JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.205.106.92

20.205.106.92 was found in our database!

This IP was reported 330 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇭🇰 Hong Kong
City	Hong Kong

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.205.106.92

Whois 20.205.106.92

IP Abuse Reports for 20.205.106.92:

This IP address has been reported a total of 330 times from 162 distinct sources. 20.205.106.92 was first reported on May 27th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 alferez	2026-06-03 03:57:27 (22 hours ago)	Searching hacked php files	Hacking Exploited Host Web App Attack
🇹🇭 thaizone.com	2026-06-03 03:17:29 (22 hours ago)	Brute Force Attack on a Web Resources (repeated 404) #1	DDoS Attack Web Spam Brute-Force Web App Attack
🇩🇪 AetherFox	2026-06-03 03:13:58 (22 hours ago)	AetherFox VoidGuard detected: [Wed Jun 03 03:13:57.731278 2026] [authz_core:error] [pid 2977433:tid ... show more AetherFox VoidGuard detected: [Wed Jun 03 03:13:57.731278 2026] [authz_core:error] [pid 2977433:tid 2977448] [client 20.205.106.92:4067] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/.trash7206/index.php [Wed Jun 03 03:13:57.731516 2026] [authz_core:error] [pid 2977433:tid 2977448] [client 20.205.106.92:4067] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Wed Jun 03 03:13:57.919612 2026] [authz_core:error] [pid 2977433:tid 2977441] [client 20.205.106.92:4067] AH01630: client denied by server configuration: proxy:https://hq.draconigen.net.dedivirt4209.your-server.de/.well-known/logs233/index.php [Wed Jun 03 03:13:57.919835 2026] [authz_core:error] [pid 2977433:tid 2977441] [client 20.205.106.92:4067] AH01630: client denied by server configuration: /var/www/html/ERRORpages/403.html [Wed Jun 03 03:13:58.107770 2026] [authz_core:error] [pid 2977433:tid 2977447] [client 20.2 ... show less	Bad Web Bot Web App Attack
🇺🇸 Epimetheus	2026-06-03 02:46:32 (23 hours ago)	Unauthorized access attempts: [GET] /wp-content/uploads/ [GET] /wp-includes/js/crop/ [GET] /edit.ph ... show more Unauthorized access attempts: [GET] /wp-content/uploads/ [GET] /wp-includes/js/crop/ [GET] /edit.php [GET] /ff1.php [GET] /admin.php [GET] /about.php [GET] /lite.php [GET] /wp-admin/js/widgets/ [GET] /.trash7206/index.php [GET] /.well-known/logs233/index.php [GET] /wp-admin/maint/ [GET] /wp-content/themes/admin.php [GET] /wp-admin/ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
Anonymous	2026-06-03 02:39:15 (23 hours ago)	20.205.106.92 - - [03/Jun/2026:04:39:08 +0200] "GET /wp-content/themes/haha.php HTTP/1.1" 404 450 "- ... show more 20.205.106.92 - - [03/Jun/2026:04:39:08 +0200] "GET /wp-content/themes/haha.php HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:04:39:08 +0200] "GET /wp-content/themes/theme/about.php HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:04:39:09 +0200] "GET /wp-content/plugins/plugin/index.php HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:04:39:15 +0200] "GET /wp-content/themes/admin.php HTTP/1.1" 404 450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:04:39:15 +0200] "GET /wp-content/uploads/admin.php HTTP/1.1" 404 450 "-" "Mozilla/5.0 (W ... show less	Brute-Force Web App Attack
