JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.206.105.71

20.206.105.71 was found in our database!

This IP was reported 204 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.206.105.71

Whois 20.206.105.71

IP Abuse Reports for 20.206.105.71:

This IP address has been reported a total of 204 times from 182 distinct sources. 20.206.105.71 was first reported on June 22nd 2026, and the most recent report was 5 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 igerman	2026-06-22 18:34:58 (5 minutes ago)	caddy probes: admin-panel: GET /admin.update.php(DROP) \| web: GET /FAQ.php?p=(DROP), GET /alls.php(D ... show more caddy probes: admin-panel: GET /admin.update.php(DROP) \| web: GET /FAQ.php?p=(DROP), GET /alls.php(DROP), GET /by.php(DROP), GET /coffexium.php(DROP), GET /footer.php(DROP), GET /hoeig.php(DROP), GET /images.php(DROP), GET /images/(DROP), GET /includesh1.php?p=(DROP), GET /kuj8rl.php?p=(DROP), GET /maxx.php(DROP), GET /red.php(DROP), GET /this_is_a_new_hello_world.php(DROP), GET /x.php(DROP), GET /xj241t.php(DROP), GET /yyu.php(DROP), GET /zoro.php(DROP) \| wordpress: GET /wp-admin/css/colors/coffee/wp-adochan.php(DROP), GET /wp-content/index.php(DROP), GET /wp-content/plugins/hellopress/wp_filemanager.php(DROP), GET /wp-content/uploads/(DROP), GET /wp-feob.php(DROP), GET /wp-includes/Text/(DROP), GET /wp-includes/sodium_compat/(DROP) show less	Web App Attack
🇺🇸 factor1	2026-06-22 18:32:40 (7 minutes ago)	Fail2ban at saturn Reports Abuse.	Bad Web Bot
Anonymous	2026-06-22 18:30:24 (9 minutes ago)	[23/Jun/2026:04:30:23 +1000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 32 ... show more [23/Jun/2026:04:30:23 +1000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 329 show less	Hacking Web App Attack
🇷🇺 sms.ru	2026-06-22 18:22:00 (18 minutes ago)	/wp-admin/css/colors/coffee/wp-adochan.php	Web App Attack
🇧🇷 Halux	2026-06-22 18:13:18 (26 minutes ago)	20.206.105.71 Probing protected path or service	Web App Attack
Anonymous	2026-06-22 18:11:48 (28 minutes ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
Anonymous	2026-06-22 18:05:07 (35 minutes ago)	PHP file probing detected by Fail2Ban	Web App Attack
🇹🇭 Sawasdee	2026-06-22 18:00:12 (39 minutes ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇳🇱 DrLex0	2026-06-22 17:59:07 (41 minutes ago)	The eternal WordPress and/or random PHP poking from Azure ranges; MS is either incapable of stopping ... show more The eternal WordPress and/or random PHP poking from Azure ranges; MS is either incapable of stopping this, or willingly allows it. 20.206.105.71 80 - [22/Jun/2026:17:59:06 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 2383 "-" "-" 20.206.105.71 80 - [22/Jun/2026:17:59:07 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 2383 "-" "-" show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Tamsy	2026-06-22 17:58:42 (41 minutes ago)	HTTPD - Web Application scripting attack	Web App Attack
🇺🇸 Gabriel Camargo	2026-06-22 17:56:37 (43 minutes ago)	20.206.105.71 - - [22/Jun/2026:12:54:49 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.206.105.71 - - [22/Jun/2026:12:54:49 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" 20.206.105.71 - - [22/Jun/2026:12:56:35 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" 20.206.105.71 - - [22/Jun/2026:12:56:36 -0500] "GET /this_is_a_new_hello_world.php HTTP/1.1" 301 178 "-" "-" ... show less	Brute-Force SSH
🇫🇷 viki53	2026-06-22 17:45:33 (54 minutes ago)	Website hacking attempt (path: /wp-content/plugins/hellopress/wp_filemanager.php)	Hacking Web App Attack
Anonymous	2026-06-22 17:44:23 (55 minutes ago)	[Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager ... show more [Drupal AbuseIPDB module] Request path is blacklisted. /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇫🇷 largo-it.net	2026-06-22 17:43:58 (56 minutes ago)	Jun 22 19:43:51 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:50.861] www_fro ... show more Jun 22 19:43:51 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:50.861] www_frontend~ blog_largo_cluster/blog_largo 0/0/0/289/290 404 44326 - - ---- 54/2/0/0/0 0/0 "GET /wp-blink.php HTTP/1.1" Jun 22 19:43:52 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:51.999] www_frontend~ blog_largo_cluster/blog_largo 0/0/1/221/224 404 44326 - - ---- 54/2/0/0/0 0/0 "GET /2000.php HTTP/1.1" Jun 22 19:43:53 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:52.843] www_frontend~ blog_largo_cluster/blog_largo 0/0/1/228/230 404 44326 - - ---- 54/3/0/0/0 0/0 "GET /sid4.php HTTP/1.1" Jun 22 19:43:54 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:54.003] www_frontend~ blog_largo_cluster/blog_largo 0/0/1/204/206 404 44326 - - ---- 55/3/0/0/0 0/0 "GET /wp-rivoni.php HTTP/1.1" Jun 22 19:43:55 vps-9f3cdc33 haproxy[793757]: 20.206.105.71:57080 [22/Jun/2026:19:43:54.834] www_frontend~ blog_largo_cluster/blog_largo 0/0/0/170/171 ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 nekoify	2026-06-22 17:42:18 (57 minutes ago)	IP has triggered Cloudflare WAF. action: managed_challenge source: botFight clientAsn: 8075 clientAS ... show more IP has triggered Cloudflare WAF. action: managed_challenge source: botFight clientAsn: 8075 clientASNDescription: Microsoft Corporation clientCountryName: BR clientIP: 20.206.105.71 clientRequestHTTPMethodName: GET clientRequestHTTPProtocol: HTTP/1.1 clientRequestPath: /an9.php clientRequestQuery: datetime: 2026-06-22T17:42:18Z rayName: a0fd0c7dc900c58a ruleId: bot_fight_mode userAgent: . show less	Open Proxy VPN IP Port Scan Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 204 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.116.220.252

🇮🇹 172.232.203.178

🇨🇦 158.69.227.40

🇺🇸 135.233.96.197

🇰🇷 112.216.129.27

🇳🇱 45.148.10.67

🇳🇱 31.220.4.64

🇺🇸 2607:f8b0:4004:1007::128

🇺🇸 216.25.89.98

🇨🇭 209.99.185.239

🇧🇷 203.188.168.76

🇹🇼 198.235.24.98

🇺🇸 162.216.149.15

🇺🇸 141.11.88.5

🇦🇷 138.118.215.192

🇮🇱 138.16.103.229

🇻🇳 112.213.89.124

🇭🇰 103.224.80.102

🇮🇩 103.156.248.122

🇫🇷 51.68.44.234