JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.12.191.45

20.12.191.45 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.12.191.45

Whois 20.12.191.45

IP Abuse Reports for 20.12.191.45:

This IP address has been reported a total of 177 times from 160 distinct sources. 20.12.191.45 was first reported on May 21st 2026, and the most recent report was 16 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-21 22:04:55 (1 week ago)	[Fri May 22 00:04:54.715001 2026] [php7:error] [pid 6421] [client 20.12.191.45:20548] script '/var/w ... show more [Fri May 22 00:04:54.715001 2026] [php7:error] [pid 6421] [client 20.12.191.45:20548] script '/var/www/ight.php' not found or unable to stat ... show less	Web App Attack
🇩🇪 [email protected]	2026-05-21 22:02:01 (1 week ago)	Brute force 76 attempts	DDoS Attack SQL Injection Brute-Force SSH
🇫🇷 tecnicorioja	2026-05-21 22:00:59 (1 week ago)	wp-login attack [21/May/2026:20:47:31	Brute-Force Web App Attack
🇮🇩 sockominfo	2026-05-21 22:00:11 (1 week ago)	Webshell discovery success (Response: 200). Threat Score: 8.3/10 (HIGH). Reported by TangerangKota-C ... show more Webshell discovery success (Response: 200). Threat Score: 8.3/10 (HIGH). Reported by TangerangKota-CSIRT. Status: MALICIOUS show less	Hacking Email Spam
🇳🇱 homeshowdomain.nl	2026-05-21 21:59:26 (1 week ago)	Auto-ban: >3000 req/min op 2026-05-21	Web App Attack SSH Hacking
Anonymous	2026-05-21 21:57:43 (1 week ago)	20.12.191.45 - - [21/May/2026:23:53:35 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 20.12.191.45 - - [21/May/2026:23:53:35 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0" 404 119440 "-" "-" 20.12.191.45 - - [21/May/2026:23:53:39 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 119241 "-" "-" 20.12.191.45 - - [21/May/2026:23:57:24 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.0" 404 119440 "-" "-" 20.12.191.45 - - [21/May/2026:23:57:25 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 119234 "-" "-" 20.12.191.45 - - [21/May/2026:23:57:42 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 291 "-" "-" ... show less	Brute-Force Web App Attack
🇺🇸 chronos	2026-05-21 21:54:35 (1 week ago)	[AUTORAVALT][[21/05/2026 - 18:54:35 -03:00 UTC] Attack from [Microsoft Corporation] [20.12.191.45] A ... show more [AUTORAVALT][[21/05/2026 - 18:54:35 -03:00 UTC] Attack from [Microsoft Corporation] [20.12.191.45] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam -> CMS blog comment spam. Web App Attack -> Attempts to prob] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
🇨🇭 4server	2026-05-21 21:53:26 (1 week ago)	[ThuMay2123:53:20.3561102026][security2:error][pid1557056:tid1557077][client20.12.191.45:0]ModSecuri ... show more [ThuMay2123:53:20.3561102026][security2:error][pid1557056:tid1557077][client20.12.191.45:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"442\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"autodiscover.hostingedominio.ch\"][uri\"/wp-content/plugins/hellopress/wp_filemanager.php\"][unique_id\"ag9-0OGTqqsv1MPNpCIhLQAAAJM\"] show less	Hacking Web App Attack
🇩🇪 0x44	2026-05-21 21:50:02 (1 week ago)	Web probing * backdoors/webshells with missing User-Agent	Bad Web Bot Web App Attack
Anonymous	2026-05-21 21:48:28 (1 week ago)		Web App Attack Port Scan
🇺🇸 canine.tools	2026-05-21 21:47:03 (1 week ago)	[fail2ban Auto Report] {"time":"2026-05-21T17:47:02.598370302-04:00","level":"INFO","source":{"funct ... show more [fail2ban Auto Report] {"time":"2026-05-21T17:47:02.598370302-04:00","level":"INFO","source":{"function":"github.com/TecharoHQ/anubis/lib.(*Server).checkRules","file":"/Users/cadey/Code/TecharoHQ/botstopper/upstream/anubis/lib/anubis.go","line":309},"msg":"explicit deny","subsystem":"anubis","host":"wikiless.canine.tools","method":"GET","path":"/wp-content/plugins/hellopress/wp_filemanager.php","user_agent":"","accept_language":"","priority":"","x-forwarded-for":"20.12.191.45","x-real-ip":"20.12.191.45","host":"wikiless.canine.tools","check_result":{"name":"bot/no-user-agent-string","rule":"DENY","weight":0}} ... show less	Bad Web Bot
Anonymous	2026-05-21 21:45:02 (1 week ago)	Brute Force attempts	Brute-Force Exploited Host
Anonymous	2026-05-21 21:42:03 (1 week ago)	Unauthorized SSH login attempts	Brute-Force SSH
🇩🇪 maxpower	2026-05-21 21:39:28 (1 week ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.12.191.45 (US/United States/-): 1 in the l ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.12.191.45 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.12.191.45 - - [21/May/2026:23:39:23 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 200 11926 "-" "-" "20.12.191.45" host=consorzioaet.it show less	Port Scan
🇺🇸 jcbriar	2026-05-21 21:38:34 (1 week ago)	Searching for vulnerable scripts	Hacking Web App Attack

Showing 31 to 45 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.87.242.107

🇮🇳 139.59.30.229

🇨🇴 45.179.200.156

🇵🇰 39.32.39.132

🇳🇱 195.178.110.30

🇬🇧 193.163.125.87

🇻🇪 186.96.74.216

🇩🇪 185.220.101.177

🇨🇴 181.234.29.66

🇧🇷 168.181.49.236

🇮🇩 103.84.5.9

🇷🇴 80.94.92.186

🇩🇿 41.111.218.240

🇨🇳 14.103.113.212

🇮🇳 202.53.94.246

🇺🇸 195.184.76.245

🇮🇳 182.95.111.46

🇨🇳 180.153.236.58

🇳🇱 176.65.139.130

🇺🇸 162.216.149.241