JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.205.96.134

20.205.96.134 was found in our database!

This IP was reported 76 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.205.96.134

Whois 20.205.96.134

IP Abuse Reports for 20.205.96.134:

This IP address has been reported a total of 76 times from 67 distinct sources. 20.205.96.134 was first reported on June 16th 2022, and the most recent report was 2 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 maxpower	2026-06-29 22:08:40 (2 minutes ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.205.96.134 (HK/Hong Kong/-): 1 in the last ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.205.96.134 (HK/Hong Kong/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.205.96.134 - - [30/Jun/2026:00:08:33 +0200] "GET /1.php HTTP/1.1" 404 840 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" host=neiataviaggi.it show less	Port Scan
🇵🇱 stareradia.pl	2026-06-29 22:08:28 (3 minutes ago)	[Tue Jun 30 00:08:26.807113 2026] [php:error] [pid 1025841:tid 1025841] [client 20.205.96.134:0] scr ... show more [Tue Jun 30 00:08:26.807113 2026] [php:error] [pid 1025841:tid 1025841] [client 20.205.96.134:0] script '/var/www/html/adminfuns.php' not found or unable to stat [Tue Jun 30 00:08:27.015116 2026] [php:error] [pid 1009205:tid 1009205] [client 20.205.96.134:0] script '/var/www/html/file.php' not found or unable to stat [Tue Jun 30 00:08:27.223327 2026] [php:error] [pid 1062640:tid 1062640] [client 20.205.96.134:0] script '/var/www/html/admin.php' not found or unable to stat [Tue Jun 30 00:08:28.058286 2026] [php:error] [pid 1009205:tid 1009205] [client 20.205.96.134:0] script '/var/www/html/inputs.php' not found or unable to stat ... show less	Web App Attack
🇬🇧 poundawebsiteltd	2026-06-29 22:07:52 (3 minutes ago)	Apache 403 Forbidden Access. Evidence: beanietools.dev:443 20.205.96.134 - - [29/Jun/2026:23:07:50 + ... show more Apache 403 Forbidden Access. Evidence: beanietools.dev:443 20.205.96.134 - - [29/Jun/2026:23:07:50 +0100] GET /wp-admin/js/widgets/index.php HTTP/1.1 301 700 - Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-29 22:01:32 (10 minutes ago)	Auto-ban: >3000 req/min op 2026-06-29	Web App Attack SSH Hacking
Anonymous	2026-06-29 22:00:01 (11 minutes ago)	(caddyscan) Scanner path probe from 20.205.96.134 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ... show more (caddyscan) Scanner path probe from 20.205.96.134 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.205.96.134 - - [29/Jun/2026:21:59:51 +0000] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" [REDACTED] 200 2627 20.205.96.134 - - [29/Jun/2026:21:59:52 +0000] "GET /wp-admin/network/index.php HTTP/1.1" [REDACTED] 200 2627 20.205.96.134 - - [29/Jun/2026:21:59:53 +0000] "GET /wp-admin/js/ HTTP/1.1" [REDACTED] 200 2627 20.205.96.134 - - [29/Jun/2026:21:59:55 +0000] "GET /wp-admin/css/colors/modern/ HTTP/1.1" [REDACTED] 200 2627 20.205.96.134 - - [29/Jun/2026:21:59:56 +0000] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" show less	Port Scan
Anonymous	2026-06-29 21:49:02 (22 minutes ago)	Cyber.Irish SIEM auto-block: Web - Sensitive File Access Attempt (Live)	Web App Attack
Anonymous	2026-06-29 21:44:48 (26 minutes ago)	Aggressive web scan	Web App Attack
🇨🇦 electronico	2026-06-29 21:41:19 (30 minutes ago)	20.205.96.134 - - [30/Jun/2026:08:41:16 +1100] "GET /adminfuns.php HTTP/1.1" 404 5903 "-" "Mozilla/5 ... show more 20.205.96.134 - - [30/Jun/2026:08:41:16 +1100] "GET /adminfuns.php HTTP/1.1" 404 5903 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.96.134 - - [30/Jun/2026:08:41:16 +1100] "GET /file.php HTTP/1.1" 404 2104 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.96.134 - - [30/Jun/2026:08:41:16 +1100] "GET /admin.php HTTP/1.1" 404 2104 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.96.134 - - [30/Jun/2026:08:41:16 +1100] "GET /wp-admin/css/colors/ocean/ HTTP/1.1" 404 2104 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.96.134 - - [30/Jun/2026:08:41:17 +1100] "GET /wk/index.php HTTP/1.1" 404 2104 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/12 ... show less	Brute-Force Web App Attack
🇮🇪 Jim Keir	2026-06-29 21:39:01 (32 minutes ago)	2026-06-29 21:39:00 20.205.96.134 File scanning, blocking 20.205.96.134 for 5 minutes	Web App Attack
🇺🇸 interbiznw.com	2026-06-29 21:32:30 (39 minutes ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 QT	2026-06-29 21:29:58 (41 minutes ago)	Website hack attempted at 2026-06-30 07:29:49 +1000	Web App Attack
🇦🇹 penguin-solutions.at	2026-06-29 21:25:25 (46 minutes ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-29 21:25:21 (46 minutes ago)	(mod_security) mod_security (id:1000001) triggered by 20.205.96.134 (HK/Hong Kong/Kowloon/Hong Kong/ ... show more (mod_security) mod_security (id:1000001) triggered by 20.205.96.134 (HK/Hong Kong/Kowloon/Hong Kong/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Tue Jun 30 00:25:19.018590 2026] [security2:error] [pid 2347683:tid 2347827] [client 20.205.96.134:14045] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /about.php"] [severity "CRITICAL"] [tag "security"] [hostname "setworldup.com"] [uri "/about.php"] [unique_id "akLiv89E6-Ru739sdA2wpAAABAg"] show less	Port Scan
🇮🇹 mediarama.com	2026-06-29 21:24:36 (47 minutes ago)	Banned by Fail2Ban	Web App Attack
🇩🇪 Jarda_H	2026-06-29 21:19:27 (52 minutes ago)	http-admin-interface-probing	Web App Attack

Showing 1 to 15 of 76 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 84.75.150.38

🇺🇸 43.153.74.75

🇭🇺 188.143.74.168

🇺🇸 172.202.117.178

🇬🇧 172.69.224.16

🇸🇬 145.223.130.40

🇺🇸 107.173.85.253

🇮🇩 103.175.47.123

🇧🇷 45.187.54.226

🇰🇷 15.164.13.166

🇨🇳 14.103.104.36

🇮🇶 5.1.110.208

🇬🇧 2a02:c7c:b17d:6100:e476:76cd:a41c:dd14

🇸🇬 145.223.131.90

🇨🇳 117.164.191.217

🇧🇬 93.94.141.115

🇸🇬 84.75.155.82

🇸🇬 43.156.91.175

🇹🇼 198.235.24.94

🇮🇳 151.185.42.198