JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.203.137.163

20.203.137.163 was found in our database!

This IP was reported 119 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.203.137.163

Whois 20.203.137.163

IP Abuse Reports for 20.203.137.163:

This IP address has been reported a total of 119 times from 86 distinct sources. 20.203.137.163 was first reported on June 2nd 2026, and the most recent report was 54 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-03 02:40:01 (1 day ago)	Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probin ... show more Attempted access to sensitive endpoint (/xmlrpc.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇳🇱 CryptoYakari	2026-06-03 02:09:32 (1 day ago)	20.203.137.163 - - [03/Jun/2026:05:09:27 +0300] "GET /a.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Wind ... show more 20.203.137.163 - - [03/Jun/2026:05:09:27 +0300] "GET /a.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.203.137.163 - - [03/Jun/2026:05:09:28 +0300] "GET /aa.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.203.137.163 - - [03/Jun/2026:05:09:28 +0300] "GET /aaa.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.203.137.163 - - [03/Jun/2026:05:09:28 +0300] "GET /ab.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.203.137.163 - - [03/Jun/2026:05:09:28 +0300] "GET /lock360.php HTTP/1.0" 404 531 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web Spam Blog Spam Web App Attack Bad Web Bot
🇺🇸 interbiznw.com	2026-06-03 01:55:44 (1 day ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 ramazan	2026-06-03 01:40:57 (1 day ago)	Fail2Ban: nginx-4xx \| Failures: 10 \| Log: /a.php /aa.php /aaa.php /ab.php /anonse/lock360.php	Web App Attack Hacking
🇩🇪 macrob	2026-06-03 01:23:31 (1 day ago)	2026/06/03 01:23:29 [error] 721905#721905: 276766666 access forbidden by rule, client: 20.203.137.1 ... show more 2026/06/03 01:23:29 [error] 721905#721905: 276766666 access forbidden by rule, client: 20.203.137.163, server: binixo.ro, request: "GET /admin.php HTTP/2.0", host: "www.binixo.ro" 2026/06/03 01:23:30 [error] 721905#721905: 276766666 access forbidden by rule, client: 20.203.137.163, server: binixo.ro, request: "GET /xmlrpc.php HTTP/2.0", host: "www.binixo.ro" 2026/06/03 01:23:30 [error] 721905#721905: 276766663 access forbidden by rule, client: 20.203.137.163, server: binixo.ro, request: "GET /wp-admin.php HTTP/2.0", host: "www.binixo.ro" ... show less	Web App Attack
🇩🇪 BlueWire Hosting	2026-06-03 01:03:05 (1 day ago)	Probing websites for vulnerabilities	Web App Attack SQL Injection
🇫🇮 Christopher Hughes	2026-06-03 00:54:16 (1 day ago)	[Wed Jun 03 01:54:15.932428 2026] [proxy_fcgi:error] [pid 346537:tid 139774761342528] [client 20.203 ... show more [Wed Jun 03 01:54:15.932428 2026] [proxy_fcgi:error] [pid 346537:tid 139774761342528] [client 20.203.137.163:7446] AH01071: Got error 'Primary script unknown' [Wed Jun 03 01:54:15.970995 2026] [proxy_fcgi:error] [pid 346537:tid 139774778127936] [client 20.203.137.163:7446] AH01071: Got error 'Primary script unknown' [Wed Jun 03 01:54:16.009541 2026] [proxy_fcgi:error] [pid 346537:tid 139774400652864] [client 20.203.137.163:7446] AH01071: Got error 'Primary script unknown' [Wed Jun 03 01:54:16.065032 2026] [proxy_fcgi:error] [pid 346537:tid 139773729564224] [client 20.203.137.163:7446] AH01071: Got error 'Primary script unknown' [Wed Jun 03 01:54:16.103587 2026] [proxy_fcgi:error] [pid 346537:tid 139774786520640] [client 20.203.137.163:7446] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-03 00:35:11 (1 day ago)	20.203.137.163 - - [03/Jun/2026:03:35:11 +0300] "GET /xmlrpc.php HTTP/1.1" 404 785 "-" "Mozilla/5.0 ... show more 20.203.137.163 - - [03/Jun/2026:03:35:11 +0300] "GET /xmlrpc.php HTTP/1.1" 404 785 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-03 00:30:52 (1 day ago)	Aggressive web scan	Bad Web Bot Web App Attack
🇺🇸 Epimetheus	2026-06-03 00:20:33 (1 day ago)	Unauthorized access attempts: [GET] /wp-content/uploads/wp.php [GET] /config.php [GET] /wp-contentt ... show more Unauthorized access attempts: [GET] /wp-content/uploads/wp.php [GET] /config.php [GET] /wp-contentt.php [GET] /wp-includes/theme-compat/ [GET] /wp-logs.php [GET] /wp-includes/mani.php [GET] /class_api.php [GET] /sitemaps.php [GET] /ab.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇮🇩 soc-yk	2026-06-03 00:18:18 (1 day ago)	Type: web_scanning Risk: 68 Events: 673 Evidence: - Automated hostile web probing detected - Repeat ... show more Type: web_scanning Risk: 68 Events: 673 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-03 00:07:01 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [ice01,ice02,wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇩🇪 paissangroup	2026-06-03 00:03:01 (1 day ago)	Multiple WAF Violations	Web App Attack
🇳🇱 jbouwh	2026-06-02 23:40:23 (1 day ago)	[Wed Jun 03 01:40:23.157793 2026] [authz_core:error] [pid 2886257:tid 2886257] [client 20.203.137.16 ... show more [Wed Jun 03 01:40:23.157793 2026] [authz_core:error] [pid 2886257:tid 2886257] [client 20.203.137.163:7317] AH01630: client denied by server configuration: /data/srv/[redacted]/wp-content/uploads/2018/03/index.php [Wed Jun 03 01:40:23.172676 2026] [authz_core:error] [pid 2886257:tid 2886257] [client 20.203.137.163:7317] AH01630: client denied by server configuration: /data/srv/[redacted]/wp-content/uploads/2022/07/index.php [Wed Jun 03 01:40:23.188011 2026] [authz_core:error] [pid 2886257:tid 2886257] [client 20.203.137.163:7317] AH01630: client denied by server configuration: /data/srv/[redacted]/wp-content/uploads/2023/03/index.php show less	Web App Attack
🇩🇪 LRob.fr	2026-06-02 23:15:03 (1 day ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot

Showing 61 to 75 of 119 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 185.9.193.111

🇺🇸 104.168.74.62

🇧🇷 177.148.169.93

🇸🇬 165.154.205.91

🇺🇸 147.185.132.148

🇮🇳 122.187.219.78

🇹🇼 118.194.252.168

🇮🇳 74.225.162.180

🇺🇸 54.235.137.122

🇷🇺 46.191.197.143

🇺🇸 20.163.8.222

🇫🇷 178.18.253.11

🇺🇸 162.216.150.234

🇺🇸 149.57.191.22

🇷🇺 95.165.68.145

🇫🇷 91.196.152.245

🇱🇹 81.30.98.142

🇺🇸 13.89.121.32

🇫🇷 4.211.84.189

🇬🇧 217.146.80.98