JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.222.227.148

20.222.227.148 was found in our database!

This IP was reported 89 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.222.227.148

Whois 20.222.227.148

IP Abuse Reports for 20.222.227.148:

This IP address has been reported a total of 89 times from 77 distinct sources. 20.222.227.148 was first reported on June 4th 2026, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-11 09:27:40 (3 days ago)	WordPress WebAttack	Brute-Force Web App Attack
🇩🇪 Holger	2026-06-06 00:47:17 (1 week ago)	WordPress WebAttack	Brute-Force Web App Attack
🇪🇸 Gem	2026-06-05 22:10:00 (1 week ago)	Unauthorized web scan.	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-05 22:02:36 (1 week ago)	Auto-ban: 17 malicious requests on 2026-06-04 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 17 malicious requests on 2026-06-04 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
Anonymous	2026-06-05 10:03:52 (1 week ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: WordPress scanning, Backup file probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-04 22:00:11 (1 week ago)	Auto-ban: >3000 req/min op 2026-06-04	Web App Attack SSH Hacking
🇺🇸 WellSpring	2026-06-04 13:20:40 (1 week ago)	Automated probe detected by Ody Sentinel / WellSpr.ing. Type: wordpress_content. Path: /wp-content/p ... show more Automated probe detected by Ody Sentinel / WellSpr.ing. Type: wordpress_content. Path: /wp-content/plugins/hellopress/wp_filemanager.php. Auto-blocked after threshold exceeded. Dossier: https://wellspr.ing/dossier/sentinel-20-222-227-148 show less	Web App Attack
🇩🇪 kommunos	2026-06-04 13:17:51 (1 week ago)	/wp-content/plugins/hellopress/wp_filemanager.php	Web App Attack
🇵🇱 tomkolp	2026-06-04 13:07:12 (1 week ago)	CrowdSec - Scenario: crowdsecurity/http-probing. Duration: 4h.	Port Scan Web App Attack
🇷🇴 iulianh	2026-06-04 12:59:19 (1 week ago)	*	Brute-Force SSH
🇦🇺 2000cn.com.au	2026-06-04 12:39:56 (1 week ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇫🇮 NoaQT	2026-06-04 12:23:12 (1 week ago)	2026-06-04T12:23:10.553019+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:10.5 ... show more 2026-06-04T12:23:10.553019+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:10.552] https_in https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 310/280/0/0/0 0/0 "GET /b00869ae6e.php HTTP/1.1" 2026-06-04T12:23:10.832602+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:10.831] https_in https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 310/280/0/0/0 0/0 "GET /hellcut.php HTTP/1.1" 2026-06-04T12:23:11.133205+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:11.132] https_in https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 310/280/0/0/0 0/0 "GET /wander.php HTTP/1.1" 2026-06-04T12:23:11.412334+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:11.412] https_in https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 310/280/0/0/0 0/0 "GET /ha.php HTTP/1.1" 2026-06-04T12:23:11.691585+00:00 ingress-1 haproxy[782]: 20.222.227.148:3896 [04/Jun/2026:12:23:11.691] https_in https_in/<NOSRV> 0/-1/-1/-1/0 429 225 - - PR-- 308/278/0/0/0 0/0 " ... show less	DDoS Attack
🇸🇮 valryx	2026-06-04 12:00:09 (1 week ago)	🛡️ Cloudflare WAF - 203 malicious requests Actions: managed_challenge, block Sources: firewallCustom ... show more 🛡️ Cloudflare WAF - 203 malicious requests Actions: managed_challenge, block Sources: firewallCustom, botFight Country: JP Attacked paths: • /mjq.php • /acip.php • /bootstrap.php User-Agent: show less	Web App Attack
Anonymous	2026-06-04 11:45:56 (1 week ago)	Attempted search for exploits and vulnerabilities detected by fail2ban ...	Port Scan Brute-Force
🇳🇿 Tripwire	2026-06-04 11:45:17 (1 week ago)	Scanning for exploits - /wp-content/plugins/hellopress/wp_filemanager.php	Hacking Web App Attack

Showing 1 to 15 of 89 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇱🇹 185.5.53.154

🇮🇳 165.232.176.45

🇺🇸 103.203.57.20

🇳🇱 93.174.95.106

🇺🇸 52.146.21.82

🇺🇸 51.81.209.109

🇸🇬 47.128.50.255

🇱🇹 45.227.254.170

🇧🇬 193.24.211.107

🇧🇷 189.50.142.78

🇪🇸 149.91.97.132

🇳🇱 45.142.193.53

🇸🇬 43.98.165.116

🇺🇸 2604:a880:400:d1:0:4:963a:e001

🇬🇧 193.32.209.237

🇦🇱 130.49.189.41

🇧🇩 103.179.126.227

🇺🇸 34.162.235.211

🇲🇺 197.227.8.186

🇪🇬 197.44.15.210