JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.196.97.33

20.196.97.33 was found in our database!

This IP was reported 205 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.196.97.33

Whois 20.196.97.33

IP Abuse Reports for 20.196.97.33:

This IP address has been reported a total of 205 times from 115 distinct sources. 20.196.97.33 was first reported on May 23rd 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-05-26 22:27:28 (1 week ago)		Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-05-25 22:27:16 (1 week ago)		Brute-Force Web App Attack
🇺🇸 chronos	2026-05-25 06:56:34 (1 week ago)	[AUTORAVALT][[25/05/2026 - 03:56:34 -03:00 UTC] Attack from [Microsoft Corporation] [20.196.97.33] A ... show more [AUTORAVALT][[25/05/2026 - 03:56:34 -03:00 UTC] Attack from [Microsoft Corporation] [20.196.97.33] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software p] ... show less	Hacking Web App Attack
🇺🇸 chronos	2026-05-25 06:17:50 (1 week ago)	[AUTORAVALT][[25/05/2026 - 03:17:50 -03:00 UTC] Attack from [Microsoft Corporation] [20.196.97.33] A ... show more [AUTORAVALT][[25/05/2026 - 03:17:50 -03:00 UTC] Attack from [Microsoft Corporation] [20.196.97.33] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam -> CMS blog comment spam. Web App Attack -> Attempts to prob] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
🇬🇧 openstrike.co.uk	2026-05-25 05:14:37 (1 week ago)	91 attacks on PHP URLs: GET /php.php HTTP/1.1	Web App Attack
🇫🇷 AGEPCom	2026-05-25 05:09:22 (1 week ago)	Smart-Ban: IP bannie via score AbuseIPDB	Brute-Force Web App Attack
🇮🇩 itsocindo	2026-05-25 05:00:16 (1 week ago)	Type: public_web_scanning Threat: public_web_exploitation_scanner Risk Score: 100 Priority Score: 7 ... show more Type: public_web_scanning Threat: public_web_exploitation_scanner Risk Score: 100 Priority Score: 72.13 Confidence: 100 Events: 82 Country: United States Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Web App Attack
🇺🇸 deskpass.com	2026-05-25 04:45:20 (1 week ago)	GET /wp-content/uploads/admin.php	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-25 04:05:47 (1 week ago)	20.196.97.33 - - [25/May/2026:07:05:47 +0300] "GET /wp-content/plugins/admin.php HTTP/1.1" 404 3348 ... show more 20.196.97.33 - - [25/May/2026:07:05:47 +0300] "GET /wp-content/plugins/admin.php HTTP/1.1" 404 3348 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇩🇪 AetherFox	2026-05-25 03:59:08 (1 week ago)	AetherFox VoidGuard detected: [Mon May 25 03:59:07.229359 2026] [authz_core:error] [pid 1572331:tid ... show more AetherFox VoidGuard detected: [Mon May 25 03:59:07.229359 2026] [authz_core:error] [pid 1572331:tid 1572361] [client 20.196.97.33:4846] AH01630: client denied by server configuration: proxy:https://[MASKED]/.well-known/ [Mon May 25 03:59:07.665197 2026] [authz_core:error] [pid 1572331:tid 1572369] [client 20.196.97.33:4846] AH01630: client denied by server configuration: proxy:https://[MASKED]/404.php [Mon May 25 03:59:07.884526 2026] [authz_core:error] [pid 1572331:tid 1572342] [client 20.196.97.33:4846] AH01630: client denied by server configuration: proxy:https://[MASKED]/abc.php [Mon May 25 03:59:08.103756 2026] [authz_core:error] [pid 1572331:tid 1572340] [client 20.196.97.33:4846] AH01630: client denied by server configuration: proxy:https://[MASKED]/abcd.php [Mon May 25 03:59:08.344621 2026] [authz_core:error] [pid 1572331:tid 1572336] [client 20.196.97.33:4846] AH01630: client denied by server configuration: proxy:https://[MASKED]/about.php ... show less	Bad Web Bot Web App Attack
🇩🇪 macrob	2026-05-25 03:45:04 (1 week ago)	2026/05/25 03:45:01 [error] 3511647#3511647: 254284537 access forbidden by rule, client: 20.196.97. ... show more 2026/05/25 03:45:01 [error] 3511647#3511647: 254284537 access forbidden by rule, client: 20.196.97.33, server: antzfund.com, request: "GET /admin.php HTTP/1.1", host: "antzfund.com" 2026/05/25 03:45:02 [error] 3511647#3511647: 254284576 access forbidden by rule, client: 20.196.97.33, server: antzfund.com, request: "GET /adminfuns.php HTTP/1.1", host: "antzfund.com" 2026/05/25 03:45:02 [error] 3511647#3511647: 254284585 access forbidden by rule, client: 20.196.97.33, server: antzfund.com, request: "GET /.tmb/cloud.php HTTP/1.1", host: "antzfund.com" ... show less	Web App Attack
🇫🇮 Christopher Hughes	2026-05-25 03:36:35 (1 week ago)	[Mon May 25 04:36:33.512413 2026] [proxy_fcgi:error] [pid 4177849:tid 139774803306048] [client 20.19 ... show more [Mon May 25 04:36:33.512413 2026] [proxy_fcgi:error] [pid 4177849:tid 139774803306048] [client 20.196.97.33:8151] AH01071: Got error 'Primary script unknown' [Mon May 25 04:36:34.013307 2026] [proxy_fcgi:error] [pid 4177849:tid 139774627124800] [client 20.196.97.33:8151] AH01071: Got error 'Primary script unknown' [Mon May 25 04:36:34.299079 2026] [proxy_fcgi:error] [pid 4177849:tid 139774794913344] [client 20.196.97.33:8151] AH01071: Got error 'Primary script unknown' [Mon May 25 04:36:34.568705 2026] [proxy_fcgi:error] [pid 4177849:tid 139775042401856] [client 20.196.97.33:8151] AH01071: Got error 'Primary script unknown' [Mon May 25 04:36:35.073592 2026] [proxy_fcgi:error] [pid 4177849:tid 139773586953792] [client 20.196.97.33:8151] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇹🇭 MWA SOC	2026-05-25 03:36:12 (1 week ago)		Hacking
🇹🇭 thaizone.com	2026-05-25 02:52:00 (1 week ago)	Hacking attempts against websites (D1) #1	Web App Attack Hacking
🇮🇩 itsocindo	2026-05-25 02:51:13 (1 week ago)	Type: credential_enumeration Threat: credential_spraying_actor Risk Score: 100 Priority Score: 77.6 ... show more Type: credential_enumeration Threat: credential_spraying_actor Risk Score: 100 Priority Score: 77.67 Confidence: 100 Events: 878 Country: United States Evidence: - Credential enumeration behavior identified - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Brute-Force SSH

Showing 1 to 15 of 205 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 2001:4490:4c91:c2e3:1022:77a8:83da:9e88

🇧🇷 205.210.31.186

🇧🇷 205.210.31.176

🇺🇸 18.97.5.113

🇷🇴 2.57.122.177

🇬🇧 217.146.80.125

🇧🇷 205.210.31.159

🇧🇷 205.210.31.143

🇨🇳 171.114.230.8

🇺🇸 147.185.132.149

🇷🇴 80.94.92.164

🇺🇸 57.141.0.54

🇧🇷 205.210.31.142

🇧🇷 205.210.31.138

🇧🇷 205.210.31.136

🇮🇳 203.174.22.246

🇨🇳 101.200.236.207

🇫🇷 91.231.89.137

🇮🇳 74.225.162.180

🇱🇹 45.227.254.170