JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.151.6.104

20.151.6.104 was found in our database!

This IP was reported 301 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.151.6.104

Whois 20.151.6.104

IP Abuse Reports for 20.151.6.104:

This IP address has been reported a total of 301 times from 247 distinct sources. 20.151.6.104 was first reported on May 24th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 sockominfo	2026-05-24 23:00:38 (1 week ago)	Webshell discovery success (Response: 200). Threat Score: 8.9/10 (CRITICAL). Confidence: 70%. CVSS v ... show more Webshell discovery success (Response: 200). Threat Score: 8.9/10 (CRITICAL). Confidence: 70%. CVSS v3.1: 10/10 (Critical). CVSS Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:H. Bayesian Probability: 87%. MITRE ATT&CK: T1566 (Phishing). Tactic: TA0001. Freshness: Fresh. Source Reputation: KNOWN_MALICIOUS. Methodology: CVSS 3.1 + Bayesian + Temporal + Environmental + MITRE ATT&CK + OWASP. Standards: ISO/IEC 27065:2022, NIST SP 800-30, IEEE S&P 2020. Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Email Spam
🇩🇪 Dominik Lysiak	2026-05-24 22:53:37 (1 week ago)	20.151.6.104 - - [25/May/2026:00:53:32 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.151.6.104 - - [25/May/2026:00:53:32 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" 20.151.6.104 - - [25/May/2026:00:53:32 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 146 "-" "-" 20.151.6.104 - - [25/May/2026:00:53:36 +0200] "GET /wp-includes/blocks/post-comments-form/ HTTP/1.1" 301 162 "-" "-" ... show less	Web App Attack
🇩🇪 fleckenbase	2026-05-24 22:44:01 (1 week ago)	apache-noscript ...	Brute-Force Web App Attack
🇦🇺 paulshipley.com.au	2026-05-24 22:40:35 (1 week ago)	paulshipley.com.au:443 20.151.6.104 - - [25/May/2026:08:40:33 +1000] "GET /wordpress/wp-admin/maint/ ... show more paulshipley.com.au:443 20.151.6.104 - - [25/May/2026:08:40:33 +1000] "GET /wordpress/wp-admin/maint/ HTTP/1.1" 404 71642 "-" "-" ... show less	Web App Attack
🇫🇷 SpaceHost-Server	2026-05-24 22:32:56 (1 week ago)		Brute-Force Web App Attack
🇺🇸 deskpass.com	2026-05-24 22:23:20 (1 week ago)	GET /xstelth.php	Web App Attack
Anonymous	2026-05-24 22:04:18 (1 week ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager ... show more [Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇫🇷 Murazaki	2026-05-24 22:03:34 (1 week ago)	thenest.media 20.151.6.104 - - [24/May/2026:09:51:40 +0200] "GET //cgi-bin/index.php HTTP/1.1" 404 1 ... show more thenest.media 20.151.6.104 - - [24/May/2026:09:51:40 +0200] "GET //cgi-bin/index.php HTTP/1.1" 404 153 "-" "-" "172.22.0.73:80" thenest.media 20.151.6.104 - - [24/May/2026:09:51:43 +0200] "GET //cgi-bin/admin.php HTTP/1.1" 404 153 "-" "-" "172.22.0.73:80" signaling.balamb.fr 20.151.6.104 - - [24/May/2026:16:59:03 +0200] "GET /cgi-bin/index.php HTTP/1.1" 404 19 "-" "-" "172.22.0.3:8081" signaling.balamb.fr 20.151.6.104 - - [24/May/2026:16:59:06 +0200] "GET /cgi-bin/admin.php HTTP/1.1" 404 19 "-" "-" "172.22.0.3:8081" signaling.balamb.fr 20.151.6.104 - - [24/May/2026:17:17:25 +0200] "GET /cgi-bin/index.php HTTP/1.1" 404 19 "-" "-" "172.22.0.3:8081" ... show less	Bad Web Bot
🇩🇪 macrob	2026-05-24 22:03:21 (1 week ago)	2026/05/24 22:03:15 [error] 3511647#3511647: 253693161 access forbidden by rule, client: 20.151.6.1 ... show more 2026/05/24 22:03:15 [error] 3511647#3511647: 253693161 access forbidden by rule, client: 20.151.6.104, server: binixo.mx, request: "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1", host: "binixo.mx" 2026/05/24 22:03:20 [error] 3511647#3511647: 253693161 access forbidden by rule, client: 20.151.6.104, server: binixo.mx, request: "GET /wp-includes/blocks/post-comments-form/ HTTP/1.1", host: "binixo.mx" 2026/05/24 22:03:20 [error] 3511647#3511647: 253693161 access forbidden by rule, client: 20.151.6.104, server: binixo.mx, request: "GET /wp-admin/js/ HTTP/1.1", host: "binixo.mx" ... show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-24 22:02:30 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-24	Web App Attack SSH Hacking
🇮🇩 sockominfo	2026-05-24 22:00:47 (1 week ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Email Spam
🇳🇱 middelkoopcc	2026-05-24 22:00:05 (1 week ago)	2026-05-24 23:56:03 [client 20.151.6.104:17292] AH01071: Got error 'Primary script unknown' && 2026- ... show more 2026-05-24 23:56:03 [client 20.151.6.104:17292] AH01071: Got error 'Primary script unknown' && 2026-05-24 23:56:04 [client 20.151.6.104:17292] AH01071: Got error 'Primary script unknown' && 2026-05-24 23:56:04 [client 20.151.6.104:17292] AH01071: Got error 'Primary script unknown' && 122 more within 20 minutes show less	Web App Attack
🇬🇧 Artelis	2026-05-24 21:53:07 (1 week ago)	20.151.6.104 - - [24/May/2026:21:53:07 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.151.6.104 - - [24/May/2026:21:53:07 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" ... show less	Web App Attack
🇩🇪 Vegascosmetics	2026-05-24 21:51:15 (1 week ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
Anonymous	2026-05-24 21:45:41 (1 week ago)	Portscan: TCP/80 (8x), TCP/443	Port Scan

Showing 46 to 60 of 301 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:ff68:7:6f:258:7bff:fe73:c43f

🇮🇳 223.185.60.74

🇬🇧 185.216.145.166

🇺🇸 165.227.209.27

🇭🇰 154.221.17.137

🇹🇷 95.130.170.146

🇨🇳 61.146.235.54

🇮🇩 180.252.226.157

🇨🇷 179.48.248.245

🇺🇸 172.105.157.44

🇵🇹 81.193.216.17

🇳🇱 62.45.39.47

🇧🇷 45.205.1.5

🇳🇱 5.255.122.197

🇮🇳 2401:4900:88d0:c2e2:f5f0:5d4:80c0:3c67

🇨🇭 195.177.93.228

🇺🇸 185.149.26.145

🇹🇭 182.53.52.68

🇸🇰 78.99.32.152

🇰🇷 58.65.96.141