JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.104.205.212

20.104.205.212 was found in our database!

This IP was reported 296 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.104.205.212

Whois 20.104.205.212

IP Abuse Reports for 20.104.205.212:

This IP address has been reported a total of 296 times from 247 distinct sources. 20.104.205.212 was first reported on June 16th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-17 13:05:53 (1 hour ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇫🇷 geot	2026-06-17 12:13:45 (2 hours ago)	WordPress scanning bot	Hacking Bad Web Bot Web App Attack
🇭🇺 DumaNet	2026-06-17 07:46:00 (6 hours ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 16. 20:18:55 Source IP: 20.104 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 16. 20:18:55 Source IP: 20.104.205.212 Portion of the log(s): 20.104.205.212 - [16/Jun/2026:20:18:54 +0200] "GET /file58.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:54 +0200] "GET /bel.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:54 +0200] "GET /bgymj.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:54 +0200] "GET /wp-admin/css/colors/midnight/about.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 +0200] "GET /xstelth.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 +0200] "GET /waf.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 +0200] "GET /jj.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 +0200] "GET /wp-admin/css/colors/sunrise/ HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 +0200] "GET /ddd.php HTTP/1.1" 404 153 "-" "-" 20.104.205.212 - [16/Jun/2026:20:18:53 show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-17 05:14:04 (9 hours ago)	143 attacks on PHP URLs: GET /flower.php HTTP/1.1	Web App Attack
🇩🇪 SiyCah	2026-06-17 03:00:02 (11 hours ago)	IP banned by fail2ban; banned in jail apache-auth. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇩🇪 Spiderpiggy	2026-06-17 01:17:55 (13 hours ago)	Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoi ... show more Automatically reported via Blackhole honeypot on games4you.be. Attempted access to restricted endpoint: /wp-content/uploads/ show less	Brute-Force Bad Web Bot SSH
🇬🇧 andypiper	2026-06-17 01:02:14 (13 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇩🇪 Philister11	2026-06-17 00:35:07 (13 hours ago)	CrowdSec: crowdsecurity/http-crawl-non_statics (CA/AS8075)	Bad Web Bot Web App Attack
🇩🇪 hbrks	2026-06-17 00:29:29 (13 hours ago)	146 attack(s) detected, such as these: {"event":"web_block","ip":"20.104.205.212","host":"intellicis ... show more 146 attack(s) detected, such as these: {"event":"web_block","ip":"20.104.205.212","host":"intellicis.art","request":"GET /wp-tivate.php HTTP/1.1","user_agent":"","reason":"Status-503","timestamp":"2026-06-17T00:29:29 00:00","logentry":"intellicis.art 20.104.205.212 - - [17/Jun/2026:00:29:29 0000] \"GET /wp-tivate.php HTTP/1.1\" 503 190 \"-\" \"-\" \"-\""} * Report Details : https://p4u.xyz/731Y3514QYU/1 IP Details *: https://p4u.xyz/731Y3514QYU/2 show less	Web Spam Hacking Bad Web Bot
🇺🇸 mnsf	2026-06-17 00:26:17 (13 hours ago)	Too many Status 40X (65) Request Overload (134)	Brute-Force Web App Attack
🇺🇸 chronos	2026-06-17 00:13:14 (14 hours ago)	[AUTORAVALT][[16/06/2026 - 21:13:13 -03:00 UTC] Attack from [Microsoft Corporation] [20.104.205.212] ... show more [AUTORAVALT][[16/06/2026 - 21:13:13 -03:00 UTC] Attack from [Microsoft Corporation] [20.104.205.212] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software] ... show less	Hacking Web App Attack
Anonymous	2026-06-17 00:09:56 (14 hours ago)	PSCSERV WPSCAN 20.104.205.212	Bad Web Bot Web App Attack
🇫🇷 Sebbabas	2026-06-17 00:05:03 (14 hours ago)	\[Wed Jun 17 02:05:01.694011 2026\] \[:error\] \[pid 28730\] \[client 20.104.205.212:43685\] script ... show more \[Wed Jun 17 02:05:01.694011 2026\] \[:error\] \[pid 28730\] \[client 20.104.205.212:43685\] script \'/home/www/www_cgtlogistics/this_is_a_new_hello_world.php\' not found or unable to stat ... show less	FTP Brute-Force Port Scan Brute-Force Web App Attack SSH
🇩🇪 seal	2026-06-17 00:03:41 (14 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	SSH Brute-Force
🇩🇪 Séfora Srl	2026-06-17 00:02:30 (14 hours ago)	Web App Attack with different attempts on Apache - detected by Fail2Ban in plesk-apache jail	Web App Attack

Showing 1 to 15 of 296 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.30.42.43

🇱🇹 81.30.98.144

🇸🇬 47.84.138.210

🇯🇵 47.79.32.184

🇩🇪 44.146.172.158

🇷🇴 2.57.121.112

🇺🇸 174.35.25.179

🇳🇱 142.93.140.74

🇮🇳 124.123.148.252

🇺🇸 66.132.186.216

🇺🇸 44.73.104.85

🇺🇸 204.44.67.103

🇪🇬 196.202.24.44

🇸🇪 193.151.189.174

🇷🇴 193.46.255.86

🇨🇳 60.191.221.172

🇪🇨 45.184.226.43

🇮🇩 36.69.144.192

🇧🇷 177.19.145.25

🇨🇳 123.123.204.192