JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.5.216.136

20.5.216.136 was found in our database!

This IP was reported 119 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇦🇺 Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.5.216.136

Whois 20.5.216.136

IP Abuse Reports for 20.5.216.136:

This IP address has been reported a total of 119 times from 105 distinct sources. 20.5.216.136 was first reported on June 2nd 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 peter678263	2026-06-03 04:00:28 (1 day ago)	...	Brute-Force FTP Brute-Force
🇦🇺 rubixstudios	2026-06-03 03:52:03 (1 day ago)	Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360	DDoS Attack Brute-Force Web App Attack
🇫🇷 masterguru	2026-06-03 03:50:12 (1 day ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-196)	Hacking
🇩🇪 ghostwarriors	2026-06-03 03:50:03 (1 day ago)	Attempts against non-existent wp-login	Brute-Force Web App Attack
Anonymous	2026-06-03 03:48:08 (1 day ago)	wp admin page access attempt ...	Hacking Web App Attack
🇩🇪 Holger	2026-06-03 03:40:41 (1 day ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-03 03:28:11 (1 day ago)	Ports: *; Direction: 0; Trigger: CT_LIMIT	Brute-Force SSH
🇦🇺 clapper	2026-06-03 03:17:01 (1 day ago)	20.5.216.136 (AU/Australia/-), more than 200 Apache 404 hits in the last 3600 secs; ID: LUC	Brute-Force Bad Web Bot
🇫🇷 masterguru	2026-06-03 03:13:17 (1 day ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.5.216.136 (AU/Australia/-): 1 in t ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 20.5.216.136 (AU/Australia/-): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2026-06-03 03:08:32 (1 day ago)		Web App Attack
🇩🇪 SiyCah	2026-06-03 03:00:01 (1 day ago)	IP banned by fail2ban; banned in jail apache-auth. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇳🇱 Roderic	2026-06-03 02:51:37 (1 day ago)	20.5.216.136 (AU/Australia/New South Wales/Sydney/-/[redacted]), more than 30 Apache 403 hits	Hacking
Anonymous	2026-06-03 02:49:29 (1 day ago)	[email.tmg.gr] httpd-404: sites=global; logs=/var/log/httpd/access_log; samples=/wp-content/plugins/ ... show more [email.tmg.gr] httpd-404: sites=global; logs=/var/log/httpd/access_log; samples=/wp-content/plugins/hellopress/wp_filemanager.php \| /this_is_a_new_hello_world.php \| /nf_tracking.php show less	Web App Attack
🇩🇪 updown.io	2026-06-03 02:44:51 (1 day ago)	{"level":"info","ts":1780454525.9334257,"logger":"http.log.access.log0","msg":"handled request","req ... show more {"level":"info","ts":1780454525.9334257,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"20.5.216.136","remote_port":"55090","client_ip":"20.5.216.136","proto":"HTTP/1.1","method":"GET","host":"a524.status.updown.io","uri":"/wp-content/plugins/hellopress/wp_filemanager.php","headers":{}},"bytes_read":0,"user_id":"","duration":0.000077066,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Location":["https://a524.status.updown.io/wp-content/plugins/hellopress/wp_filemanager.php"],"Content-Type":[]}} {"level":"info","ts":1780454528.6632595,"logger":"http.log.access.log0","msg":"handled request","request":{"remote_ip":"20.5.216.136","remote_port":"56969","client_ip":"20.5.216.136","proto":"HTTP/1.1","method":"GET","host":"a524.status.updown.io","uri":"/this_is_a_new_hello_world.php","headers":{}},"bytes_read":0,"user_id":"","duration":0.000053071,"size":0,"status":308,"resp_headers":{"Server":["Caddy"],"Connection":["close"],"Lo ... show less	DDoS Attack Web App Attack
Anonymous	2026-06-03 02:28:53 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking

Showing 76 to 90 of 119 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.5.31.61

🇷🇺 188.92.241.148

🇺🇸 178.128.66.109

🇺🇸 172.253.213.30

🇨🇦 172.69.130.161

🇫🇮 147.185.133.46

🇺🇸 147.93.132.140

🇭🇰 123.58.210.86

🇺🇸 75.127.15.105

🇺🇸 66.132.195.33

🇲🇾 47.250.175.234

🇰🇷 211.106.137.135

🇻🇳 180.93.172.213

🇧🇷 177.93.207.226

🇺🇸 173.194.101.126

🇺🇸 162.216.149.188

🇺🇸 57.152.34.196

🇬🇧 35.203.211.32

🇬🇧 31.14.254.47

🇧🇬 5.188.206.46