JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.151.217.54

20.151.217.54 was found in our database!

This IP was reported 355 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.151.217.54

Whois 20.151.217.54

IP Abuse Reports for 20.151.217.54:

This IP address has been reported a total of 355 times from 314 distinct sources. 20.151.217.54 was first reported on June 13th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 geot	2026-06-14 13:24:36 (1 hour ago)	WordPress scanning bot	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-14 06:36:54 (8 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇳🇨 ACE-INFORMATIQUE.NC	2026-06-14 06:00:07 (9 hours ago)	Malicious CGI/web attack blocked by Fail2ban	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-14 05:13:44 (9 hours ago)	333 attacks on PHP URLs: GET /invisi.php HTTP/1.1	Web App Attack
🇭🇺 NyaljBe	2026-06-14 04:07:00 (11 hours ago)	20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /auto.php HTTP/1.1" 404 153 "-" "-" 20.151.217. ... show more 20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /auto.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /spire.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /Cap.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /samll.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:21 +0200] "GET /dragonshell.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /spawns.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /mg.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /htto.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /fix.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /ops.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - - [13/Jun/2026:22:04:20 +0200] "GET /crgio.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇭🇺 DumaNet	2026-06-14 03:44:00 (11 hours ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 19:37:28 Source IP: 20.151 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 19:37:28 Source IP: 20.151.217.54 Portion of the log(s): 20.151.217.54 - [13/Jun/2026:19:37:26 +0200] "GET /h2a2ck.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:26 +0200] "GET /drykl.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:26 +0200] "GET /flox.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:26 +0200] "GET /cxl.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:26 +0200] "GET /rum.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:25 +0200] "GET /wolf.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:25 +0200] "GET /asu.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:25 +0200] "GET /momo.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:25 +0200] "GET /loxico93.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:19:37:25 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇭🇺 DumaNet	2026-06-14 03:04:00 (12 hours ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 18:20:35 Source IP: 20.151 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 18:20:35 Source IP: 20.151.217.54 Portion of the log(s): 20.151.217.54 - [13/Jun/2026:18:20:35 +0200] "GET /h2a2ck.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:35 +0200] "GET /drykl.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:35 +0200] "GET /flox.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:35 +0200] "GET /cxl.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /rum.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /wolf.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /asu.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /momo.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /loxico93.php HTTP/1.1" 404 153 "-" "-" 20.151.217.54 - [13/Jun/2026:18:20:34 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇩🇪 SiyCah	2026-06-14 03:00:01 (12 hours ago)	IP banned by fail2ban; banned in jail apache-auth. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇺🇸 deskpass.com	2026-06-14 00:10:14 (14 hours ago)	GET /invisi.php	Web App Attack
🇫🇷 EDSL	2026-06-14 00:08:22 (15 hours ago)	[mail.edsl.fr] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
Anonymous	2026-06-14 00:05:35 (15 hours ago)	[13-Jun-2026 20:05:33 America/New_York] Page Not Found: wp_filemanager.php [20.151.217.54] [13-Jun-2 ... show more [13-Jun-2026 20:05:33 America/New_York] Page Not Found: wp_filemanager.php [20.151.217.54] [13-Jun-2026 20:05:33 America/New_York] Page Not Found: this_is_a_new_hello_world.php [20.151.217.54] ... show less	Brute-Force
🇺🇸 n2nguyenn2nguyen	2026-06-14 00:05:20 (15 hours ago)	Blocked by YFC Security on https://1904.brixzly.com — type: rapid_scan_attempts	Web App Attack
🇺🇸 Charlesiv	2026-06-14 00:01:37 (15 hours ago)	Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE ASN: 8075 (Microsoft Co ... show more Triggered Cloudflare WAF (botFight) from CA. Action taken: MANAGED_CHALLENGE ASN: 8075 (Microsoft Corporation) Protocol: HTTP/1.1 (GET method) Endpoint: /invisi.php Timestamp: 2026-06-13T22:11:28Z Ray ID: a0b46e64a9c87114 UA: Empty string show less	Bad Web Bot
🇩🇪 Enno	2026-06-13 23:56:58 (15 hours ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
🇬🇧 rakkor	2026-06-13 23:56:08 (15 hours ago)	2026/06/14 00:56:07 [error] 23148#23148: 25374714 open() "/usr/syno/synoman/wp-content/plugins/hell ... show more 2026/06/14 00:56:07 [error] 23148#23148: 25374714 open() "/usr/syno/synoman/wp-content/plugins/hellopress/wp_filemanager.php" failed (2: No such file or directory), client: 20.151.217.54, server: audio.rakkor.uk, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "audio.rakkor.uk" 2026/06/14 00:56:07 [error] 23148#23148: *25374714 open() "/usr/syno/synoman/this_is_a_new_hello_world.php" failed (2: No such file or directory), client: 20.151.217.54, server: audio.rakkor.uk, request: "GET /this_is_a_new_hello_world.php HTTP/1.1", host: "audio.rakkor.uk" ... show less	Brute-Force Hacking Web App Attack

Showing 1 to 15 of 355 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 205.210.31.28

🇧🇷 177.155.133.175

🇺🇸 172.202.9.120

🇩🇪 151.243.11.35

🇨🇳 120.211.145.101

🇧🇪 34.156.181.9

🇻🇳 14.182.234.235

🇪🇸 217.154.106.153

🇫🇮 77.42.47.60

🇺🇸 71.206.190.209

🇨🇳 61.178.24.146

🇺🇸 45.8.22.227

🇪🇬 196.156.57.18

🇬🇧 195.96.139.240

🇪🇸 185.167.90.252

🇫🇷 91.196.152.115

🇳🇱 45.142.193.12

🇧🇷 23.129.252.244

🇺🇸 159.89.82.250

🇧🇩 103.199.109.215