JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.220.10.205

20.220.10.205 was found in our database!

This IP was reported 352 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.220.10.205

Whois 20.220.10.205

IP Abuse Reports for 20.220.10.205:

This IP address has been reported a total of 352 times from 278 distinct sources. 20.220.10.205 was first reported on June 20th 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 Peregrine	2026-06-23 03:13:25 (16 hours ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /x.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /wss.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /ty.php?p= HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /Ar.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:59 -0300] "GET /wpconf.php HTTP/1.1" 404 414 show less	Bad Web Bot
🇳🇱 Site.eu	2026-06-22 12:53:36 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 chronos	2026-06-22 06:57:19 (1 day ago)	[AUTORAVALT][[22/06/2026 - 03:57:19 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.10.205] ... show more [AUTORAVALT][[22/06/2026 - 03:57:19 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.10.205] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software ] ... show less	Hacking Web App Attack
🇺🇸 chronos	2026-06-22 06:19:19 (1 day ago)	[AUTORAVALT][[22/06/2026 - 03:19:18 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.10.205] ... show more [AUTORAVALT][[22/06/2026 - 03:19:18 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.10.205] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam -> CMS blog comment spam. Web App Attack -> Attempts to pro] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
🇬🇧 openstrike.co.uk	2026-06-22 05:13:52 (1 day ago)	157 attacks on PHP URLs: GET /66t.php HTTP/1.1	Web App Attack
🇧🇷 Peregrine	2026-06-22 03:13:11 (1 day ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:57 -0300] "GET /x.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /wss.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /ty.php?p= HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:58 -0300] "GET /Ar.php HTTP/1.1" 404 414 - 20.220.10.205 - - [20/Jun/2026:23:01:59 -0300] "GET /wpconf.php HTTP/1.1" 404 414 show less	Bad Web Bot
🇫🇷 alpha	2026-06-22 02:40:48 (1 day ago)	Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)	Bad Web Bot Web App Attack
🇦🇹 joe-abuse	2026-06-22 01:39:09 (1 day ago)	Automated report from fail2ban on www.fitzgerald.eu. Jail: apache-badpaths. First seen: 2026-06-21 0 ... show more Automated report from fail2ban on www.fitzgerald.eu. Jail: apache-badpaths. First seen: 2026-06-21 06:00:08. Events: 10. Reported by ipdb-security/fitzgerald.eu show less	Web App Attack
🇬🇧 AvonleaConsulting	2026-06-21 22:49:50 (1 day ago)	Brute force attack stopped by firewall	Web Spam Brute-Force Web App Attack
🇫🇷 tecnicorioja	2026-06-21 22:01:09 (1 day ago)	wp-login attack [21/Jun/2026:04:28:08	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-21 22:01:02 (1 day ago)	Auto-ban: 16 malicious requests on 2026-06-20 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 16 malicious requests on 2026-06-20 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇳🇱 oisecnet	2026-06-21 21:01:08 (1 day ago)	Automated report: Unauthorized vulnerability scanning detected on 2026-06-21. 5 requests from this I ... show more Automated report: Unauthorized vulnerability scanning detected on 2026-06-21. 5 requests from this IP. show less	Brute-Force Web App Attack SSH
🇩🇪 Holger	2026-06-21 19:19:01 (2 days ago)	WordPress WebAttack	Brute-Force Web App Attack
🇫🇷 ACE-INFORMATIQUE.NC	2026-06-21 19:00:05 (2 days ago)	Bad Web Bot + Web App Attack blocked by Fail2ban	Bad Web Bot Web App Attack
Anonymous	2026-06-21 15:07:58 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 352 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.136

🇺🇸 172.174.244.189

🇨🇳 47.98.157.200

🇩🇪 207.154.246.19

🇷🇴 193.239.176.203

🇸🇬 129.226.147.152

🇨🇳 109.244.96.121

🇳🇬 102.88.137.213

🇺🇸 70.241.106.40

🇺🇸 64.227.11.237

🇨🇳 36.18.74.141

🇨🇳 27.185.57.13

🇺🇸 20.65.193.105

🇨🇴 179.1.181.196

🇧🇷 138.204.26.187

🇪🇬 105.196.55.130

🇳🇱 89.21.67.169

🇨🇳 58.212.237.167

🇺🇸 40.124.175.16

🇯🇵 40.74.69.216