JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.151.2.122

20.151.2.122 was found in our database!

This IP was reported 71 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.151.2.122

Whois 20.151.2.122

IP Abuse Reports for 20.151.2.122:

This IP address has been reported a total of 71 times from 63 distinct sources. 20.151.2.122 was first reported on June 17th 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-17 13:42:43 (1 minute ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-17 13:39:42 (4 minutes ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager ... show more [Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 13:37:51 (5 minutes ago)	(mod_security) mod_security (id:210492) triggered by 20.151.2.122 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.151.2.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:37:44.953456 2026] [security2:error] [pid 32380:tid 32380] [client 20.151.2.122:8810] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.schryverdesign.com"] [uri "/consultantx/wp-config.php"] [unique_id "ajKjKAx-M3GxXJDA67RWjgAAACA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2026-06-17 13:36:36 (7 minutes ago)	Probing websites for vulnerabilities	Web App Attack
🇺🇸 Rayulcifer	2026-06-17 13:32:12 (11 minutes ago)	[Wed Jun 17 08:32:12.146682 2026] [access_compat:error] [pid 3844643:tid 124099414173376] [client 20 ... show more [Wed Jun 17 08:32:12.146682 2026] [access_compat:error] [pid 3844643:tid 124099414173376] [client 20.151.2.122:28890] AH01797: client denied by server configuration: proxy:http://localhost:4000/wp-content/plugins/hellopress/wp_filemanager.php [Wed Jun 17 08:32:12.165679 2026] [access_compat:error] [pid 3844643:tid 124098810193600] [client 20.151.2.122:28890] AH01797: client denied by server configuration: proxy:http://localhost:4000/this_is_a_new_hello_world.php [Wed Jun 17 08:32:12.298699 2026] [access_compat:error] [pid 3844643:tid 124097090541248] [client 20.151.2.122:28890] AH01797: client denied by server configuration: proxy:http://localhost:4000/jj.php [Wed Jun 17 08:32:12.318626 2026] [access_compat:error] [pid 3844643:tid 124098315286208] [client 20.151.2.122:28890] AH01797: client denied by server configuration: proxy:http://localhost:4000/click.php [Wed Jun 17 08:32:12.504816 2026] [access_compat:error] [pid 3844643:tid 124099430958784] [client 20.151.2.122:28890] AH01797: c ... show less	Brute-Force SSH
🇨🇦 TechnoSolutions CL	2026-06-17 13:27:05 (16 minutes ago)	20.151.2.122 - - [17/Jun/2026:13:26:19 +0000] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 405 150 " ... show more 20.151.2.122 - - [17/Jun/2026:13:26:19 +0000] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 405 150 "-" "-" 20.151.2.122 - - [17/Jun/2026:13:27:05 +0000] "GET /wp-admin/css/colors/midnight/about.php HTTP/1.1" 405 150 "-" "-" 20.151.2.122 - - [17/Jun/2026:13:27:05 +0000] "GET /wp-admin/css/colors/midnight/about.php HTTP/1.1" 405 150 "-" "-" ... show less	Hacking Brute-Force Web App Attack
🇳🇱 Roderic	2026-06-17 13:26:41 (17 minutes ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
🇺🇸 TPI-Abuse	2026-06-17 13:22:14 (21 minutes ago)	(mod_security) mod_security (id:210492) triggered by 20.151.2.122 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.151.2.122 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 09:22:10.458950 2026] [security2:error] [pid 30519:tid 30519] [client 20.151.2.122:60433] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.ratbird.com"] [uri "/consultantx/wp-config.php"] [unique_id "ajKfgk7imq4sds8FYRMcGAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 raph	2026-06-17 13:21:42 (22 minutes ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇧🇾 lns.bz	2026-06-17 13:16:53 (26 minutes ago)	Too many 404 requests [BY]	Web App Attack
🇦🇺 rubixstudios	2026-06-17 13:15:03 (28 minutes ago)	Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360	DDoS Attack Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-17 13:14:10 (29 minutes ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇩🇪 MusicLibrary	2026-06-17 13:09:32 (34 minutes ago)	Attempted access to sensitive configuration files (.env, .git, etc.)	Bad Web Bot Web App Attack
🇷🇺 DZBOT	2026-06-17 13:01:16 (42 minutes ago)	DZBOT: Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇨🇦 polycoda	2026-06-17 12:59:42 (44 minutes ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based)	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 71 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 172.217.33.157

🇦🇷 190.244.39.224

🇧🇷 177.44.96.100

🇩🇪 151.243.11.35

🇷🇺 95.215.0.144

🇫🇷 87.89.180.193

🇱🇹 81.30.98.49

🇩🇪 69.5.169.57

🇰🇷 211.219.243.53

🇨🇳 115.56.150.143

🇨🇭 104.251.180.164

🇩🇪 69.5.169.154

🇳🇱 45.148.10.240

🇫🇷 2a10:4646:190::371f:281c

🇳🇱 195.178.110.30

🇨🇳 117.50.177.222

🇭🇰 103.158.29.100

🇱🇹 81.30.98.142

🇱🇹 81.30.98.62

🇱🇹 81.30.98.44