JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.151.214.22

20.151.214.22 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.151.214.22

Whois 20.151.214.22

IP Abuse Reports for 20.151.214.22:

This IP address has been reported a total of 95 times from 86 distinct sources. 20.151.214.22 was first reported on June 8th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 andreighitan	2026-06-12 11:17:34 (1 week ago)	Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE, credential harvesting, PHP ... show more Coordinated attack against 84.46.253.134. Webshell scanning, PHPUnit RCE, credential harvesting, PHP vuln scanning. Active June 7-11 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Web App Attack Brute-Force
🇫🇷 SpaceHost-Server	2026-06-09 22:27:52 (1 week ago)		Brute-Force Web App Attack
Anonymous	2026-06-09 20:08:25 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇨🇦 polycoda	2026-06-09 10:46:49 (1 week ago)	🔥 VERY AGGRESSIVE SCANNER probed over 300 inexistent files and PHP scripts in less than an hour.	Hacking Web App Attack
🇬🇧 openstrike.co.uk	2026-06-09 05:14:37 (1 week ago)	162 attacks on PHP URLs: GET /admin-footer.php HTTP/1.1	Web App Attack
Anonymous	2026-06-09 03:50:52 (1 week ago)	Portscan: TCP/80 (5x), TCP/443 (2x)	Port Scan
Anonymous	2026-06-09 01:26:22 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇺🇦 URAN Publishing Service	2026-06-09 01:09:17 (1 week ago)	20.151.214.22 - - [09/Jun/2026:04:09:17 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.151.214.22 - - [09/Jun/2026:04:09:17 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 722 "-" "-" ... show less	Web App Attack
🇩🇪 raph	2026-06-09 01:03:31 (1 week ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇬🇧 andypiper	2026-06-09 01:01:25 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 helios.live	2026-06-09 01:01:10 (1 week ago)	2026/06/09 01:01:09 [error] 3774089#3774089: 222348 FastCGI sent in stderr: "Primary script unknown ... show more 2026/06/09 01:01:09 [error] 3774089#3774089: 222348 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.151.214.22, server: kocerroxy.com, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "app.kocerroxy.com" 20.151.214.22 - - [09/Jun/2026:01:01:09 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 47 "-" "-" 2026/06/09 01:01:09 [error] 3774089#3774089: 222348 FastCGI sent in stderr: "Primary script unknown" while reading response header from upstream, client: 20.151.214.22, server: kocerroxy.com, request: "GET /this_is_a_new_hello_world.php HTTP/1.1", upstream: "fastcgi://unix:/var/run/php/php8.4-fpm-betakocerroxycom.sock:", host: "app.kocerroxy.com" 20.151.214.22 - - [09/Jun/2026:01:01:09 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 47 "-" "-" 2026/06/09 01:01:09 [error] 3774089#3774089: ... show less	Web App Attack
Anonymous	2026-06-09 00:54:25 (1 week ago)	XSS Attempt	Hacking
🇩🇪 Vegascosmetics	2026-06-09 00:41:22 (1 week ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after harassing activity. Vegas Security	Hacking Web App Attack
🇺🇸 Mundo Bueno	2026-06-09 00:35:39 (1 week ago)	[ISILIA Protection v2.1] Tentative d'accès: /install.php \| Pays: CA \| UA:	Hacking Web App Attack
🇺🇸 mnsf	2026-06-09 00:17:31 (1 week ago)	Too many Status 40X (64) Request Overload (129)	Brute-Force Web App Attack

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 193.3.53.6

🇰🇷 175.199.67.164

🇧🇷 164.152.250.192

🇺🇸 147.185.132.12

🇷🇴 141.98.83.240

🇭🇰 124.244.54.215

🇸🇬 212.73.148.5

🇹🇷 188.59.178.45

🇨🇳 129.211.172.249

🇹🇼 125.228.241.194

🇱🇻 81.30.98.62

🇫🇷 62.210.189.225

🇰🇷 220.119.37.141

🇮🇳 117.221.131.75

🇨🇳 101.254.159.210

🇹🇷 94.78.89.29

🇳🇱 45.148.10.147

🇫🇷 217.113.194.21

🇺🇸 216.180.246.244

🇦🇲 176.32.193.16