26/May/2026:13:51:50 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.151.112.53 - - [26/May/2026:13:51:50 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 14 "-" "-" 20.151.112.53 - - [26/May/2026:13:51:51 +0000] "GET /x.php HTTP/1.1" 404 14 "-" "-" 20.151.112.53 - - [26/May/2026:13:51:51 +0000] "GET /201.php HTTP/1.1" 404 14 "-" "-" ... show less	Brute-Force Web App Attack
🇮🇪 Jim Keir	2026-05-26 13:51:34 (1 week ago)	2026-05-26 13:51:33 20.151.112.53 Too many redirects/missing files, blocking 20.151.112.53 for 5 min ... show more 2026-05-26 13:51:33 20.151.112.53 Too many redirects/missing files, blocking 20.151.112.53 for 5 minutes show less	Web App Attack
🇸🇬 securejdprop	2026-05-26 13:49:45 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 20.151.112.53 performed ' ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 20.151.112.53 performed 'crowdsecurity/http-probing' (11 events over 8.740578615s) at 2026-05-26 13:49:43.805284219 +0000 UTC show less	Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-05-26 13:47:41 (1 week ago)	20.151.112.53 - - [26/May/2026:16:47:40 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.151.112.53 - - [26/May/2026:16:47:40 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 707 "-" "-" ... show less	Web App Attack
🇺🇸 conrad10781	2026-05-26 13:43:46 (1 week ago)	nginx-4xx	Web App Attack
🇧🇷 dominioz	2026-05-26 13:40:07 (1 week ago)	2026-05-26 13:39:12 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.151.112.53 HTTP/1.1 ... show more 2026-05-26 13:39:12 GET /wp-content/plugins/hellopress/wp_filemanager.php - - 20.151.112.53 HTTP/1.1 - - 404 1440 2026-05-26 13:39:12 GET /x.php - - 20.151.112.53 HTTP/1.1 - - 404 1440 2026-05-26 13:39:12 GET /201.php - - 20.151.112.53 HTTP/1.1 - - 404 1440 2026-05-26 13:39:12 GET /ops.php - - 20.151.112.53 HTTP/1.1 - - 404 1440 ... show less	Web App Attack
Anonymous	2026-05-26 13:26:51 (1 week ago)	[Tue May 26 15:26:50.217316 2026] [php7:error] [pid 31753] [client 20.151.112.53:10222] script '/var ... show more [Tue May 26 15:26:50.217316 2026] [php7:error] [pid 31753] [client 20.151.112.53:10222] script '/var/www/x.php' not found or unable to stat ... show less	Web App Attack
🇩🇪 ghostwarriors	2026-05-26 13:20:30 (1 week ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Melle	2026-05-26 13:13:50 (1 week ago)	Blocked by CrowdSec \| Scenario: crowdsecurity/http-probing \| 20.151.112.53 triggered 11 events \| Det ... show more Blocked by CrowdSec \| Scenario: crowdsecurity/http-probing \| 20.151.112.53 triggered 11 events \| Detected: 2026-05-26T13:13:44.395964504Z show less	Web App Attack Hacking
🇩🇪 rh24	2026-05-26 13:12:37 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 20.151.112.53 (CA/Canada/-)	SQL Injection

Showing 16 to 30 of 183 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.177.179.134

🇺🇸 195.184.76.94

🇳🇱 195.178.110.30

🇸🇮 176.65.134.20

🇨🇳 112.26.154.149

🇻🇳 103.166.184.148

🇳🇬 102.219.153.126

🇨🇳 101.96.200.105

🇬🇧 45.82.76.134

🇩🇪 43.228.157.55

🇺🇸 2001:470:2cc:1::1cb

🇨🇳 220.154.138.217

🇪🇸 212.230.190.253

🇺🇸 209.250.5.45

🇹🇿 196.249.113.39

🇧🇷 186.251.71.202

🇬🇧 178.128.36.92

🇳🇱 178.18.147.223

🇺🇸 173.255.210.89

🇬🇧 165.232.96.39