JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.206.67.148

20.206.67.148 was found in our database!

This IP was reported 346 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.206.67.148

Whois 20.206.67.148

IP Abuse Reports for 20.206.67.148:

This IP address has been reported a total of 346 times from 279 distinct sources. 20.206.67.148 was first reported on June 22nd 2026, and the most recent report was 19 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 JCB	2026-06-23 15:36:00 (19 minutes ago)	20.206.67.148 - - [23/Jun/2026:12:05:00 +0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 456 ... show more 20.206.67.148 - - [23/Jun/2026:12:05:00 +0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 456 "-" "-" 20.206.67.148 - - [23/Jun/2026:12:05:00 +0300] "GET /sql.php HTTP/1.1" 404 456 "-" "-" ... show less	Web App Attack
🇺🇸 infra-monitor	2026-06-23 15:00:05 (55 minutes ago)	Automated ban via infra-monitor: webshell-high-confidence, wp-sensitive-paths	Hacking Web App Attack
🇮🇩 soc-yk	2026-06-23 14:19:12 (1 hour ago)	Type: web_scanning Risk: 100 Events: 154 Evidence: - Automated hostile web probing detected - Repea ... show more Type: web_scanning Risk: 100 Events: 154 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇩🇪 MarkGGN	2026-06-23 14:15:12 (1 hour ago)	Web attack. 20.206.67.148 - - [23/Jun/2026:16:15:09 +0200] "GET /xxx.php HTTP/1.1" 404 27 "-" "-" 20 ... show more Web attack. 20.206.67.148 - - [23/Jun/2026:16:15:09 +0200] "GET /xxx.php HTTP/1.1" 404 27 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:15:12 +0200] "GET /1.php HTTP/1.1" 404 27 "-" "-" show less	Web App Attack
Anonymous	2026-06-23 14:10:23 (1 hour ago)	20.206.67.148 - - [23/Jun/2026:16:10:14 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.206.67.148 - - [23/Jun/2026:16:10:14 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:15 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:15 +0200] "GET /sql.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:16 +0200] "GET /1index.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:16 +0200] "GET /xxx.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:16 +0200] "GET /dropdown.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:17 +0200] "GET /file11.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:17 +0200] "GET /png.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:18 +0200] "GET /wp-slss.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:18 +0200] "GET /ah25.php HTTP/1.1" 404 196 "-" "-" 20.206.67.148 - - [23/Jun/2026:16:10:18 +0200] "GET ... show less	Web App Attack
🇮🇩 Burayot	2026-06-23 14:07:17 (1 hour ago)	LF_APACHE_403: 20.206.67.148 (BR/Brazil/-), more than 10 Apache 403 hits in the last 3600 secs	Web App Attack
Anonymous	2026-06-23 14:04:00 (1 hour ago)	20.206.67.148 - - [23/Jun/2026:10:03:41 -0400] "GET /this_is_a_new_hello_world.php HTTP/1.0" 404 16 ... show more 20.206.67.148 - - [23/Jun/2026:10:03:41 -0400] "GET /this_is_a_new_hello_world.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:41 -0400] "GET /jj.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:42 -0400] "GET /click.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:42 -0400] "GET /222.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:42 -0400] "GET /z60.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:42 -0400] "GET /xml.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:43 -0400] "GET /acp.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:43 -0400] "GET /wp-home.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:44 -0400] "GET /t.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:44 -0400] "GET /BDKR28WP.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun/2026:10:03:44 -0400] "GET /41.php HTTP/1.0" 404 16 "-" "-" 20.206.67.148 - - [23/Jun ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-23 13:59:30 (1 hour ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-wordpress-scan.	Bad Web Bot Web App Attack
🇺🇸 MakoWish	2026-06-23 13:58:37 (1 hour ago)	Fuzzing for misconfigured web servers.	Hacking Web App Attack
🇺🇸 EricTheRedFL	2026-06-23 13:52:25 (2 hours ago)	web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:22 -0400] "GET /wp-content/plugins/hellopress ... show more web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:22 -0400] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 665 "-" "-" web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:22 -0400] "GET /this_is_a_new_hello_world.php HTTP/1.1" 301 627 "-" "-" web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:23 -0400] "GET /jj.php HTTP/1.1" 301 581 "-" "-" web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:23 -0400] "GET /click.php HTTP/1.1" 301 587 "-" "-" web.ab-data.us:80 20.206.67.148 - - [23/Jun/2026:09:52:24 -0400] "GET /222.php HTTP/1.1" 301 583 "-" "-" ... show less	Hacking Brute-Force Web App Attack
🇫🇷 Campus France	2026-06-23 13:51:38 (2 hours ago)	[Tue Jun 23 15:51:38.257127 2026] [php:error] [pid 53050] [client 20.206.67.148:61900] script '/var/ ... show more [Tue Jun 23 15:51:38.257127 2026] [php:error] [pid 53050] [client 20.206.67.148:61900] script '/var/www/html/desk.radio-campus.org/desk/www/this_is_a_new_hello_world.php' not found or unable to stat ... show less	Brute-Force Web App Attack
🇺🇸 MPL	2026-06-23 13:50:34 (2 hours ago)	tcp/80 (5 or more attempts)	Port Scan
🇩🇪 iNetWorker	2026-06-23 13:39:01 (2 hours ago)	trolling for resource vulnerabilities	Web App Attack
🇳🇱 ParaBug	2026-06-23 13:38:19 (2 hours ago)	20.206.67.148 - - [23/Jun/2026:15:38:19 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.206.67.148 - - [23/Jun/2026:15:38:19 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 565 "-" "-" ... show less	Phishing Brute-Force Web App Attack
🇺🇸 factor1	2026-06-23 13:36:14 (2 hours ago)	Fail2ban at saturn Reports Abuse.	Bad Web Bot

Showing 1 to 15 of 346 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 130.12.182.143

🇱🇹 62.60.130.219

🇮🇶 212.237.123.107

🇨🇳 116.179.32.97

🇹🇯 109.75.50.124

🇳🇱 91.92.42.63

🇫🇷 80.215.188.152

🇺🇸 69.171.249.138

🇩🇪 69.5.169.20

🇳🇱 45.156.128.130

🇸🇬 2404:6800:4003:c1a::12e

🇭🇳 170.83.118.179

🇩🇪 152.53.187.237

🇯🇵 149.22.87.52

🇨🇳 101.42.4.207

🇱🇻 81.30.98.49

🇳🇱 45.148.10.157

🇦🇺 34.40.145.110

🇺🇸 20.171.9.56

🇧🇷 189.14.113.7