JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.171.72.5

20.171.72.5 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.171.72.5

Whois 20.171.72.5

IP Abuse Reports for 20.171.72.5:

This IP address has been reported a total of 33 times from 30 distinct sources. 20.171.72.5 was first reported on June 11th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 consul.to	2026-06-12 00:35:02 (6 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 pinguin	2026-06-12 00:30:45 (6 hours ago)	Triggered Cloudflare WAF (firewallManaged) from US. Action taken: LOG Protocol: HTTP/1.1 (GET method ... show more Triggered Cloudflare WAF (firewallManaged) from US. Action taken: LOG Protocol: HTTP/1.1 (GET method) Endpoint: /mini.php UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-12 00:10:37 (7 hours ago)	vars[0]=md5&vars[1][]=Hello	Fraud Orders Hacking Brute-Force Web App Attack
🇩🇪 updown.io	2026-06-11 23:45:56 (7 hours ago)	{"level":"info","ts":1781221458.0454385,"logger":"http.log.access.log0","msg":"handled request","req ... show more {"level":"info","ts":1781221458.0454385,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"20.171.72.5","remote_port":"2126","client_ip":"20.171.72.5","proto":"HTTP/1.1","method":"GET","host":"grnv.status.updown.io","uri":"/wp-content/plugins/hellopress/wp_filemanager.php","headers":{}},"bytes_read":0,"user_id":"","duration":0.000063591,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://grnv.status.updown.io/wp-content/plugins/hellopress/wp_filemanager.php"],"Content-Type":[]}} {"level":"info","ts":1781221459.351178,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"20.171.72.5","remote_port":"2112","client_ip":"20.171.72.5","proto":"HTTP/1.1","method":"GET","host":"grnv.status.updown.io","uri":"/this_is_a_new_hello_world.php","headers":{}},"bytes_read":0,"user_id":"","duration":0.000072439,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location" ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-11 23:29:46 (7 hours ago)	Multiple web server 400 error codes from same source ip	Web App Attack
Anonymous	2026-06-11 22:15:06 (8 hours ago)	20.171.72.5 - - [12/Jun/2026:00:15:05 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.171.72.5 - - [12/Jun/2026:00:15:05 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 403 5777 "-" "-" ... show less	Web App Attack
🇺🇸 mnsf	2026-06-11 22:05:41 (9 hours ago)	Too many Status 40X (15)	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-11 22:00:48 (9 hours ago)	Auto-ban: >3000 req/min op 2026-06-11	Web App Attack SSH Hacking
🇩🇪 raph	2026-06-11 21:18:48 (9 hours ago)	[LIB DIR] crawler /vendor/, /node_modules/, /laravel/*, etc.	Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-11 21:13:24 (9 hours ago)	Try to access /wp-content/plugins/hellopress/wp_filemanager.php	Web App Attack
🇳🇱 Site.eu	2026-06-11 21:02:00 (10 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 DrLex0	2026-06-11 21:00:20 (10 hours ago)	The eternal WordPress and/or random PHP poking from Azure ranges, MS is either incapable of stopping ... show more The eternal WordPress and/or random PHP poking from Azure ranges, MS is either incapable of stopping this or willingly allows it. 20.171.72.5 80 - [11/Jun/2026:21:00:19 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 2383 "-" "-" 20.171.72.5 80 - [11/Jun/2026:21:00:20 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 2383 "-" "-" show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-11 20:26:57 (10 hours ago)	Web vulnerability probing: /xmrlpc.php	Web App Attack
🇮🇹 alessio loto	2026-06-11 19:50:58 (11 hours ago)	WAF Detection: Empty_UserAgent (High Risk IP). AI Confirmed Attack Payload.	Web App Attack
🇨🇦 polycoda	2026-06-11 18:45:09 (12 hours ago)	🔥 VERY AGGRESSIVE SCANNER probed over 100 inexistent files and PHP scripts in less than an hour.	Hacking Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.156.128.59

🇬🇧 2a06:4883:d000::e9

🇫🇷 2001:4b98:dc0:51:216:3eff:fe83:9b0d

🇩🇪 213.209.159.238

🇮🇪 185.192.16.116

🇮🇳 150.107.189.232

🇺🇸 71.6.134.232

🇩🇪 69.5.169.159

🇺🇸 20.55.42.210

🇸🇪 2a0d:bbc7::f816:3eff:fe72:95b6

🇳🇱 204.76.203.206

🇳🇱 176.65.139.211

🇩🇪 167.94.146.44

🇺🇸 162.216.149.87

🇮🇳 103.248.120.6

🇷🇴 92.118.39.213

🇷🇺 89.253.33.165

🇺🇸 71.6.239.222

🇺🇸 162.216.150.179

🇨🇳 140.246.70.45