JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.214.111.181

20.214.111.181 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.214.111.181

Whois 20.214.111.181

IP Abuse Reports for 20.214.111.181:

This IP address has been reported a total of 238 times from 134 distinct sources. 20.214.111.181 was first reported on June 9th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-14 19:47:23 (3 hours ago)	$f2bV_matches	Brute-Force
🇧🇷 Peregrine	2026-06-14 03:13:07 (20 hours ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.214.111.181 172.71.110.196 - - [10/Jun/2026:15:5 ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.214.111.181 172.71.110.196 - - [10/Jun/2026:15:57:49 -0300] "GET /a.php HTTP/1.1" 404 18193 show less	Bad Web Bot
Anonymous	2026-06-13 06:19:57 (1 day ago)	Web attack blocked by Wordfence on 1valkenburg.nl (16 hits). Reported by CRMON.	Web App Attack
🇺🇦 URAN Publishing Service	2026-06-13 05:49:56 (1 day ago)	20.214.111.181 - - [13/Jun/2026:08:49:52 +0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 788 ... show more 20.214.111.181 - - [13/Jun/2026:08:49:52 +0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 788 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.214.111.181 - - [13/Jun/2026:08:49:55 +0300] "GET /wp-admin/user.php HTTP/1.1" 404 788 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 WizardsToolkit	2026-06-13 05:48:00 (1 day ago)	attempted to access /404.php	Web App Attack
🇩🇪 Ba-Yu	2026-06-13 05:41:38 (1 day ago)	WordPress bruteforce	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇳🇿 Antinson	2026-06-13 05:25:00 (1 day ago)	Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)	Bad Web Bot
🇫🇷 [email protected]	2026-06-13 05:23:29 (1 day ago)	PrestaShop Security Module: AbuseIPDB high confidence score AND local web-app-attack detected (Abuse ... show more PrestaShop Security Module: AbuseIPDB high confidence score AND local web-app-attack detected (AbuseIPDB score: 100% (cached)) show less	Web App Attack
🇮🇩 soc-yk	2026-06-13 05:18:11 (1 day ago)	Type: suspicious_network_activity Risk: 100 Events: 4914 Evidence: - Persistent suspicious network ... show more Type: suspicious_network_activity Risk: 100 Events: 4914 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇬🇧 Steve	2026-06-13 05:12:39 (1 day ago)	Repeated attempts against wordpress site	Brute-Force Web App Attack
🇩🇪 todix	2026-06-13 05:10:48 (1 day ago)	Web App Attack Exploid from 20.214.111.181	Web App Attack
🇸🇬 serverutama	2026-06-13 05:03:05 (1 day ago)	Nginx scanner: 20.214.111.181 - - [13/Jun/2026:11:58:59 +0700] "GET /wp-content/uploads/index.php HT ... show more Nginx scanner: 20.214.111.181 - - [13/Jun/2026:11:58:59 +0700] "GET /wp-content/uploads/index.php HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" "-" show less	Web App Attack Bad Web Bot
🇪🇸 el-brujo	2026-06-13 04:51:18 (1 day ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: Microsoft Corporation Country: KR Method: GET Timestamp: 2026-06-13T04:51:18Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇵🇱 strefapi_com	2026-06-13 04:44:37 (1 day ago)	Brute-force, web ...	Hacking Brute-Force Web App Attack
🇩🇪 Ba-Yu	2026-06-13 04:42:56 (1 day ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.146.46

🇨🇳 115.190.63.151

🇺🇸 74.235.108.239

🇺🇸 209.112.91.75

🇧🇷 205.210.31.200

🇨🇳 116.177.172.94

🇧🇬 79.124.40.174

🇺🇸 74.7.241.57

🇩🇪 43.228.157.8

🇭🇰 35.220.159.182

🇺🇸 185.226.196.29

🇨🇲 165.210.33.197

🇨🇳 115.51.216.29

🇺🇸 47.145.62.32

🇧🇷 34.151.209.132

🇨🇳 27.188.184.13

🇺🇸 20.81.158.147

🇷🇴 2.57.122.238

🇺🇸 157.230.224.175

🇯🇵 153.238.200.4