Name: Threat Intelligence: 20.206.185.109
Creator: UnwantedIP
License: https://creativecommons.org/licenses/by/4.0/

Threat LevelCRITICAL72/1001 rule type

3 incidents on record · active attack detected · active over 4 days · seen 15h ago

PTR	N/A
Org / ASN	Microsoft Azure Cloud (brazilsouth)
Country	🇧🇷 Brazil
City	São Paulo, Sao Paulo
Timezone	America/Sao_Paulo

Attack Analysis

🇧🇷 Brazil · São Paulo · 8075 · Microsoft Corporation

Suricata IDS Alert

Suricata intrusion detection flagged this IP for malicious network behaviour — including port scanning, exploit attempts, botnet activity, or known attack signatures. The specific signature is shown in the report list below.

Reports (3)

Date	Severity	Description
13 Jun 2026 - 09:13	medium	IDS: Suricata alert — Honeypot: probe to closed SSH port 22
11 Jun 2026 - 10:22	medium	IDS: Suricata alert — Honeypot: probe to closed SSH port 22
9 Jun 2026 - 11:44	high	IDS: Suricata alert — Honeypot: probe to closed SSH port 22

Report for IP: 20.206.185.109

Attack Analysis

Reports (3)