JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.57.198.170

20.57.198.170 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 79%: ?

79%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.57.198.170

Whois 20.57.198.170

IP Abuse Reports for 20.57.198.170:

This IP address has been reported a total of 14 times from 13 distinct sources. 20.57.198.170 was first reported on June 17th 2026, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇭 filou812	2026-06-17 21:06:44 (13 hours ago)	url tried is "/wp/xmlrpc.php"	Web App Attack
🇫🇷 masterguru	2026-06-17 10:02:12 (1 day ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.57.198.170 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 20.57.198.170 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇩🇪 big-cloud.nl	2026-06-17 10:02:10 (1 day ago)	Try to access /wp/xmlrpc.php	Web App Attack
🇺🇸 Penny Packer	2026-06-17 09:57:46 (1 day ago)	Fail2Ban apache-tripwires	Web App Attack
🇺🇸 WellSpring	2026-06-17 09:43:39 (1 day ago)	xmlrpc exploit on 442.today/wp/xmlrpc.php — WellSpr.ing/NetSentinel civic-AI security layer	Brute-Force Web App Attack
🇺🇸 ipblock.com	2026-06-17 09:22:00 (1 day ago)	IPBlock protected site ID [4055-d][s=01]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-17 09:21:29 (1 day ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 20.57.198.170 (US/United States/-): 1 in the l ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 20.57.198.170 (US/United States/-): 1 in the last 3600 secs (0-196) show less	Hacking
🇸🇬 securejdprop	2026-06-17 09:21:02 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing	Hacking Web App Attack
🇩🇪 4server	2026-06-17 09:19:06 (1 day ago)	[WedJun1711:19:02.9783102026][security2:error][pid2757569:tid2757680][client20.57.198.170:0]ModSecur ... show more [WedJun1711:19:02.9783102026][security2:error][pid2757569:tid2757680][client20.57.198.170:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"dellafoglia.ch\"][uri\"/wp/xmlrpc.php\"][unique_id\"ajJmhk_XfNvyJ12ajyCCagAAAEg\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 pltcldvlpr	2026-06-17 09:14:06 (1 day ago)	CMS/framework probe: 20.57.198.170 - - [17/Jun/2026:11:14:06 +0200] "GET /wp/xmlrpc.php HTTP/1.1" 40 ... show more CMS/framework probe: 20.57.198.170 - - [17/Jun/2026:11:14:06 +0200] "GET /wp/xmlrpc.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" asn=8075 org="Microsoft Corporation" country=US ... show less	Web App Attack
🇫🇮 inlink.ltd	2026-06-17 09:09:09 (1 day ago)	Known malicious PHP file or CMS probe	Web App Attack
🇩🇪 bescared	2026-06-17 09:07:19 (1 day ago)	F2B - Malicious activity detected. URL Probing. -8ff06ede-	Hacking Bad Web Bot Web App Attack
🇫🇷 polido	2026-06-17 09:03:26 (1 day ago)	Unauthorized connection attempt to port 443 from 20.57.198.170	Port Scan
🇳🇿 Tripwire	2026-06-17 08:36:55 (1 day ago)	Probing for Wordpress - /wp/xmlrpc.php	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 185.224.128.16

🇨🇳 112.248.143.42

🇺🇸 65.110.40.33

🇭🇰 47.243.58.151

🇪🇸 193.46.192.20

🇳🇱 172.94.9.74

🇨🇳 120.194.220.230

🇨🇦 104.239.42.205

🇳🇱 91.92.40.36

🇩🇪 68.183.212.68

🇺🇸 66.132.172.253

🇨🇳 47.96.40.13

🇳🇱 45.148.10.141

🇨🇭 37.120.213.13

🇬🇧 35.203.211.174

🇮🇪 34.253.229.183

🇺🇸 20.15.200.1

🇺🇸 195.184.76.178

🇱🇹 158.173.79.186

🇻🇳 116.110.156.90