JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.12.204.106

20.12.204.106 was found in our database!

This IP was reported 448 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.12.204.106

Whois 20.12.204.106

IP Abuse Reports for 20.12.204.106:

This IP address has been reported a total of 448 times from 182 distinct sources. 20.12.204.106 was first reported on April 18th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 S.O.B.A. Dev.	2026-04-19 02:52:04 (1 month ago)	Threat Blocked by BeeHive from (ASN:8075) (Network:MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporati ... show more Threat Blocked by BeeHive from (ASN:8075) (Network:MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) (Host:soba.dev) (Method:GET) (Protocol:HTTP/1.1) (Timestamp:2026-04-19T02:52:04Z) show less	Brute-Force Web Spam Web App Attack
🇬🇧 cybersteve99	2026-04-19 02:48:09 (1 month ago)	Too many 4xx Requests -	Brute-Force Web App Attack
🇫🇷 solution.it	2026-04-19 02:37:05 (1 month ago)	[Sun Apr 19 04:37:04.804407 2026] [php7:error] [pid 698172:tid 698172] [client 20.12.204.106:18519] ... show more [Sun Apr 19 04:37:04.804407 2026] [php7:error] [pid 698172:tid 698172] [client 20.12.204.106:18519] script '/var/www/html/blog.solution.it/rip.php' not found or unable to stat show less	Web App Attack
🇧🇪 taivas.nl	2026-04-19 02:32:10 (1 month ago)	Site scraper	Web App Attack
🇺🇸 ipblock.com	2026-04-19 02:30:00 (1 month ago)	IPBlock protected site ID [3390-wh]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇫🇷 mrcrassi	2026-04-19 02:29:59 (1 month ago)	Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /vx.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 macrob	2026-04-19 02:21:55 (1 month ago)	2026/04/19 02:21:46 [error] 1077931#1077931: 161913599 access forbidden by rule, client: 20.12.204. ... show more 2026/04/19 02:21:46 [error] 1077931#1077931: 161913599 access forbidden by rule, client: 20.12.204.106, server: fastcredit.net.ua, request: "GET /wp-content/plugins/twenty/login.php HTTP/2.0", host: "fastcredit.net.ua" 2026/04/19 02:21:47 [error] 1077928#1077928: 161908972 access forbidden by rule, client: 20.12.204.106, server: fastcredit.net.ua, request: "GET /.dj/index.php HTTP/2.0", host: "fastcredit.net.ua" 2026/04/19 02:21:54 [error] 1077928#1077928: 161913572 access forbidden by rule, client: 20.12.204.106, server: fastcredit.net.ua, request: "GET /wp-content/index.php HTTP/2.0", host: "fastcredit.net.ua" ... show less	Web App Attack
🇩🇪 LRob.fr	2026-04-19 02:15:04 (1 month ago)	Repeated 403 errors, blocked by Fail2ban in custom-403 jail	Bad Web Bot
🇺🇸 koinkash.org	2026-04-19 02:09:05 (1 month ago)	They are fraudulent. Malicious threat actor requesting php file /rip.php	Web App Attack
🇨🇭 Justin Case	2026-04-19 02:00:09 (1 month ago)	Automatically blocked by server	Fraud Orders
🇺🇸 kosada.com	2026-04-19 01:57:52 (1 month ago)	Web vulnerability probing: /goods.php	Web App Attack
🇺🇸 Epimetheus	2026-04-19 01:54:30 (1 month ago)	Unauthorized access attempts: [GET] /wp-admin/maint/index.php [GET] /wp-good.php [GET] /a.php [GET] ... show more Unauthorized access attempts: [GET] /wp-admin/maint/index.php [GET] /wp-good.php [GET] /a.php [GET] /index/function.php [GET] /bolt.php [GET] /ws38.php [GET] /wp-content/plugins/twenty/login.php [GET] /bgymj.php [GET] /leaf.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇺🇸 chronos	2026-04-19 01:43:03 (1 month ago)	[AUTORAVALT][[18/04/2026 - 22:43:03 -03:00 UTC] Attack from [Microsoft Corporation] [20.12.204.106] ... show more [AUTORAVALT][[18/04/2026 - 22:43:03 -03:00 UTC] Attack from [Microsoft Corporation] [20.12.204.106] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software ] ... show less	Hacking Web App Attack
🇬🇧 masterguru	2026-04-19 01:38:32 (1 month ago)	Too much 404 requests in 1 minute. Operator GE matched 20 at IP:block_script. (46020-185)	Hacking
Anonymous	2026-04-19 01:37:05 (1 month ago)	Automated report (2026-04-18T21:37:06-04:00). Caught probing for webshells/backdoors. Host might be ... show more Automated report (2026-04-18T21:37:06-04:00). Caught probing for webshells/backdoors. Host might be compromised. show less	Hacking Exploited Host Web App Attack Open Proxy

Showing 361 to 375 of 448 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a00:1450:4009:c0f::120

🇺🇸 100.29.192.88

🇩🇪 69.5.169.76

🇺🇸 50.63.12.26

🇷🇺 31.173.30.232

🇬🇧 5.226.140.59

🇰🇷 222.239.251.12

🇲🇽 201.123.175.164

🇨🇴 190.157.13.210

🇬🇧 185.216.145.182

🇸🇪 171.25.158.70

🇻🇳 165.154.229.58

🇨🇳 106.12.43.166

🇵🇰 72.255.17.214

🇳🇱 45.148.10.141

🇺🇸 5.175.181.194

🇳🇱 195.178.110.30

🇳🇱 193.176.31.233

🇲🇽 189.145.73.168

🇺🇸 162.216.150.25