JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.12.204.106

20.12.204.106 was found in our database!

This IP was reported 447 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.12.204.106

Whois 20.12.204.106

IP Abuse Reports for 20.12.204.106:

This IP address has been reported a total of 447 times from 181 distinct sources. 20.12.204.106 was first reported on April 18th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 nzhost.co.nz	2026-04-18 21:39:34 (1 month ago)	$f2bV_matches	Hacking Brute-Force
🇺🇸 jormaster3k	2026-04-18 21:37:53 (1 month ago)	Attack against Apache (too many 404s)	Web App Attack
🇩🇪 stinpriza	2026-04-18 21:35:44 (1 month ago)	Web App Attack	Web App Attack
Anonymous	2026-04-18 21:33:06 (1 month ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇨🇦 polycoda	2026-04-18 21:22:21 (1 month ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - ❌ Excessive 40X Errors (Decay-Based)	Hacking Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-04-18 21:14:56 (1 month ago)	Excessive 404/403 errors	Brute-Force
🇨🇭 Origon	2026-04-18 21:05:21 (1 month ago)	http-backdoors-attempts - IP: 20.12.204.106 - time="2026-04-18T23:05:21+02:00" level=info msg="(555 ... show more http-backdoors-attempts - IP: 20.12.204.106 - time="2026-04-18T23:05:21+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-backdoors-attempts by ip 20.12.204.106 (US/8075) : 4h ban on Ip 20.12.204.106" module=db show less	Web App Attack
🇫🇷 dynamix	2026-04-18 20:44:18 (1 month ago)	Multiple WAF Violations	Web App Attack
🇩🇪 4server	2026-04-18 20:41:02 (1 month ago)	[SatApr1822:40:58.2094652026][security2:error][pid3493135:tid3493157][client20.12.204.106:0]ModSecur ... show more [SatApr1822:40:58.2094652026][security2:error][pid3493135:tid3493157][client20.12.204.106:0]ModSecurity:Accessdeniedwithcode403$phase1$.Patternmatch\"$\?i$$\?:/\(\?:\^\\|/$\\\\\\\\.$env\\|git\\|svn\\|hg\\|DS_Store$\\|/$\?:wp-config\\|\\\\\\\\.htaccess\\|\\\\\\\\.htpasswd$\\|\\\\\\\\.$\?:sql\\|bak\\|old\\|log$\$\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"156\"][id\"960720\"][msg\"Forbiddenfileaccessattempt\"][severity\"CRITICAL\"][hostname\"archi-box.ch\"][uri\"/wp-config-sample.php\"][unique_id\"aePsWniX59CsmSOTwDdiLwAAAE0\"] show less	Port Scan Brute-Force Web App Attack
🇫🇷 Octopuce	2026-04-18 20:29:02 (1 month ago)	Aggressive web search of vulnerable pages: /admin.php /inputs.php /file.php /goods.php /ms-edit.php ... show more Aggressive web search of vulnerable pages: /admin.php /inputs.php /file.php /goods.php /ms-edit.php /simple.php /bgymj.php /wp-content/plugins/ ... show less	Web App Attack
🇱🇻 garmtech.com	2026-04-18 19:45:45 (1 month ago)	IM360 WAF: Block abusive scripts MV:/wp-admin/maint/index.php	Web App Attack
🇮🇹 VHosting	2026-04-18 19:40:03 (1 month ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 436 to 447 of 447 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 186.96.145.241

🇲🇲 116.206.193.45

🇵🇰 203.215.167.190

🇩🇪 194.88.98.101

🇩🇪 194.88.98.85

🇧🇷 177.23.233.83

🇩🇪 141.11.107.166

🇨🇳 114.138.99.251

🇻🇳 112.197.241.94

🇺🇸 66.132.186.252

🇺🇸 66.132.172.98

🇳🇱 45.8.17.41

🇫🇷 31.36.163.95

🇩🇪 194.164.59.59

🇺🇸 192.3.52.177

🇫🇷 173.212.228.191

🇮🇹 172.253.13.153

🇺🇸 162.144.204.18

🇰🇪 102.210.43.38

🇫🇮 89.167.30.117