JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.169.53.112

20.169.53.112 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.169.53.112

Whois 20.169.53.112

IP Abuse Reports for 20.169.53.112:

This IP address has been reported a total of 42 times from 27 distinct sources. 20.169.53.112 was first reported on June 24th 2026, and the most recent report was 43 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-24 22:28:21 (43 minutes ago)		Brute-Force Web App Attack
🇫🇷 cityhunter_rhone	2026-06-24 15:06:06 (8 hours ago)	Fail2Ban offender in jail [recidive] — 1 total attempts — tracked by mercurius-guide.com security sy ... show more Fail2Ban offender in jail [recidive] — 1 total attempts — tracked by mercurius-guide.com security system. show less	SSH Brute-Force
🇺🇸 WeekendWeb	2026-06-24 14:44:37 (8 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 14:36:51 (8 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:36:47.720568 2026] [security2:error] [pid 16233:tid 16233] [client 20.169.53.112:64392] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fancycleaners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fancycleaners.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvrfwa4pAl8VWKdnm23kAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 14:20:18 (8 hours ago)	Web attack blocked by Wordfence on kunstkringhenrijonas.nl (12 hits). Reported by CRMON.	Web App Attack
🇨🇭 4server	2026-06-24 14:15:14 (8 hours ago)	[WedJun2416:15:09.7129162026][security2:error][pid2927928:tid2927935][client20.169.53.112:0]ModSecur ... show more [WedJun2416:15:09.7129162026][security2:error][pid2927928:tid2927935][client20.169.53.112:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"368\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"benvenutialfood.biz\"][uri\"/xmlrpc.php\"][unique_id\"ajvmbZg27FT8oJt4N7UE4gAAAMU\"] show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 14:05:36 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 10:05:29.607416 2026] [security2:error] [pid 1406:tid 1406] [client 20.169.53.112:63262] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|amybeam.info\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "amybeam.info"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvkKa8btZ5aaCkJLrN10wAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 13:47:38 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:47:32.600019 2026] [security2:error] [pid 23958:tid 23958] [client 20.169.53.112:64348] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|versahealthcare.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "versahealthcare.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvf9EWzd1onJxpxhFqD3AAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 13:45:24 (9 hours ago)	20.169.53.112 - - [24/Jun/2026:13:45:23 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 44361 "-" "M ... show more 20.169.53.112 - - [24/Jun/2026:13:45:23 +0000] "GET /wp-json/wp/v2/users/ HTTP/1.1" 404 44361 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Edg/123.0.0.0" ... show less	Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-24 13:35:30 (9 hours ago)	12.240 requests with url.path */xmlrpc.php	Brute-Force Bad Web Bot
🇺🇸 lostswordfish.com	2026-06-24 13:34:04 (9 hours ago)	Wordfence waf block on 1105merrystreet	Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 13:31:12 (9 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:31:04.747929 2026] [security2:error] [pid 14629:tid 14629] [client 20.169.53.112:64430] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|st-maarten-fishing.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "st-maarten-fishing.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvcGN2cKuvGH9UmcJ0vXQAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-24 13:10:14 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 09:10:08.046075 2026] [security2:error] [pid 1685:tid 1710] [client 20.169.53.112:64011] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|daydreambeliever.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "daydreambeliever.us"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvXMG5aMuDZu9g39l398AAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-24 13:08:40 (10 hours ago)	Attac	Brute-Force
🇺🇸 TPI-Abuse	2026-06-24 12:50:16 (10 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 20.169.53.112 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 08:50:12.062063 2026] [security2:error] [pid 1153:tid 1265] [client 20.169.53.112:62939] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|leadingedgesupply.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "leadingedgesupply.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "ajvShG0IlBVWiZrRCQanoQAAAJU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 58.208.84.103

🇳🇱 176.65.139.254

🇺🇸 151.245.32.125

🇺🇸 147.185.132.95

🇮🇳 139.59.86.13

🇮🇩 103.59.161.159

🇸🇬 45.82.78.105

🇰🇷 14.63.217.28

🇧🇪 198.235.24.207

🇧🇷 189.6.10.43

🇺🇸 135.119.112.115

🇮🇳 115.241.1.85

🇳🇴 93.89.113.60

🇫🇷 85.217.140.20

🇧🇬 78.90.19.40

🇳🇱 45.198.224.145

🇺🇸 172.184.254.69

🇧🇩 103.239.252.132

🇳🇱 45.148.10.147

🇬🇧 35.203.211.109