JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.206.87.81

20.206.87.81 was found in our database!

This IP was reported 284 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.206.87.81

Whois 20.206.87.81

IP Abuse Reports for 20.206.87.81:

This IP address has been reported a total of 284 times from 235 distinct sources. 20.206.87.81 was first reported on June 8th 2026, and the most recent report was 20 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-11 09:27:38 (20 hours ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-09 23:17:05 (2 days ago)	[Mon Jun 08 17:42:33.391198 2026] [access_compat:error] [pid 271916:tid 271916] [client 20.206.87.81 ... show more [Mon Jun 08 17:42:33.391198 2026] [access_compat:error] [pid 271916:tid 271916] [client 20.206.87.81:49792] AH01797: client denied by server configuration: /var/www/html/wp-content [Mon Jun 08 17:42:54.792215 2026] [access_compat:error] [pid 271916:tid 271916] [client 20.206.87.81:49792] AH01797: client denied by server configuration: /var/www/html/modules ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-09 14:08:56 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇫🇷 geot	2026-06-09 10:33:12 (2 days ago)	GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1	Web App Attack
🇳🇱 JCB	2026-06-09 07:55:00 (2 days ago)	20.206.87.81 - - [08/Jun/2026:23:15:48 +0300] "GET /waf.php HTTP/1.1" 404 196 "-" "-" 20.206.87.81 ... show more 20.206.87.81 - - [08/Jun/2026:23:15:48 +0300] "GET /waf.php HTTP/1.1" 404 196 "-" "-" 20.206.87.81 - - [08/Jun/2026:23:15:48 +0300] "GET /xstelth.php HTTP/1.1" 404 196 "-" "-" ... show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-09 05:14:22 (3 days ago)	594 attacks on PHP URLs: GET /ms.php HTTP/1.1	Web App Attack
🇭🇺 DumaNet	2026-06-09 04:42:00 (3 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 09. 02:54:25 Source IP: 20.206 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 09. 02:54:25 Source IP: 20.206.87.81 Portion of the log(s): 20.206.87.81 - [09/Jun/2026:02:54:23 +0200] "GET /simple.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:23 +0200] "GET /wp-content/ HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:23 +0200] "GET //wp-content/BypassBest.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:22 +0200] "GET /gettest.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:22 +0200] "GET //cgi-bin/admin.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:22 +0200] "GET /bal.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:21 +0200] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:21 +0200] "GET //a1.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:21 +0200] "GET //abcd.php HTTP/1.1" 404 153 "-" "-" 20.206.87.81 - [09/Jun/2026:02:54:21 +0200 show less	Web App Attack
Anonymous	2026-06-09 03:48:56 (3 days ago)	Portscan: TCP/80 (9x)	Port Scan
🇷🇴 StarTech Team	2026-06-09 01:05:54 (3 days ago)	Web App Atack	Web App Attack
🇬🇧 andypiper	2026-06-09 01:00:35 (3 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 masterguru	2026-06-09 01:00:04 (3 days ago)	Too much 404 requests in 1 hour. Operator GE matched 50 at IP:block_script. (4002-163)	Hacking Web App Attack
🇳🇱 ParaBug	2026-06-09 00:59:04 (3 days ago)	20.206.87.81 - - [09/Jun/2026:02:59:03 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.206.87.81 - - [09/Jun/2026:02:59:03 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 549 "-" "-" ... show less	Phishing Brute-Force Web App Attack
🇩🇪 Philister11	2026-06-09 00:55:04 (3 days ago)	CrowdSec: crowdsecurity/http-admin-interface-probing (BR/AS8075)	Web App Attack Hacking
🇩🇪 ksol-hostmaster	2026-06-09 00:49:07 (3 days ago)	2026/06/09 02:49:07 [error] 43188#179438: 2370417 access forbidden by rule, client: 20.206.87.81, s ... show more 2026/06/09 02:49:07 [error] 43188#179438: 2370417 access forbidden by rule, client: 20.206.87.81, server: revolutionbim.com, request: "GET /.well-known/about.php HTTP/1.1", host: "revolutionbim.com" ... show less	Web Spam
🇺🇸 Mundo Bueno	2026-06-09 00:48:43 (3 days ago)	[ISILIA Protection v2.1] Tentative d'accès: /install.php \| Pays: BR \| UA:	Hacking Web App Attack

Showing 1 to 15 of 284 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.240

🇺🇸 170.23.14.221

🇬🇦 154.116.106.62

🇧🇷 138.99.79.29

🇨🇳 115.231.78.11

🇫🇷 84.46.247.185

🇮🇳 49.43.134.126

🇺🇸 192.227.213.228

🇳🇱 185.93.89.154

🇻🇳 152.32.163.183

🇫🇮 147.185.133.135

🇨🇳 106.13.174.45

🇷🇴 92.118.39.236

🇺🇸 44.183.99.113

🇨🇳 39.181.29.180

🇺🇸 20.29.21.127

🇺🇸 2607:f8b0:4004:1000::12a

🇰🇷 218.51.148.194

🇺🇸 216.73.160.166

🇮🇳 168.144.81.184