JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.12.193.183

20.12.193.183 was found in our database!

This IP was reported 140 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.12.193.183

Whois 20.12.193.183

IP Abuse Reports for 20.12.193.183:

This IP address has been reported a total of 140 times from 115 distinct sources. 20.12.193.183 was first reported on June 18th 2026, and the most recent report was 11 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-19 22:28:51 (11 minutes ago)		Brute-Force Web App Attack
🇬🇷 setupgr	2026-06-19 16:40:56 (5 hours ago)	(mod_security) mod_security (id:1000001) triggered by 20.12.193.183 (US/United States/Iowa/Des Moine ... show more (mod_security) mod_security (id:1000001) triggered by 20.12.193.183 (US/United States/Iowa/Des Moines/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Fri Jun 19 19:40:51.895411 2026] [security2:error] [pid 2277:tid 2383] [client 20.12.193.183:2826] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/ioxi-o.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "93"] [id "1000001"] [msg "Bad file blocked: /ioxi-o.php"] [severity "CRITICAL"] [tag "security"] [hostname "pankoskal.gr"] [uri "/ioxi-o.php"] [unique_id "ajVxE1VjV5VR3hAZ4rn3NQAAAEo"] show less	Port Scan
🇮🇩 soc-yk	2026-06-19 16:30:11 (6 hours ago)	Type: suspicious_network_activity Risk: 66 Events: 377 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 66 Events: 377 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇫🇷 solution.it	2026-06-19 16:23:14 (6 hours ago)	[Fri Jun 19 18:23:13.315837 2026] [php7:error] [pid 1077635:tid 1077635] [client 20.12.193.183:6420] ... show more [Fri Jun 19 18:23:13.315837 2026] [php7:error] [pid 1077635:tid 1077635] [client 20.12.193.183:6420] script '/var/www/html/blog.solution.it/inputs.php' not found or unable to stat show less	Web App Attack
🇦🇹 penguin-solutions.at	2026-06-19 16:16:00 (6 hours ago)	Excessive 403/404 errors ...	Brute-Force Web App Attack
🇩🇪 macrob	2026-06-19 16:06:38 (6 hours ago)	2026/06/19 16:06:35 [error] 3055247#3055247: 316897123 access forbidden by rule, client: 20.12.193. ... show more 2026/06/19 16:06:35 [error] 3055247#3055247: 316897123 access forbidden by rule, client: 20.12.193.183, server: binixo.co, request: "GET /admin.php HTTP/2.0", host: "www.binixo.co" 2026/06/19 16:06:35 [error] 3055247#3055247: 316897127 access forbidden by rule, client: 20.12.193.183, server: binixo.co, request: "GET /wp-content/uploads/index.php HTTP/2.0", host: "www.binixo.co" 2026/06/19 16:06:37 [error] 3055247#3055247: 316897139 access forbidden by rule, client: 20.12.193.183, server: binixo.co, request: "GET /wp-admin/user.php HTTP/2.0", host: "www.binixo.co" ... show less	Web App Attack
🇫🇷 sthoyer.de	2026-06-19 15:40:11 (6 hours ago)	20.12.193.183 - - [19/Jun/2026:17:40:09 +0200] "GET /inputs.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 ( ... show more 20.12.193.183 - - [19/Jun/2026:17:40:09 +0200] "GET /inputs.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.193.183 - - [19/Jun/2026:17:40:10 +0200] "GET /ioxi-o.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.193.183 - - [19/Jun/2026:17:40:10 +0200] "GET /function/function.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 WizardsToolkit	2026-06-19 15:39:25 (7 hours ago)	attempted to access /404.php	Web App Attack
🇩🇪 pscriptos	2026-06-19 14:52:39 (7 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch	Web App Attack
🇺🇸 antlac1	2026-06-19 14:25:19 (8 hours ago)	crowdsecurity/http-admin-interface-probing	Brute-Force Web App Attack
🇩🇪 patrisei	2026-06-19 14:17:23 (8 hours ago)	You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-probing	Port Scan Web App Attack
🇩🇪 reznekcs	2026-06-19 14:15:56 (8 hours ago)	F2B apache-noscript ban. Logs: [Fri Jun 19 16:15:55.603400 2026] [proxy_fcgi:error] [pid 1285338] [c ... show more F2B apache-noscript ban. Logs: [Fri Jun 19 16:15:55.603400 2026] [proxy_fcgi:error] [pid 1285338] [client 20.12.193.183:0] AH01071: Got error 'Primary script unknown' [Fri Jun 19 16:15:55.761183 2026] [proxy_fcgi:error] [pid 1285338] [client 20.12.193.183:0] AH01071: Got error 'Primary script unknown' [Fri Jun 19 16:15:56.258815 2026] [proxy_fcgi:error] [pid 1288355] [client 20.12.193.183:0] AH01071: Got error 'Primary script unknown' show less	Web App Attack
🇺🇸 WellSpring	2026-06-19 13:50:46 (8 hours ago)	generic probe on 920.today/cgi-bin/ — WellSpr.ing/NetSentinel civic-AI security layer	Bad Web Bot
Anonymous	2026-06-19 13:49:16 (8 hours ago)	Fail2Ban wordpress-forbidden on Security-Instance. Persistent malicious activity detected. Evidence: ... show more Fail2Ban wordpress-forbidden on Security-Instance. Persistent malicious activity detected. Evidence: 2026/06/19 15:49:13 [error] 3842193#3842193: 109806 directory index of "/var/www/html/wordpress_main/wp-includes/html-api/" is forbidden, client: 20.12.193.183, server: dtalens.com, request: "GET /wp-includes/html-api/ HTTP/1.1", host: "dtalens.com" 2026/06/19 15:49:14 [error] 3842193#3842193: 109806 directory index of "/var/www/html/wordpress_main/wp-admin/css/colors/ectoplasm/" is forbidden, client: 20.12.193.183, server: dtalens.com, request: "GET /wp-admin/css/colors/ectoplasm/ HTTP/1.1", host: "dtalens.com" 2026/06/19 15:49:14 [error] 3842193#3842193: *109806 directory index of "/var/www/html/wordpress_main/wp-content/uploads/" is forbidden, client: 20.12.193.183, server: dtalens.com show less	Hacking Web App Attack
🇺🇸 ipblock.com	2026-06-19 13:19:00 (9 hours ago)	Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack

Showing 1 to 15 of 140 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 171.37.92.10

🇺🇸 147.185.132.153

🇳🇱 45.156.128.109

🇺🇸 44.228.50.38

🇰🇿 2.134.15.12

🇨🇳 222.219.131.47

🇺🇸 216.167.21.34

🇬🇧 198.244.226.84

🇹🇼 198.235.24.53

🇩🇪 167.94.146.61

🇪🇬 156.201.43.34

🇭🇰 152.32.129.154

🇺🇸 147.185.132.41

🇺🇸 135.237.127.63

🇨🇳 117.79.132.166

🇺🇸 109.105.210.59

🇺🇸 109.105.210.58

🇺🇸 107.174.196.144

🇫🇷 85.204.70.112

🇺🇸 66.132.195.66