JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.220.148.157

20.220.148.157 was found in our database!

This IP was reported 278 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.220.148.157

Whois 20.220.148.157

IP Abuse Reports for 20.220.148.157:

This IP address has been reported a total of 278 times from 219 distinct sources. 20.220.148.157 was first reported on March 11th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-04-30 13:04:29 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇹🇷 rtbh.com.tr	2026-03-28 20:12:18 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 ghostwarriors	2026-03-27 14:55:29 (2 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2026-03-13 20:12:02 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇬🇧 openstrike.co.uk	2026-03-13 06:14:14 (2 months ago)	230 attacks on PHP URLs: GET /click.php HTTP/1.1	Web App Attack
🇭🇺 DumaNet	2026-03-13 02:30:00 (2 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 10:58:05 Source IP: 20.220 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 10:58:05 Source IP: 20.220.148.157 Portion of the log(s): 20.220.148.157 - [12/Mar/2026:10:56:07 +0100] "GET /link.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:07 +0100] "GET /buy.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:07 +0100] "GET /tiny.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /wp-includes/wp-class.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /readme.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /404.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /web/wp-login.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /0x1949.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /up.php?x= HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:10:56:06 +0100] "GET /w.php HTTP/1.1" show less	Web App Attack
🇭🇺 DumaNet	2026-03-13 02:09:00 (2 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 08:13:55 Source IP: 20.220 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 08:13:55 Source IP: 20.220.148.157 Portion of the log(s): 20.220.148.157 - [12/Mar/2026:08:13:54 +0100] "GET /inputs.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:54 +0100] "GET /link.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:54 +0100] "GET /buy.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /tiny.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /wp-includes/wp-class.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /readme.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /404.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /web/wp-login.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /0x1949.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:08:13:53 +0100] "GET /up.php?x= show less	Web App Attack
🇭🇺 DumaNet	2026-03-13 01:42:00 (2 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 06:39:52 Source IP: 20.220 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Mar 12. 06:39:52 Source IP: 20.220.148.157 Portion of the log(s): 20.220.148.157 - [12/Mar/2026:06:39:51 +0100] "GET /wp-login.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:51 +0100] "GET /404.php?fm=true HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /brand.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /moon.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /0x.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /m.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /classwithtostring.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /wp-admin/maint/admin.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /ws.php HTTP/1.1" 404 153 "-" "-" 20.220.148.157 - [12/Mar/2026:06:39:50 +0100] "GET /item.php show less	Web App Attack
🇺🇸 mw	2026-03-13 00:40:41 (2 months ago)	GET /wp-admin/maint/admin.php HTTP/1.1	Web App Attack
🇮🇹 mauri64	2026-03-13 00:31:38 (2 months ago)	Troppi errori Apache (228)	Hacking
🇫🇷 tecnicorioja	2026-03-12 23:01:25 (2 months ago)	wp-login attack [12/Mar/2026:04:01:18	Brute-Force Web App Attack
🇩🇪 Vegascosmetics	2026-03-12 22:50:25 (2 months ago)	Kingcopy(AI-IDS):IP is Probing for Wordpress vulnerabilities WTF:Banned	Hacking Bad Web Bot Web App Attack
Anonymous	2026-03-12 22:04:38 (2 months ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇹🇷 rtbh.com.tr	2026-03-12 20:12:01 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇧🇪 Ivo Vynckier	2026-03-12 15:16:00 (3 months ago)	20.220.148.157 - - [12/Mar/2026:02:32:32 +0100] "GET /404.php?fm=true HTTP/1.1" 404 27 "-" "-" 20.2 ... show more 20.220.148.157 - - [12/Mar/2026:02:32:32 +0100] "GET /404.php?fm=true HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:33 +0100] "GET /wp-login.php HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:33 +0100] "GET /sx.php HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:33 +0100] "GET /manager.php?p= HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:33 +0100] "GET /themes.php HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:34 +0100] "GET /install.php HTTP/1.1" 404 27 "-" "-" 20.220.148.157 - - [12/Mar/2026:02:32:34 +0100] "GET /w.php HTTP/1.1" 404 27 "-" "-" show less	Web App Attack

Showing 1 to 15 of 278 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇫🇮 138.124.5.60

🇪🇹 196.189.236.162

🇺🇿 185.163.26.56

🇻🇳 152.32.163.183

🇮🇷 79.127.66.250

🇮🇶 65.20.174.49

🇺🇸 64.62.156.168

🇫🇷 217.182.64.143

🇺🇸 206.212.244.18

🇺🇸 205.210.31.13

🇫🇮 185.229.66.92

🇺🇸 162.217.162.239

🇳🇱 158.94.210.138

🇮🇩 110.136.193.202

🇩🇪 104.248.43.109

🇺🇸 72.14.147.177

🇸🇬 47.79.207.199

🇯🇵 43.167.168.2

🇮🇩 103.168.135.187

🇮🇩 103.166.10.244