JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.220.149.193

20.220.149.193 was found in our database!

This IP was reported 135 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.220.149.193

Whois 20.220.149.193

IP Abuse Reports for 20.220.149.193:

This IP address has been reported a total of 135 times from 115 distinct sources. 20.220.149.193 was first reported on June 15th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 00:17:28 (2 hours ago)	Too many Status 40X (65) Request Overload (135)	Brute-Force Web App Attack
🇮🇳 dineshskt4all	2026-06-15 23:27:14 (3 hours ago)	[Mon Jun 15 23:27:11.778790 2026] [proxy_fcgi:error] [pid 739150:tid 138839448286912] [client 20.220 ... show more [Mon Jun 15 23:27:11.778790 2026] [proxy_fcgi:error] [pid 739150:tid 138839448286912] [client 20.220.149.193:0] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force
🇺🇸 chronos	2026-06-15 23:25:17 (3 hours ago)	[AUTORAVALT][[15/06/2026 - 20:25:17 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.149.193] ... show more [AUTORAVALT][[15/06/2026 - 20:25:17 -03:00 UTC] Attack from [Microsoft Corporation] [20.220.149.193] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software] ... show less	Hacking Web App Attack
🇫🇷 Guardian	2026-06-15 23:11:49 (3 hours ago)	Multi abuses [2]: Scanning for installed WordPress and vulnerabilities, Unauthorized connection atte ... show more Multi abuses [2]: Scanning for installed WordPress and vulnerabilities, Unauthorized connection attempt / Port scanning (x2) 20.220.149.193 [15/Jun/2026:23:11:48] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 20.220.149.193 [15/Jun/2026:23:11:49] "GET /this_is_a_new_hello_world.php HTTP/1.1" 20.220.149.193 [15/Jun/2026:23:11:49] "GET /jj.php HTTP/1.1" show less	Port Scan Web App Attack
Anonymous	2026-06-15 23:02:47 (3 hours ago)	[15-Jun-2026 19:02:46 America/New_York] Page Not Found: wp_filemanager.php [20.220.149.193] [15-Jun- ... show more [15-Jun-2026 19:02:46 America/New_York] Page Not Found: wp_filemanager.php [20.220.149.193] [15-Jun-2026 19:02:46 America/New_York] Page Not Found: this_is_a_new_hello_world.php [20.220.149.193] ... show less	Brute-Force
🇦🇺 Anytech	2026-06-15 23:02:36 (3 hours ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇮🇹 ivanbiagi7	2026-06-15 22:49:29 (3 hours ago)	(localhost/crowdsec) crowdsecurity/http-wordpress-scan by ip 20.220.149.193 (CA/8075) : 4h ban on Ip ... show more (localhost/crowdsec) crowdsecurity/http-wordpress-scan by ip 20.220.149.193 (CA/8075) : 4h ban on Ip 20.220.149.193 show less	Port Scan
🇷🇺 Reaper	2026-06-15 22:33:29 (3 hours ago)	Repeated 404 errors from 20.220.149.193	Web App Attack
🇸🇪 nekopavel	2026-06-15 22:30:01 (4 hours ago)	20.220.149.193 - - [16/Jun/2026:00:29:55 +0200]"GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.220.149.193 - - [16/Jun/2026:00:29:55 +0200]"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162"-" thighs.moe "-""0.000" "-""Toronto" "CA" 20.220.149.193 - - [16/Jun/2026:00:29:56 +0200]"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 187"-" thighs.moe "-""0.010" "0.001""Toronto" "CA" 20.220.149.193 - - [16/Jun/2026:00:29:59 +0200]"GET /wp-ccv.php HTTP/1.1" 301 162"-" thighs.moe "-""0.000" "-""Toronto" "CA" ... show less	Hacking Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-15 22:28:38 (4 hours ago)		Brute-Force Web App Attack
🇫🇷 Kraften	2026-06-15 22:24:33 (4 hours ago)	Web noscript attack ...	Web Spam Web App Attack
Anonymous	2026-06-15 22:21:50 (4 hours ago)	20.220.149.193 - - [16/Jun/2026:00:18:20 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.220.149.193 - - [16/Jun/2026:00:18:20 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:20 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:20 +0200] "GET /size.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:20 +0200] "GET /lock.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:21 +0200] "GET /ops.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:21 +0200] "GET /8.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:25 +0200] "GET /mac.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:25 +0200] "GET /jp.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:25 +0200] "GET /acp.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:25 +0200] "GET /wp-ccv.php HTTP/1.1" 404 502 "-" "-" 20.220.149.193 - - [16/Jun/2026:00:18:25 +0200] "GET /s ... show less	DDoS Attack
🇩🇪 Lino Project	2026-06-15 22:08:35 (4 hours ago)	20.220.149.193 - - [16/Jun/2026:00:08:31 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.220.149.193 - - [16/Jun/2026:00:08:31 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 12202 "-" "-" ... show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-06-15 22:04:31 (4 hours ago)	[TueJun1600:04:26.6933492026][security2:error][pid1023768:tid1024371][client20.220.149.193:0]ModSecu ... show more [TueJun1600:04:26.6933492026][security2:error][pid1023768:tid1024371][client20.220.149.193:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"443\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"autodiscover.gsdsagl.ch\"][uri\"/wp-content/plugins/hellopress/wp_filemanager.php\"][unique_id\"ajB26pc3EGdRrEm5W4_3zgAAAII\"] show less	Hacking Web App Attack
🇩🇪 maxpower	2026-06-15 22:03:08 (4 hours ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.220.149.193 (CA/Canada/-): 1 in the last 3 ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.220.149.193 (CA/Canada/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.220.149.193 - - [16/Jun/2026:00:02:57 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 15319 "-" "-" "-" host=lucadipa.com show less	Port Scan

Showing 1 to 15 of 135 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.222.73.70

🇺🇸 162.216.150.167

🇮🇳 103.155.236.156

🇫🇷 85.217.140.39

🇷🇺 82.204.185.138

🇧🇬 78.128.113.74

🇳🇱 64.89.162.161

🇹🇼 61.222.211.114

🇨🇳 27.98.232.8

🇹🇼 198.235.24.51

🇷🇺 178.170.196.130

🇧🇷 143.0.56.88

🇺🇸 138.197.215.97

🇺🇸 91.230.168.169

🇷🇺 87.242.123.79

🇺🇸 64.62.197.86

🇳🇱 50.7.23.77

🇸🇬 47.84.141.183

🇻🇳 14.162.200.171

🇺🇸 2001:470:1:c84::139