JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.240.242.146

20.240.242.146 was found in our database!

This IP was reported 144 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇸🇪 Sweden
City	Gavle, Gavleborg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.240.242.146

Whois 20.240.242.146

IP Abuse Reports for 20.240.242.146:

This IP address has been reported a total of 144 times from 125 distinct sources. 20.240.242.146 was first reported on June 26th 2026, and the most recent report was 5 seconds ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-26 13:49:16 (5 seconds ago)	wp admin page access attempt ...	Hacking Web App Attack
🇩🇪 Ba-Yu	2026-06-26 13:45:05 (4 minutes ago)	WordPress hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇬🇷 setupgr	2026-06-26 13:41:41 (7 minutes ago)	(mod_security) mod_security (id:1000001) triggered by 20.240.242.146 (SE/Sweden/-/-/-/[AS8075 Micros ... show more (mod_security) mod_security (id:1000001) triggered by 20.240.242.146 (SE/Sweden/-/-/-/[AS8075 Microsoft Corporation]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 26 16:41:37.767611 2026] [security2:error] [pid 989315:tid 989497] [client 20.240.242.146:21101] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-content/plugins/hellopress/wp_filemanager.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /wp-content/plugins/hellopress/wp_filemanager.php"] [severity "CRITICAL"] [tag "security"] [hostname "setworldup.com"] [uri "/wp-content/plugins/hellopress/wp_filemanager.php"] [unique_id "aj6BkXyLqxbcmLLLK_VkMwAABEY"] show less	Port Scan
🇦🇺 Anytech	2026-06-26 13:40:58 (8 minutes ago)	Blocked by Conn-Monitor: Web scanning activity	Web App Attack
🇺🇸 Epimetheus	2026-06-26 13:40:19 (9 minutes ago)	Unauthorized access attempts: [GET] /blurbs.php [GET] /1337.php [GET] /horeg.php [GET] /1877.php [G ... show more Unauthorized access attempts: [GET] /blurbs.php [GET] /1337.php [GET] /horeg.php [GET] /1877.php [GET] /wp-sid.php [GET] /ewdzmqmg.php [GET] /classwithtostring.php [GET] /00.php [GET] /tinyfilemanager.php [GET] /wp-content/themes/about.php [GET] /xs.php UA: Unknown show less	Web App Attack
🇬🇧 killian7603	2026-06-26 13:39:00 (10 minutes ago)		Web App Attack
🇫🇷 LRNP	2026-06-26 13:37:02 (12 minutes ago)	_:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /wa.php HTTP/1.1" 404 146 "-" "-" _:80 20. ... show more _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /wa.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /wb.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /file1.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /2.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /a2.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:27:00 +0000] "GET /a.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:37:01 +0000] "GET /eauu.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:37:01 +0000] "GET /f6.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:37:01 +0000] "GET /fe5.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:37:01 +0000] "GET /wsd.php HTTP/1.1" 404 146 "-" "-" ... show less	Bad Web Bot Web App Attack
🇺🇸 jcbriar	2026-06-26 13:36:13 (13 minutes ago)	Searching for vulnerable scripts	Hacking Web App Attack
🇯🇵 stypr	2026-06-26 13:32:59 (16 minutes ago)	Malicious activity detected on HTTP/HTTPS	Hacking Brute-Force Web App Attack
🇺🇸 Mainpine	2026-06-26 13:32:49 (16 minutes ago)	probing for vulnerable web apps	Web App Attack
🇦🇺 2000cn.com.au	2026-06-26 13:31:48 (17 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇨🇿 plzenskypruvodce.cz	2026-06-26 13:26:23 (22 minutes ago)	[Fri Jun 26 15:17:41.497592 2026] [authz_core:error] [pid 1260990:tid 1261035] [client 20.240.242.14 ... show more [Fri Jun 26 15:17:41.497592 2026] [authz_core:error] [pid 1260990:tid 1261035] [client 20.240.242.146:2125] AH01630: client denied by server configuration: /var/www/baletniskola-ok.cz/www/wp-content/themes/about.php [Fri Jun 26 15:26:21.852218 2026] [authz_core:error] [pid 1260990:tid 1261029] [client 20.240.242.146:2079] AH01630: client denied by server configuration: /var/www/baletniskola-ok.cz/www/wp-includes/fonts/themes.php ... show less	Web App Attack
🇺🇸 factor1	2026-06-26 13:25:03 (24 minutes ago)	Fail2ban at apollo Reports Abuse.	Bad Web Bot
🇩🇪 iNetWorker	2026-06-26 13:21:41 (27 minutes ago)	trolling for resource vulnerabilities	Web App Attack
🇫🇷 LRNP	2026-06-26 13:16:57 (32 minutes ago)	_:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /wp-content/plugins/hellopress/wp_filemana ... show more _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /error.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /kao.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /kaza.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:56 +0000] "GET /031.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:57 +0000] "GET /ilex.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:57 +0000] "GET /flex.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:57 +0000] "GET /mlex.php HTTP/1.1" 404 146 "-" "-" _:80 20.240.242.146 - - [26/Jun/2026:13:16:57 +0000] "GET /wlex.php HTTP/1.1" 404 146 "-" "-" ... show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 144 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.164

🇺🇸 151.247.69.33

🇨🇳 111.61.177.2

🇸🇬 20.212.25.134

🇮🇱 2.55.88.51

🇭🇰 223.197.145.114

🇧🇪 198.235.24.241

🇸🇬 167.172.93.203

🇨🇳 120.48.124.176

🇹🇼 111.70.23.238

🇭🇰 43.129.239.15

🇻🇳 171.231.191.230

🇭🇰 103.49.62.60

🇹🇼 101.13.0.53

🇩🇪 91.107.242.127

🇹🇷 78.166.115.222

🇩🇪 20.79.187.108

🇲🇽 187.188.229.220

🇺🇸 174.138.89.209

🇺🇸 149.18.10.144