JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.48.1.192

20.48.1.192 was found in our database!

This IP was reported 90 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.48.1.192

Whois 20.48.1.192

IP Abuse Reports for 20.48.1.192:

This IP address has been reported a total of 90 times from 84 distinct sources. 20.48.1.192 was first reported on May 5th 2026, and the most recent report was 4 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 4 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2026-05-08 15:07:53 (4 weeks ago)	Excessive multi-domain requests	Brute-Force
🇬🇧 openstrike.co.uk	2026-05-06 05:13:25 (1 month ago)	46 attacks on PHP URLs: GET /wso.php HTTP/1.1	Web App Attack
Anonymous	2026-05-06 02:05:31 (1 month ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Webs ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: JP, Attack patterns: Webshell probing show less	Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-05-05 22:36:14 (1 month ago)		Brute-Force Web App Attack
🇭🇷 robi052	2026-05-05 16:47:00 (1 month ago)	Automated vulnerability scanning detected. The bot is probing for common PHP backdoors, admin interf ... show more Automated vulnerability scanning detected. The bot is probing for common PHP backdoors, admin interfaces, and sensitive files (e.g., xleet.php, xmrlpc.php, admin.php). Rapid succession of requests (27+ requests in 7 seconds) indicates a scripted attack. All requests blocked with 403 Forbidden. [2026-05-05 02:36:03] [403] [ACCESS_DENIED] [REF-317433] 20.48.1.192 - /xleet.php - Referer: Direct Access - Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [2026-05-05 02:36:03] [403] [INVALID_HOST_HEADER] [REF-D42FA5] 20.48.1.192 - /xmrlpc.php - Referer: Direct Access - Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 [2026-05-05 02:36:04] [403] [INVALID_HOST_HEADER] [REF-28FD99] 20.48.1.192 - /1.php - Referer: Direct Access - Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Port Scan Bad Web Bot Web App Attack
🇨🇿 ptlab	2026-05-05 06:45:09 (1 month ago)	Detected config_leak attack from WP-host.	Hacking Web App Attack
🇬🇧 findlab	2026-05-05 06:00:02 (1 month ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇮🇳 evicky2002	2026-05-05 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 ph	2026-05-05 05:52:43 (1 month ago)	Bad web bot attempting to run lock360.php on non-WP site	Hacking Bad Web Bot Web App Attack
🇩🇪 Skyrider	2026-05-05 05:46:46 (1 month ago)	crowdsecurity/http-backdoors-attempts	Hacking
🇵🇱 sefinek.net	2026-05-05 05:38:31 (1 month ago)	Triggered Cloudflare WAF (firewallCustom) from JP. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from JP. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /core.php \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇦 URAN Publishing Service	2026-05-05 05:14:13 (1 month ago)	20.48.1.192 - - [05/May/2026:08:14:13 +0300] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 404 787 ... show more 20.48.1.192 - - [05/May/2026:08:14:13 +0300] "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1" 404 787 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026:08:14:13 +0300] "GET /wp-includes/fonts/ HTTP/1.1" 404 787 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-05-05 05:13:34 (1 month ago)	26 attacks on PHP URLs: GET /file.php HTTP/1.1	Web App Attack
Anonymous	2026-05-05 05:03:52 (1 month ago)	20.48.1.192 - - [05/May/2026:06:58:44 +0200] "GET /xmrlpc.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Wi ... show more 20.48.1.192 - - [05/May/2026:06:58:44 +0200] "GET /xmrlpc.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026:06:58:44 +0200] "GET /1.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026:06:58:44 +0200] "GET /2.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026:06:58:44 +0200] "GET /a.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026:06:58:45 +0200] "GET /aa.php HTTP/1.1" 404 360 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.48.1.192 - - [05/May/2026: ... show less	DDoS Attack
🇹🇭 thaizone.com	2026-05-05 04:40:49 (1 month ago)	Brute Force Attack on a Web Resources (repeated 404) #1	DDoS Attack Web Spam Brute-Force Web App Attack

Showing 1 to 15 of 90 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.32

🇮🇪 82.22.223.243

🇮🇪 52.169.217.131

🇳🇱 45.142.193.169

🇺🇸 34.182.142.96

🇧🇩 202.4.126.169

🇧🇷 187.45.107.148

🇧🇬 185.253.159.94

🇮🇷 185.226.119.178

🇩🇪 185.209.196.239

🇮🇩 180.252.162.98

🇯🇵 138.2.26.150

🇹🇼 128.14.226.125

🇺🇸 104.196.14.23

🇺🇸 64.62.197.221

🇺🇸 45.156.129.136

🇸🇬 35.247.151.219

🇹🇼 35.236.135.31

🇫🇮 35.228.119.167

🇧🇪 35.190.207.105