JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.212.190.20

172.212.190.20 was found in our database!

This IP was reported 175 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.212.190.20

Whois 172.212.190.20

IP Abuse Reports for 172.212.190.20:

This IP address has been reported a total of 175 times from 127 distinct sources. 172.212.190.20 was first reported on May 8th 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 paulshipley.com.au	2026-05-09 03:24:29 (3 weeks ago)	valueaddedpromotions.com.au:443 172.212.190.20 - - [09/May/2026:13:23:11 +1000] "GET /inputs.php HTT ... show more valueaddedpromotions.com.au:443 172.212.190.20 - - [09/May/2026:13:23:11 +1000] "GET /inputs.php HTTP/1.1" 404 157865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" valueaddedpromotions.com.au:443 172.212.190.20 - - [09/May/2026:13:23:14 +1000] "GET /ioxi-o.php HTTP/1.1" 404 157865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" valueaddedpromotions.com.au:443 172.212.190.20 - - [09/May/2026:13:23:17 +1000] "GET /function/function.php HTTP/1.1" 404 157877 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" valueaddedpromotions.com.au:443 172.212.190.20 - - [09/May/2026:13:23:19 +1000] "GET /rip.php HTTP/1.1" 404 157862 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" valueaddedpromotions.com.au:443 172.212.190.20 - ... show less	Web App Attack
Anonymous	2026-05-09 03:05:09 (3 weeks ago)	IP banned by Fail2Ban in jail nginx-abusive-ips	Web App Attack Brute-Force Bad Web Bot
🇺🇸 brantknudson.org	2026-05-09 02:38:40 (3 weeks ago)	Request path 'GET /wk/index.php HTTP/1.1'	Web App Attack Hacking
🇨🇱 n33	2026-05-09 02:38:09 (3 weeks ago)	Attack detected detected by fail2ban. Service: nginx-ghost-upstream. Banned after 3 failed attempts.	Hacking Web App Attack
🇩🇪 macrob	2026-05-09 02:37:51 (3 weeks ago)	2026/05/09 02:37:48 [error] 516949#516949: 212312465 access forbidden by rule, client: 172.212.190. ... show more 2026/05/09 02:37:48 [error] 516949#516949: 212312465 access forbidden by rule, client: 172.212.190.20, server: bin.partners, request: "GET /admin.php HTTP/2.0", host: "bin.partners" 2026/05/09 02:37:49 [error] 516948#516948: 212312510 access forbidden by rule, client: 172.212.190.20, server: bin.partners, request: "GET /wp-content/uploads/index.php HTTP/2.0", host: "bin.partners" 2026/05/09 02:37:50 [error] 516951#516951: 212312442 access forbidden by rule, client: 172.212.190.20, server: bin.partners, request: "GET /wp-admin/user/index.php HTTP/2.0", host: "bin.partners" ... show less	Web App Attack
Anonymous	2026-05-09 02:31:51 (3 weeks ago)	[Sat May 09 04:31:50.372903 2026] [authz_core:error] [pid 1193] [client 172.212.190.20:47021] AH0163 ... show more [Sat May 09 04:31:50.372903 2026] [authz_core:error] [pid 1193] [client 172.212.190.20:47021] AH01630: client denied by server configuration: /etc/httpd/htdocs [Sat May 09 04:31:50.495306 2026] [authz_core:error] [pid 1193] [client 172.212.190.20:47021] AH01630: client denied by server configuration: /etc/httpd/htdocs [Sat May 09 04:31:50.617446 2026] [authz_core:error] [pid 1193] [client 172.212.190.20:47021] AH01630: client denied by server configuration: /etc/httpd/htdocs ... show less	Web App Attack
🇪🇸 netfactotum	2026-05-09 02:31:05 (3 weeks ago)		Hacking Web App Attack
🇺🇦 URAN Publishing Service	2026-05-09 02:16:17 (3 weeks ago)	172.212.190.20 - - [09/May/2026:05:16:16 +0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 785 ... show more 172.212.190.20 - - [09/May/2026:05:16:16 +0300] "GET /wp-content/uploads/index.php HTTP/1.1" 404 785 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇧 catalink.com	2026-05-09 02:16:14 (3 weeks ago)	Brute forcing Wordpress login	Exploited Host Web App Attack
🇬🇧 Steve	2026-05-09 02:10:54 (3 weeks ago)	Attempts against non-existent wordpress site	Brute-Force Web App Attack
🇬🇧 Oakley	2026-05-09 02:10:20 (3 weeks ago)	(mod_security) mod_security (id:900191) triggered by 172.212.190.20 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900191) triggered by 172.212.190.20 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
Anonymous	2026-05-09 02:05:34 (3 weeks ago)	172.212.190.20 - - [08/May/2026:23:05:34 -0300] "GET /admin.php HTTP/1.1" 404 870 "-" "Mozilla/5.0 ( ... show more 172.212.190.20 - - [08/May/2026:23:05:34 -0300] "GET /admin.php HTTP/1.1" 404 870 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Port Scan
🇬🇧 sc user	2026-05-09 01:54:50 (3 weeks ago)	Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad ... show more Fail2Ban nginx: repeated suspicious HTTP requests consistent with automated probing, scanning or bad bot behaviour. Technical log details and local server identifiers intentionally omitted for privacy. show less	Bad Web Bot Web App Attack Port Scan
🇺🇸 walnuts	2026-05-09 01:51:20 (3 weeks ago)	Automated: Triggered nginx security jail (nginx-444) - probing blocked paths on web server	Bad Web Bot Web App Attack
🇫🇮 Christopher Hughes	2026-05-09 01:48:12 (3 weeks ago)	[Sat May 09 02:48:10.809288 2026] [proxy_fcgi:error] [pid 3121476:tid 140447540053568] [client 172.2 ... show more [Sat May 09 02:48:10.809288 2026] [proxy_fcgi:error] [pid 3121476:tid 140447540053568] [client 172.212.190.20:50679] AH01071: Got error 'Primary script unknown' [Sat May 09 02:48:10.954364 2026] [proxy_fcgi:error] [pid 3121476:tid 140446739183168] [client 172.212.190.20:50679] AH01071: Got error 'Primary script unknown' [Sat May 09 02:48:11.238423 2026] [proxy_fcgi:error] [pid 3121476:tid 140447267661376] [client 172.212.190.20:50679] AH01071: Got error 'Primary script unknown' [Sat May 09 02:48:11.381080 2026] [proxy_fcgi:error] [pid 3121476:tid 140446764361280] [client 172.212.190.20:50679] AH01071: Got error 'Primary script unknown' [Sat May 09 02:48:11.676667 2026] [proxy_fcgi:error] [pid 3121476:tid 140447284446784] [client 172.212.190.20:50679] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack

Showing 46 to 60 of 175 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 199.45.154.185

🇰🇷 175.198.62.180

🇫🇷 161.97.122.225

🇺🇸 147.182.241.81

🇨🇳 111.19.212.140

🇫🇷 91.196.152.18

🇺🇸 67.205.155.82

🇻🇳 36.50.55.254

🇬🇧 35.203.210.37

🇧🇪 34.76.178.2

🇺🇸 13.86.115.189

🇻🇳 171.231.176.86

🇭🇰 168.76.131.178

🇭🇰 156.238.236.179

🇺🇸 147.182.247.10

🇰🇷 116.125.120.27

🇵🇱 91.193.18.148

🇸🇬 13.212.204.154

🇸🇬 8.222.228.70

🇮🇸 213.181.107.100