JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.251.193.202

20.251.193.202 was found in our database!

This IP was reported 170 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇳🇴 Norway
City	Oslo, Oslo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.251.193.202

Whois 20.251.193.202

IP Abuse Reports for 20.251.193.202:

This IP address has been reported a total of 170 times from 151 distinct sources. 20.251.193.202 was first reported on June 11th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-13 21:59:52 (1 week ago)	Auto-ban: 320 malicious requests on 2026-06-12 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 320 malicious requests on 2026-06-12 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
Anonymous	2026-06-13 11:04:20 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NO, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: NO, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇭🇺 DumaNet	2026-06-13 07:31:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 12. 20:20:55 Source IP: 20.251 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 12. 20:20:55 Source IP: 20.251.193.202 Portion of the log(s): 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /ops.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /SrHD3odefault.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /x.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /zoper.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /jj_260530013947.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /hoeig.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /hypo.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:52 +0200] "GET /l.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:51 +0200] "GET /gscxejbc.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:20:20:51 +0200] "GET /lala.php HTTP/1.1" 404 show less	Web App Attack
🇭🇺 DumaNet	2026-06-13 07:02:00 (1 week ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 12. 13:16:22 Source IP: 20.251 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 12. 13:16:22 Source IP: 20.251.193.202 Portion of the log(s): 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /geforce.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /155.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /xstelth.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /ms-edit.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /error_log.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /100.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /ng.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /flox.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /206.php HTTP/1.1" 404 153 "-" "-" 20.251.193.202 - [12/Jun/2026:13:16:19 +0200] "GET /4PJcpMFsD8B.php HTTP/1.1" 404 show less	Web App Attack
🇮🇹 LTM	2026-06-13 06:20:01 (1 week ago)	WebServer - Attempts to exploit	Hacking Brute-Force Web App Attack
🇳🇨 ACE-INFORMATIQUE.NC	2026-06-13 06:00:09 (1 week ago)	Malicious CGI/web attack blocked by Fail2ban	Web App Attack
🇪🇸 Gem	2026-06-13 05:59:38 (1 week ago)	Unauthorized web scan.	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-13 05:14:25 (1 week ago)	269 attacks on PHP URLs: GET /ey5.php HTTP/1.1	Web App Attack
Anonymous	2026-06-13 01:41:57 (1 week ago)	Portscan: TCP/80 (6x)	Port Scan
🇬🇧 andypiper	2026-06-13 01:00:17 (1 week ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇦 1gz	2026-06-13 00:44:23 (1 week ago)	Triggered Cloudflare WAF (firewallCustom) from NO. Action taken: CHALLENGE Protocol: HTTP/1.1 (GET m ... show more Triggered Cloudflare WAF (firewallCustom) from NO. Action taken: CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /img.php UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-06-13 00:43:06 (1 week ago)	20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" "-" "X" 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 403 190 "-" "-" "-" "X" 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 301 162 "-" "-" "-" "X" 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 403 190 "-" "-" "-" "X" 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /aaf.php HTTP/1.1" 301 162 "-" "-" "-" "X" 20.251.193.202 - - [13/Jun/2026:02:43:06 +0200] "GET /aaf.php HTTP/1.1" 403 190 "-" "-" "-" "X" show less	Brute-Force
Anonymous	2026-06-13 00:41:20 (1 week ago)	20.251.193.202 - - [12/Jun/2026:20:41:03 -0400] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.251.193.202 - - [12/Jun/2026:20:41:03 -0400] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:03 -0400] "GET /this_is_a_new_hello_world.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:03 -0400] "GET /classgoto24.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:04 -0400] "GET /cu.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:04 -0400] "GET /4PJcpMFsD8B.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:04 -0400] "GET /206.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:05 -0400] "GET /flox.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:05 -0400] "GET /ng.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:05 -0400] "GET /100.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41:07 -0400] "GET /ms-edit.php HTTP/1.0" 403 199 "-" "-" 20.251.193.202 - - [12/Jun/2026:20:41: ... show less	Brute-Force Bad Web Bot Web App Attack
🇦🇹 vikal	2026-06-13 00:36:54 (1 week ago)	20.251.193.202 - - [13/Jun/2026:02:36:54 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 20.251.193.202 - - [13/Jun/2026:02:36:54 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" ... show less	Brute-Force SSH
Anonymous	2026-06-13 00:34:38 (1 week ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager ... show more [Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack

Showing 1 to 15 of 170 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 197.156.97.198

🇮🇩 103.49.223.111

🇧🇷 177.71.102.199

🇮🇪 168.63.79.147

🇭🇰 154.198.162.75

🇫🇮 147.185.133.237

🇳🇱 91.92.40.231

🇺🇸 64.227.59.76

🇳🇱 45.148.10.152

🇺🇸 20.127.244.253

🇨🇳 220.181.108.112

🇵🇸 213.6.148.5

🇭🇰 199.45.154.132

🇺🇸 192.178.65.16

🇧🇷 186.224.251.119

🇳🇱 176.65.132.5

🇺🇸 165.154.182.12

🇷🇴 80.94.92.187

🇧🇷 45.205.1.242

🇷🇴 2.57.122.238