JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.196.218.22

20.196.218.22 was found in our database!

This IP was reported 461 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.196.218.22

Whois 20.196.218.22

IP Abuse Reports for 20.196.218.22:

This IP address has been reported a total of 461 times from 187 distinct sources. 20.196.218.22 was first reported on March 19th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-04-30 13:04:29 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇿🇦 agentics	2026-04-01 02:16:08 (2 months ago)	20.196.218.22 report :	DDoS Attack FTP Brute-Force Port Scan Hacking Spoofing Brute-Force Exploited Host
🇩🇪 ghostwarriors	2026-03-31 22:50:50 (2 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Holger	2026-03-26 17:31:32 (2 months ago)	WordPress WebAttack	Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2026-03-25 20:12:15 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇳🇱 Site.eu	2026-03-25 03:54:13 (2 months ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 SpaceHost-Server	2026-03-24 23:32:47 (2 months ago)		Brute-Force Web App Attack
🇩🇪 ketovoila.pl	2026-03-24 23:27:10 (2 months ago)	ketovoila.pl HONEYPOT traffic: count=15, paths=15; sample_path=www.ketovoila.pl/bolt.php; UA=Mozilla ... show more ketovoila.pl HONEYPOT traffic: count=15, paths=15; sample_path=www.ketovoila.pl/bolt.php; UA=Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36; window=2026-03-24T08:20:47Z..2026-03-24T08:20:46Z show less	Port Scan Hacking Brute-Force
🇺🇸 factor1	2026-03-24 12:28:35 (2 months ago)	Fail2ban at saturn Reports Abuse.	Bad Web Bot
🇳🇴 doofy	2026-03-24 12:13:38 (2 months ago)	[Tue Mar 24 13:13:23.654437 2026] [access_compat:error] [pid 146981:tid 147037] [client 20.196.218.2 ... show more [Tue Mar 24 13:13:23.654437 2026] [access_compat:error] [pid 146981:tid 147037] [client 20.196.218.22:8184] AH01797: client denied by server configuration: /www/jplarsenbygg.no/wp-content/uploads/index.php [Tue Mar 24 13:13:28.573458 2026] [access_compat:error] [pid 146981:tid 147048] [client 20.196.218.22:8184] AH01797: client denied by server configuration: /www/jplarsenbygg.no/wp-content/uploads/index.php [Tue Mar 24 13:13:28.573458 2026] [access_compat:error] [pid 146981:tid 147048] [client 20.196.218.22:8184] AH01797: client denied by server configuration: /www/jplarsenbygg.no/wp-content/uploads/index.php [Tue Mar 24 13:13:38.514841 2026] [access_compat:error] [pid 146981:tid 147064] [client 20.196.218.22:8184] AH01797: client denied by server configuration: /www/jplarsenbygg.no/wp-content/themes/admin.php ... show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-03-24 12:11:05 (2 months ago)	[Tue Mar 24 13:11:04.663691 2026] [php7:error] [pid 1576782:tid 1576782] [client 20.196.218.22:1408] ... show more [Tue Mar 24 13:11:04.663691 2026] [php7:error] [pid 1576782:tid 1576782] [client 20.196.218.22:1408] script '/var/www/html/blog.solution.it/inputs.php' not found or unable to stat show less	Web App Attack
🇩🇪 london2038.com	2026-03-24 11:57:11 (2 months ago)	Probing for exploits 20.196.218.22 - - [24/Mar/2026:12:57:02 +0100] "GET /ioxi-o.php HTTP/1.1" 422 0 ... show more Probing for exploits 20.196.218.22 - - [24/Mar/2026:12:57:02 +0100] "GET /ioxi-o.php HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.196.218.22 - - [24/Mar/2026:12:57:10 +0100] "GET /.well-known/acme-challenge/wp-login.php HTTP/1.1" 422 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇹🇭 thaizone.com	2026-03-24 11:47:41 (2 months ago)	Hacking attempts against websites (D1) #5	Web App Attack Hacking
🇳🇿 Antinson	2026-03-24 11:46:03 (2 months ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
Anonymous	2026-03-24 11:39:39 (2 months ago)	Aggressive web scan	Web App Attack

Showing 1 to 15 of 461 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 5.83.143.40

🇨🇳 182.151.45.136

🇰🇷 161.118.139.216

🇨🇦 89.251.0.188

🇬🇧 35.203.210.5

🇺🇸 8.229.242.221

🇺🇸 216.180.246.2

🇰🇷 211.40.167.121

🇸🇬 194.233.69.106

🇲🇽 186.96.145.241

🇷🇺 178.207.10.91

🇮🇩 103.165.206.238

🇫🇷 23.180.120.140

🇷🇴 2.57.122.238

🇳🇱 45.148.10.183

🇫🇮 31.56.197.223

🇨🇳 27.47.24.138

🇵🇭 2001:4455:e6e:6700:e060:1e:521d:e01

🇳🇱 172.94.9.32

🇺🇸 165.154.173.204