JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.226.50.160

20.226.50.160 was found in our database!

This IP was reported 405 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.226.50.160

Whois 20.226.50.160

IP Abuse Reports for 20.226.50.160:

This IP address has been reported a total of 405 times from 323 distinct sources. 20.226.50.160 was first reported on June 26th 2026, and the most recent report was 54 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 NetShield-DE	2026-06-28 09:07:18 (54 minutes ago)	Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-28T ... show more Auto-report via Fail2Ban aggregation. IP observed in jails: abuseipdb. Events: 1. First: 2026-06-28T11:07:01+0200. Last: 2026-06-28T11:07:01+0200. Samples: - 2026-06-28 00:34:07,205 fail2ban.actions [996924]: NOTICE [abuseipdb] Ban 20.226.50.160 show less	Web App Attack
Anonymous	2026-06-28 09:02:29 (59 minutes ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇳🇱 thedreamer.nl	2026-06-28 08:35:45 (1 hour ago)	20.226.50.160 - - [28/Jun/2026:10:35:38 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.226.50.160 - - [28/Jun/2026:10:35:38 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" "BR" "Campinas" "-22.90350" "-47.05650" 20.226.50.160 - - [28/Jun/2026:10:35:43 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "BR" "Campinas" "-22.90350" "-47.05650" 20.226.50.160 - - [28/Jun/2026:10:35:43 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 499 0 "-" "-" "BR" "Campinas" "-22.90350" "-47.05650" ... show less	Hacking Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-28 08:35:42 (1 hour ago)	(wordpress) Failed login wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-28 08:28:43 (1 hour ago)	20.226.50.160 - - [28/Jun/2026:10:28:21 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.226.50.160 - - [28/Jun/2026:10:28:21 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:22 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:22 +0200] "GET /x.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:22 +0200] "GET /scxy.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:22 +0200] "GET /FWAZ.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:22 +0200] "GET /qterm.php?p= HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:23 +0200] "GET /blurbs.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:23 +0200] "GET /ati.php?p= HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:23 +0200] "GET /8h250.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:23 +0200] "GET /v543.php HTTP/1.1" 404 485 "-" "-" 20.226.50.160 - - [28/Jun/2026:10:28:23 +0200] "GET / ... show less	DDoS Attack
🇩🇪 raph	2026-06-28 08:24:34 (1 hour ago)	[Wordpress] crawler /wp-admin/, /wp-content/, etc.	Bad Web Bot Web App Attack
🇩🇪 mondor.ro	2026-06-28 08:22:14 (1 hour ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, TEMPDENY 20.226.50.160, Rea ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, TEMPDENY 20.226.50.160, Reason:[20.226.50.160 (BR/Brazil/-), more than 60 Apache 404 hits in the last 3600 secs]; Ports: 80,443; Direction: in; Trigger: LF_CLUSTER; Logs: show less	Port Scan
🇩🇪 webanyone	2026-06-28 08:15:37 (1 hour ago)	Apache web server attack detected by Fail2Ban in plesk-apache jail	Web App Attack
🇧🇬 HighWay	2026-06-28 08:13:59 (1 hour ago)	20.226.50.160 - - [28/Jun/2026:08:13:57 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.226.50.160 - - [28/Jun/2026:08:13:57 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 4590 "-" "-" 20.226.50.160 - - [28/Jun/2026:08:13:57 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 601 "-" "-" 20.226.50.160 - - [28/Jun/2026:08:13:57 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 601 "-" "-" ... show less	Port Scan Bad Web Bot
Anonymous	2026-06-28 08:05:29 (1 hour ago)	Excessive 404 errors - web scanning/probing	Bad Web Bot
🇬🇧 myintarweb	2026-06-28 08:03:44 (1 hour ago)	20.226.50.160 - - [28/Jun/2026:09:03:43 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager ... show more 20.226.50.160 - - [28/Jun/2026:09:03:43 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 410 1506 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-28 08:00:16 (2 hours ago)	Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) ... show more Large-scale coordinated botnet (200+k IPs). Attacker: mikhail-smirnov-79830323 (LinkedIn/profile ID) employed by Angara Technologies Group (Explicitly identified himself as enemy a week before attack began) \| /wp-content/plugins/hellopress/wp_filemanager.php \| (Magento Site) show less	Hacking Bad Web Bot
🇺🇸 Lezetho	2026-06-28 08:00:15 (2 hours ago)	DDoS, WebSpam, Web Attack, and Brute-force blocked by Cloudflare	DDoS Attack Email Spam Hacking Brute-Force
🇧🇪 Saec	2026-06-28 08:00:06 (2 hours ago)	Jarvis auto-ban: CF honeypot path /aaa.php (4× on saec.me)	Port Scan Web App Attack
🇱🇻 garmtech.com	2026-06-28 07:58:02 (2 hours ago)	Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. ... show more Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. Automated scan or unauthorized probing. show less	Web App Attack

Showing 1 to 15 of 405 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.233.118.22

🇵🇭 165.154.33.72

🇮🇳 103.146.233.187

🇫🇷 85.217.140.26

🇬🇧 35.203.210.11

🇬🇧 195.206.182.212

🇺🇸 162.216.150.24

🇮🇳 103.71.76.247

🇫🇷 90.63.199.41

🇺🇸 73.57.80.193

🇺🇸 47.251.251.105

🇳🇱 45.153.34.112

🇨🇳 39.64.104.8

🇭🇰 20.239.49.142

🇨🇦 20.63.8.12

🇫🇮 5.183.255.109

🇷🇺 158.160.209.126

🇸🇬 152.32.218.30

🇬🇧 135.136.20.7

🇬🇧 89.37.172.158