JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.197.238.250

20.197.238.250 was found in our database!

This IP was reported 306 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.197.238.250

Whois 20.197.238.250

IP Abuse Reports for 20.197.238.250:

This IP address has been reported a total of 306 times from 247 distinct sources. 20.197.238.250 was first reported on June 4th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-11 09:27:38 (1 week ago)	WordPress WebAttack	Brute-Force Web App Attack
🇺🇸 Rayulcifer	2026-06-10 06:58:05 (1 week ago)	[Thu Jun 04 14:00:27.736307 2026] [authz_core:error] [pid 294635:tid 132423228581568] [client 20.197 ... show more [Thu Jun 04 14:00:27.736307 2026] [authz_core:error] [pid 294635:tid 132423228581568] [client 20.197.238.250:38698] AH01630: client denied by server configuration: proxy:http://localhost:4000/wp-content/plugins/hellopress/wp_filemanager.php [Thu Jun 04 14:00:28.240207 2026] [authz_core:error] [pid 294635:tid 132423236974272] [client 20.197.238.250:38698] AH01630: client denied by server configuration: proxy:http://localhost:4000/this_is_a_new_hello_world.php [Thu Jun 04 14:00:29.363003 2026] [authz_core:error] [pid 294635:tid 132424084211392] [client 20.197.238.250:38698] AH01630: client denied by server configuration: proxy:http://localhost:4000/classgoto24.php [Thu Jun 04 14:00:29.496375 2026] [authz_core:error] [pid 294635:tid 132424059033280] [client 20.197.238.250:38698] AH01630: client denied by server configuration: proxy:http://localhost:4000/cu.php [Thu Jun 04 14:00:29.614015 2026] [authz_core:error] [pid 294635:tid 132424268752576] [client 20.197.238.250:38698] AH01630: clien ... show less	Brute-Force SSH
Anonymous	2026-06-07 19:47:13 (2 weeks ago)	$f2bV_matches	Brute-Force
🇩🇪 Holger	2026-06-06 00:47:11 (2 weeks ago)	WordPress WebAttack	Brute-Force Web App Attack
🇪🇸 Gem	2026-06-05 22:10:00 (2 weeks ago)	Unauthorized web scan.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-05 22:03:05 (2 weeks ago)	Auto-ban: 16 malicious requests on 2026-06-04 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 16 malicious requests on 2026-06-04 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
Anonymous	2026-06-05 14:04:12 (2 weeks ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇳🇴 jad-abuse	2026-06-05 12:35:00 (2 weeks ago)	ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Observed by 1 sensor(s); ... show more ThreatFeed automated detection: malicious HTTP scanning / exploit attempts. Observed by 1 sensor(s); 109 hits. show less	Port Scan Bad Web Bot
🇭🇺 DumaNet	2026-06-05 09:40:00 (2 weeks ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 04. 23:42:56 Source IP: 20.197 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 04. 23:42:56 Source IP: 20.197.238.250 Portion of the log(s): 20.197.238.250 - [04/Jun/2026:23:42:56 +0200] "GET /ortasekerli1.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:56 +0200] "GET /rh.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:56 +0200] "GET /sky.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:55 +0200] "GET /zo.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:55 +0200] "GET /wpxml.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:55 +0200] "GET /ayk.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:54 +0200] "GET /xmu.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:54 +0200] "GET /xwx1.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:54 +0200] "GET /xs.php HTTP/1.1" 404 153 "-" "-" 20.197.238.250 - [04/Jun/2026:23:42:54 +0200] "GET /wp-kz.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇪🇸 pipeline.es	2026-06-05 07:33:38 (2 weeks ago)	Web scanning / probing for vulnerable paths	Port Scan Web App Attack
🇬🇧 openstrike.co.uk	2026-06-05 05:13:52 (2 weeks ago)	249 attacks on PHP URLs: GET /ms.php HTTP/1.1	Web App Attack
🇲🇽 octageeks.com	2026-06-05 04:21:50 (2 weeks ago)	Wordpress malicious attack:[octascan]	Web App Attack
Anonymous	2026-06-05 01:40:04 (2 weeks ago)	\| [Dangerous/Brazil] Aggressive IP 20.197.238.250 (~30 hits). Type: DoS Defender- Web server 400 err ... show more \| [Dangerous/Brazil] Aggressive IP 20.197.238.250 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇬🇧 andypiper	2026-06-05 01:00:56 (2 weeks ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇫🇮 kumiko	2026-06-05 00:20:19 (2 weeks ago)	[2026-06-05 03:20:16] Apache auth failure: brute force attempt, file probing	Brute-Force Bad Web Bot

Showing 1 to 15 of 306 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇷 185.255.126.30

🇺🇸 162.216.150.109

🇳🇱 138.226.239.10

🇺🇸 129.213.106.214

🇳🇵 113.199.244.30

🇺🇸 104.238.220.228

🇨🇳 101.42.102.180

🇷🇴 92.118.39.223

🇨🇦 85.217.149.12

🇮🇶 83.171.206.251

🇰🇷 61.76.38.54

🇩🇴 152.0.250.255

🇺🇸 150.107.38.251

🇺🇸 141.11.88.5

🇯🇵 47.74.33.105

🇺🇸 23.81.70.178

🇨🇳 211.91.58.39

🇳🇱 192.42.116.99

🇨🇱 190.22.39.150

🇦🇴 102.214.3.182