JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.226.61.17

20.226.61.17 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.226.61.17

Whois 20.226.61.17

IP Abuse Reports for 20.226.61.17:

This IP address has been reported a total of 144 times from 110 distinct sources. 20.226.61.17 was first reported on May 31st 2026, and the most recent report was 24 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Mangelot Hosting	2026-05-31 16:56:20 (3 days ago)	(upload_shell) srv101 Shell upload 20.226.61.17 (BR/Brazil/-): 1 in the last 3600 secs; Ports: ; Di ... show more (upload_shell) srv101 Shell upload 20.226.61.17 (BR/Brazil/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇫🇷 masterguru	2026-05-31 16:55:05 (3 days ago)	PHP execution attempt in wp-content/uploads blocked. Pattern match "(?i)/wp-content/uploads/.\\\\.p ... show more PHP execution attempt in wp-content/uploads blocked. Pattern match "(?i)/wp-content/uploads/.\\\\.php" at REQUEST_URI. (5100-193) show less	Hacking
Anonymous	2026-05-31 16:49:47 (3 days ago)	Aggressive web scan	Web App Attack
🇨🇭 4server	2026-05-31 16:46:40 (3 days ago)	[SunMay3118:46:35.7859042026][security2:error][pid327154:tid327461][client20.226.61.17:0]ModSecurity ... show more [SunMay3118:46:35.7859042026][security2:error][pid327154:tid327461][client20.226.61.17:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"367\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"giuristifriburgo.ch\"][uri\"/xmlrpc.php\"][unique_id\"ahxl6wi8rAstHQ1FiPXv0gAAAMw\"] show less	Hacking Web App Attack
🇩🇪 FeG Deutschland	2026-05-31 16:44:04 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇪🇸 alferez	2026-05-31 16:43:21 (3 days ago)	Searching hacked php files	Hacking Exploited Host Web App Attack
Anonymous	2026-05-31 16:42:44 (3 days ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇧🇾 lns.bz	2026-05-31 16:41:17 (3 days ago)	Too many 404 requests [BY]	Web App Attack
🇳🇱 Site.eu	2026-05-31 16:39:00 (3 days ago)	Excessive multi-domain requests	Brute-Force
🇫🇷 dynamix	2026-05-31 16:38:41 (3 days ago)	Multiple WAF Violations	Web App Attack
🇬🇧 consul.to	2026-05-31 16:37:28 (3 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 nyt	2026-05-31 16:37:17 (3 days ago)	Non-standard WP File, Accessing non-existent PHP file in theme directory, 404 flood (16/60s)	Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-05-31 16:30:42 (3 days ago)	PHP execution attempt in wp-content/uploads blocked. Pattern match "(?i)/wp-content/uploads/.\\\\.p ... show more PHP execution attempt in wp-content/uploads blocked. Pattern match "(?i)/wp-content/uploads/.\\\\.php" at REQUEST_URI. (5100-195) show less	Hacking
Anonymous	2026-05-31 16:30:05 (3 days ago)	\| [Dangerous/Brazil] Aggressive IP 20.226.61.17 (~30 hits). Type: DoS Defender- Web server 400 error ... show more \| [Dangerous/Brazil] Aggressive IP 20.226.61.17 (~30 hits). Type: DoS Defender- Web server 400 error code show less	Web App Attack Hacking SQL Injection
🇱🇻 garmtech.com	2026-05-31 16:29:50 (3 days ago)	IM360 WAF: Interaction with fake plugin MV:/wp-content/plugins/WordPressCore/	Web App Attack

Showing 121 to 135 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:1:c84::1ec

🇨🇳 223.85.251.61

🇮🇳 150.129.168.41

🇸🇬 149.34.253.149

🇹🇼 122.117.94.238

🇿🇦 102.129.63.182

🇺🇸 72.14.147.203

🇺🇸 68.192.238.200

🇺🇸 64.62.197.202

🇺🇸 50.187.96.100

🇹🇿 41.93.28.23

🇬🇧 35.203.211.179

🇧🇪 34.79.219.154

🇲🇾 14.192.212.85

🇺🇸 172.174.234.168

🇻🇳 171.244.39.95

🇭🇰 118.193.47.223

🇫🇷 91.196.152.122

🇩🇪 69.5.169.92

🇺🇸 35.252.197.133