JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.48.248.185

20.48.248.185 was found in our database!

This IP was reported 321 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.48.248.185

Whois 20.48.248.185

IP Abuse Reports for 20.48.248.185:

This IP address has been reported a total of 321 times from 267 distinct sources. 20.48.248.185 was first reported on May 28th 2026, and the most recent report was 25 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-29 12:03:40 (6 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇧🇪 Ivo Vynckier	2026-05-29 09:39:00 (6 days ago)	20.48.248.185 - - [28/May/2026:16:45:39 +0200] "GET /adminfuns.php HTTP/1.1" 404 27 "-" "-" 20.48.2 ... show more 20.48.248.185 - - [28/May/2026:16:45:39 +0200] "GET /adminfuns.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:40 +0200] "GET /sx_pms.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:40 +0200] "GET /wp-info.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:41 +0200] "GET /wp-test.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:41 +0200] "GET /like.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:41 +0200] "GET /we.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:42 +0200] "GET /wp.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:42 +0200] "GET /wp-indx.php HTTP/1.1" 404 27 "-" "-" 20.48.248.185 - - [28/May/2026:16:45:42 +0200] "GET /zoo.php HTTP/1.1" 301 293 "-" "-" show less	Web App Attack
🇭🇺 DumaNet	2026-05-29 05:55:00 (6 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 May 28. 23:10:08 Source IP: 20.48. ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 May 28. 23:10:08 Source IP: 20.48.248.185 Portion of the log(s): 20.48.248.185 - [28/May/2026:23:10:08 +0200] "GET /file6.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:08 +0200] "GET /press.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:08 +0200] "GET /cilus.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:07 +0200] "GET /xltt.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:07 +0200] "GET /8.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:07 +0200] "GET /ms-edit.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:07 +0200] "GET /a1.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:07 +0200] "GET /casp1.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:06 +0200] "GET /mar.php HTTP/1.1" 404 153 "-" "-" 20.48.248.185 - [28/May/2026:23:10:06 +0200] "GET /doc.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-05-29 05:13:58 (6 days ago)	380 attacks on PHP URLs: GET /3369.php HTTP/1.1	Web App Attack
🇺🇸 octageeks.com	2026-05-29 04:07:27 (6 days ago)	Wordpress malicious attack:[octascan]	Web App Attack
Anonymous	2026-05-29 02:35:47 (6 days ago)	Portscan: TCP/80 (9x), TCP/443	Port Scan
🇬🇧 andypiper	2026-05-29 01:02:18 (6 days ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 fleckenbase	2026-05-29 01:01:51 (6 days ago)	apache-noscript ...	Brute-Force Web App Attack
🇺🇸 kadour	2026-05-29 01:00:13 (6 days ago)	[Thu May 28 20:00:11.811265 2026] [proxy_fcgi:error] [pid 2509:tid 2583] [client 20.48.248.185:8801] ... show more [Thu May 28 20:00:11.811265 2026] [proxy_fcgi:error] [pid 2509:tid 2583] [client 20.48.248.185:8801] AH01071: Got error 'Primary script unknown' [Thu May 28 20:00:11.859499 2026] [proxy_fcgi:error] [pid 2509:tid 2638] [client 20.48.248.185:8801] AH01071: Got error 'Primary script unknown' [Thu May 28 20:00:11.905985 2026] [proxy_fcgi:error] [pid 2509:tid 2635] [client 20.48.248.185:8801] AH01071: Got error 'Primary script unknown' [Thu May 28 20:00:11.954688 2026] [proxy_fcgi:error] [pid 2509:tid 2622] [client 20.48.248.185:8801] AH01071: Got error 'Primary script unknown' [Thu May 28 20:00:12.008373 2026] [proxy_fcgi:error] [pid 2509:tid 2615] [client 20.48.248.185:8801] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇮🇹 ciccio diddo	2026-05-29 01:00:06 (6 days ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇩🇪 David Ferneding	2026-05-29 00:53:42 (6 days ago)	Blocked by UFW (TCP on 80) Source port: 61376 TTL: 113 Packet length: 52 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 61376 TTL: 113 Packet length: 52 TOS: 0x00 This report (for 20.48.248.185) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇩🇪 hackthetime	2026-05-29 00:49:42 (6 days ago)	Tried to access /wp-content/plugins/hellopress/wp_filemanager.php (auto-added by Hype UI)	Web App Attack
🇩🇪 Nightreaver	2026-05-29 00:48:25 (6 days ago)	20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /wp-info.php HTTP/1.1" 404 440 "-" "-" 20.48.248 ... show more 20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /wp-info.php HTTP/1.1" 404 440 "-" "-" 20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /wp-test.php HTTP/1.1" 404 440 "-" "-" 20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /like.php HTTP/1.1" 404 440 "-" "-" 20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /we.php HTTP/1.1" 404 440 "-" "-" 20.48.248.185 - - [29/May/2026:02:48:24 0200] "GET /wp.php HTTP/1.1" 404 440 "-" "-"[...] show less	Bad Web Bot Web App Attack
🇹🇷 Detmach	2026-05-29 00:42:22 (6 days ago)	Security attack detected. Multiple failed attempts from 20.48.248.185. IP banned for 1440 minutes at ... show more Security attack detected. Multiple failed attempts from 20.48.248.185. IP banned for 1440 minutes at 29.05.2026 03:42:17. Failed attempts: 1 show less	Brute-Force
🇻🇳 trung.fun	2026-05-29 00:38:59 (6 days ago)	DDoS, Hack, Brute Force, Web Attack ...	DDoS Attack Web Spam Hacking Brute-Force Web App Attack

Showing 16 to 30 of 321 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2620:171:f1:f0:9999::231

🇰🇷 221.156.24.206

🇳🇱 198.177.120.121

🇺🇸 138.197.204.198

🇸🇬 103.250.11.63

🇨🇦 34.47.41.230

🇵🇪 200.106.49.149

🇲🇽 187.249.130.179

🇺🇸 162.216.150.225

🇯🇵 103.125.146.35

🇷🇺 91.219.196.17

🇮🇩 69.5.7.218

🇭🇰 199.45.155.75

🇹🇼 198.235.24.66

🇬🇧 185.247.137.105

🇨🇳 182.138.158.253

🇮🇳 182.95.189.206

🇧🇷 179.125.124.14

🇺🇸 178.128.76.108

🇸🇬 146.190.105.93