🇬🇧 andypiper	2026-06-03 01:02:09 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 4server	2026-06-03 00:45:48 (1 day ago)	[WedJun0302:45:44.8200862026][security2:error][pid921773:tid921811][client20.205.106.92:0]ModSecurit ... show more [WedJun0302:45:44.8200862026][security2:error][pid921773:tid921811][client20.205.106.92:0]ModSecurity:Accessdeniedwithcode403$phase2$.Matchof\"rx/index\\\\\\\\.php\$\"against\"REQUEST_FILENAME\"required.[file\"/etc/apache2/conf.d/modsec_rules/51_asl_wordpress_extra.conf\"][line\"33\"][id\"333149\"][rev\"21\"][msg\"Atomicorp.comWAFRules:PossiblePHPwebshelldetectedandblocked\"][severity\"CRITICAL\"][hostname\"hopitalprovidence.org\"][uri\"/wp-content/uploads/admin.php\"][unique_id\"ah95OJEjL51O3DwabO0QTwAAAA0\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 Mundo Bueno	2026-06-03 00:41:50 (1 day ago)	[ISILIA Protection v2.1] Tentative d'accès: /cgi-bin/ \| Pays: HK \| UA: Mozilla/5.0 (Windows NT 10.0; ... show more [ISILIA Protection v2.1] Tentative d'accès: /cgi-bin/ \| Pays: HK \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Sa show less	Hacking Web App Attack
🇺🇸 antlac1	2026-06-03 00:17:39 (1 day ago)	crowdsecurity/http-probing	Brute-Force Web App Attack
🇫🇷 ✨	2026-06-03 00:12:13 (1 day ago)	Rule : Security IP in black list	Port Scan Hacking Brute-Force
🇪🇸 el-brujo	2026-06-02 23:40:18 (1 day ago)	[Wed Jun 03 01:40:17.944843 2026] [proxy_fcgi:error] [pid 258508:tid 258605] [remote 20.205.106.92:0 ... show more [Wed Jun 03 01:40:17.944843 2026] [proxy_fcgi:error] [pid 258508:tid 258605] [remote 20.205.106.92:0] AH01071: Got error 'Primary script unknown' [Wed Jun 03 01:40:18.230453 2026] [proxy_fcgi:error] [pid 258508:tid 258623] [remote 20.205.106.92:0] AH01071: Got error 'Primary script unknown' ... show less	Hacking Web App Attack
🇩🇪 NetShield-DE	2026-06-02 23:07:20 (1 day ago)	Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-03T ... show more Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-03T01:07:01+0200. Last: 2026-06-03T01:07:01+0200. Samples: - 2026-05-31 00:33:57,579 fail2ban.actions [1405153]: NOTICE [abuseipdb] Ban 20.205.106.92 show less	Web App Attack
🇪🇸 XiDeRo	2026-06-02 22:47:01 (1 day ago)	IP bloqueada por puntuación de karma acumulada (Guardian Web v2).	Port Scan Web App Attack
🇩🇪 FeG Deutschland	2026-06-02 22:36:05 (1 day ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 2	Exploited Host Web App Attack
Anonymous	2026-06-02 22:29:18 (1 day ago)	20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /.trash7206/index.php HTTP/1.1" 404 196 "-" "Moz ... show more 20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /.trash7206/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /.well-known/logs233/index.php?p= HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /wp-content/themes/haha.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /wp-content/themes/theme/about.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.205.106.92 - - [03/Jun/2026:00:29:14 +0200] "GET /wp-content/plugins/plugin/index.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Wind ... show less	Web App Attack

Showing 31 to 45 of 330 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 120.138.6.3

🇨🇳 49.232.26.51

🇵🇱 109.243.148.82

🇮🇩 103.157.26.23

🇭🇰 65.181.88.245

🇯🇵 43.167.198.92

🇸🇬 43.160.250.64

🇳🇱 31.14.32.7

🇨🇳 14.210.130.55

🇦🇪 2.49.144.102

🇸🇬 194.5.82.56

🇦🇷 190.12.114.103

🇧🇬 185.31.121.107

🇺🇸 162.216.149.53

🇵🇭 143.44.165.193

🇨🇳 122.96.28.145

🇪🇸 87.235.201.62

🇩🇪 69.5.169.243

🇩🇪 69.5.169.238

🇩🇪 69.5.169.227