JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.226.2.52

20.226.2.52 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.226.2.52

Whois 20.226.2.52

IP Abuse Reports for 20.226.2.52:

This IP address has been reported a total of 238 times from 192 distinct sources. 20.226.2.52 was first reported on May 27th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 todix	2026-05-27 17:37:24 (1 week ago)	WebAttack or semilar from 20.226.2.52	Web App Attack
Anonymous	2026-05-27 17:28:00 (1 week ago)	Malicious Activity	Web App Attack
🇬🇧 cybersteve99	2026-05-27 17:18:29 (1 week ago)	Too many 4xx Requests -	Brute-Force Web App Attack
🇬🇧 venus.launch.bz	2026-05-27 17:16:52 (1 week ago)	(wpscan) WordPress probe detected from 20.226.2.52 (BR/Brazil/-)	Hacking
🇩🇪 Viveronese	2026-05-27 17:10:55 (1 week ago)	HTTP vulnerability scanning	Web App Attack
🇩🇪 pigro	2026-05-27 17:06:53 (1 week ago)	20.226.2.52 - - [27/May/2026:19:06:52 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.226.2.52 - - [27/May/2026:19:06:52 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 153 "-" "-" 20.226.2.52 - - [27/May/2026:19:06:53 +0200] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 404 153 "-" "-" ... show less	Web App Attack
🇩🇪 IVski	2026-05-27 17:04:45 (1 week ago)	IVski WAF \| WordPress scanner detected - probing wp-content, xmlrpc or wp-login	Port Scan Brute-Force Web App Attack
🇺🇸 xpto	2026-05-27 17:00:24 (1 week ago)	Blocked for probing for web application vulnerabilities	Web App Attack
🇫🇷 Campus France	2026-05-27 16:58:34 (1 week ago)	[Wed May 27 18:58:30.920543 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/ ... show more [Wed May 27 18:58:30.920543 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/www/html/aaa.php' not found or unable to stat [Wed May 27 18:58:31.125788 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/www/html/admin.php' not found or unable to stat [Wed May 27 18:58:31.541435 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/www/html/aa.php' not found or unable to stat [Wed May 27 18:58:31.752064 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/www/html/server.php' not found or unable to stat [Wed May 27 18:58:33.858080 2026] [php:error] [pid 1658706] [client 20.226.2.52:37486] script '/var/www/html/f.php' not found or unable to stat ... show less	Brute-Force Web App Attack
🇮🇩 soc-yk	2026-05-27 16:58:14 (1 week ago)	Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 100 Events: 5180 Evide ... show more Type: suspicious_network_activity Threat: suspicious_public_web_client Risk: 100 Events: 5180 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇺🇸 Rocky Mountain Bioengineering Symposium	2026-05-27 16:55:32 (1 week ago)	[Wed May 27 10:55:11.034430 2026] [cgid:error] [pid 119263:tid 139786169849408] [client 20.226.2.52: ... show more [Wed May 27 10:55:11.034430 2026] [cgid:error] [pid 119263:tid 139786169849408] [client 20.226.2.52:27894] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/xmrlpc.php [Wed May 27 10:55:18.415218 2026] [cgid:error] [pid 119263:tid 139784324372032] [client 20.226.2.52:27894] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/cgi-bin [Wed May 27 10:55:31.210914 2026] [cgid:error] [pid 119263:tid 139785012246080] [client 20.226.2.52:27894] AH01264: script not found or unable to stat: /usr/lib/cgi-bin/index.php ... show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-05-27 16:54:42 (1 week ago)	20.226.2.52 - - [27/May/2026:19:54:42 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.226.2.52 - - [27/May/2026:19:54:42 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 706 "-" "-" ... show less	Web App Attack
🇪🇸 elcruzado.es	2026-05-27 16:43:07 (1 week ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.226.2.52 (BR/Brazil/- ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 20.226.2.52 (BR/Brazil/-) show less	Port Scan
🇩🇪 rh24	2026-05-27 16:41:16 (1 week ago)	(mod_security) mod_security triggered on hostname [redacted] 20.226.2.52 (BR/Brazil/-)	SQL Injection
🇹🇷 Threat.live	2026-05-27 16:40:03 (1 week ago)	Suspicious Connection Attempts	Brute-Force

Showing 91 to 105 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 193.124.20.234

🇭🇰 101.36.127.86

🇺🇸 74.82.47.43

🇳🇱 45.148.10.152

🇮🇩 27.50.25.190

🇮🇳 103.69.145.254

🇱🇹 85.206.68.80

🇫🇷 62.210.246.122

🇺🇸 216.25.89.73

🇩🇪 213.209.159.56

🇺🇸 207.90.244.3

🇮🇩 202.59.200.253

🇳🇱 176.65.139.130

🇮🇳 106.76.163.89

🇫🇷 91.231.89.68

🇺🇸 64.95.9.230

🇺🇸 64.62.197.149

🇺🇸 64.62.156.196

🇻🇳 14.248.98.132

🇨🇳 218.0.56.30