JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.197.178.106

20.197.178.106 was found in our database!

This IP was reported 312 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.197.178.106

Whois 20.197.178.106

IP Abuse Reports for 20.197.178.106:

This IP address has been reported a total of 312 times from 258 distinct sources. 20.197.178.106 was first reported on June 15th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-19 22:13:11 (1 day ago)	Unauthorized web scan.	Web App Attack
🇧🇷 Peregrine	2026-06-19 03:13:48 (2 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.197.178.106 104.22.10.71 - - [16/Jun/2026:09:49: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.197.178.106 104.22.10.71 - - [16/Jun/2026:09:49:13 -0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇨🇦 zXero	2026-06-18 21:12:17 (2 days ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇪🇸 NullBlue	2026-06-18 07:40:34 (3 days ago)	Web application attack (100 exploit/scan requests). Captured by NullBlue67 honeypot - 2026-06-18.	Hacking Web App Attack
🇳🇱 Site.eu	2026-06-18 07:35:21 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇧🇷 Peregrine	2026-06-18 03:13:34 (3 days ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.197.178.106 104.22.10.71 - - [16/Jun/2026:09:49: ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.197.178.106 104.22.10.71 - - [16/Jun/2026:09:49:13 -0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 18193 show less	Bad Web Bot
Anonymous	2026-06-17 13:05:56 (4 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇮🇳 walkintoadmin	2026-06-17 08:47:18 (4 days ago)	87 scanner paths, 69/87 4xx	Bad Web Bot Web App Attack
🇭🇺 DumaNet	2026-06-17 07:29:00 (4 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 17. 02:31:32 Source IP: 20.197 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 17. 02:31:32 Source IP: 20.197.178.106 Portion of the log(s): 20.197.178.106 - [17/Jun/2026:02:31:31 +0200] "GET /lib.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:31 +0200] "GET /ms-edit.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:31 +0200] "GET /classwithtostring.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:31 +0200] "GET /file.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:30 +0200] "GET /tool.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:30 +0200] "GET /inputs.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:30 +0200] "GET /aaf.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:30 +0200] "GET /file5.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:29 +0200] "GET /wp-access.php HTTP/1.1" 404 153 "-" "-" 20.197.178.106 - [17/Jun/2026:02:31:29 +0200] "GET /jga.php HTTP/1.1" 404 show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-17 05:14:06 (4 days ago)	840 attacks on PHP URLs: GET /ey5.php HTTP/1.1	Web App Attack
🇱🇮 wmek	2026-06-17 03:21:29 (4 days ago)	Attack (3x confirmed): cpfence-block(10x),cpfence-block(15x),cpfence-block(20x). Port: 443/tcp. URI: ... show more Attack (3x confirmed): cpfence-block(10x),cpfence-block(15x),cpfence-block(20x). Port: 443/tcp. URI: web-service. WAF rule: 0. Protocol: HTTPS. Detected by: WAF/IDS (OWASP CRS ModSecurity). show less	Web App Attack Port Scan
Anonymous	2026-06-17 02:26:16 (4 days ago)	Portscan: TCP/80 (9x)	Port Scan
🇬🇧 andypiper	2026-06-17 01:00:40 (4 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 sandap1	2026-06-17 00:35:00 (4 days ago)	Blocked by os-abuseipdb; 5 hits, proto=tcp, ports=80,src_ip=20.197.178.106	Port Scan Hacking
🇫🇷 Donovan	2026-06-17 00:30:31 (4 days ago)	Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-http - 10 attempt(s)	Web App Attack

Showing 1 to 15 of 312 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇪 190.223.36.108

🇧🇷 179.48.33.199

🇮🇩 157.10.184.107

🇭🇰 152.32.209.166

🇮🇳 139.59.36.109

🇮🇹 95.141.32.17

🇧🇬 79.124.49.70

🇺🇸 66.132.195.110

🇺🇸 216.180.246.213

🇳🇱 204.76.203.206

🇺🇸 192.34.164.13

🇧🇷 179.63.134.195

🇺🇸 178.128.147.121

🇸🇬 139.59.236.63

🇨🇳 111.26.177.216

🇱🇹 91.224.92.87

🇨🇦 85.217.149.27

🇺🇸 66.132.186.254

🇺🇸 52.167.144.220

🇲🇾 47.254.230.85