JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.12.204.106

20.12.204.106 was found in our database!

This IP was reported 448 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.12.204.106

Whois 20.12.204.106

IP Abuse Reports for 20.12.204.106:

This IP address has been reported a total of 448 times from 182 distinct sources. 20.12.204.106 was first reported on April 18th 2026, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-05-04 12:43:49 (4 weeks ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 ipblock.com	2026-05-04 11:52:00 (4 weeks ago)	IPBlock protected site ID [4730-fr]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇫🇮 YF	2026-05-04 11:01:45 (4 weeks ago)	WordPress directory enumeration	Web App Attack
🇪🇸 el-brujo	2026-05-04 10:57:01 (4 weeks ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: www.elhacker.net userAgent: Mozilla/ ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: www.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: Microsoft Corporation Country: US Method: GET Timestamp: 2026-05-04T10:57:01Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇳🇱 Site.eu	2026-05-04 09:57:18 (4 weeks ago)	Excessive 404/403 errors	Brute-Force
🇺🇸 mawan	2026-05-04 08:08:58 (4 weeks ago)	Suspected of having performed illicit activity on LAX server.	Web App Attack
🇹🇭 MWA SOC	2026-05-04 07:23:34 (4 weeks ago)		Hacking
🇬🇧 consul.to	2026-05-04 05:18:52 (4 weeks ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 jormaster3k	2026-05-04 03:55:35 (4 weeks ago)	Attack against Apache (too many 404s)	Web App Attack
🇪🇸 el-brujo	2026-05-04 03:43:31 (4 weeks ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 Action: managed_challenge Source: firewallManaged ASN Description: Microsoft Corporation Country: US Method: GET Timestamp: 2026-05-04T03:43:31Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-05-04 03:43:24 (4 weeks ago)	[Mon May 04 05:43:24.119229 2026] [proxy_fcgi:error] [pid 3769733:tid 3769803] [remote 20.12.204.106 ... show more [Mon May 04 05:43:24.119229 2026] [proxy_fcgi:error] [pid 3769733:tid 3769803] [remote 20.12.204.106:0] AH01071: Got error 'Primary script unknown\n' [Mon May 04 05:43:24.292206 2026] [proxy_fcgi:error] [pid 3769733:tid 3769789] [remote 20.12.204.106:0] AH01071: Got error 'Primary script unknown\n' ... show less	Hacking Web App Attack
🇩🇪 h7ex	2026-05-04 01:15:20 (1 month ago)	Attempted execution of scripts via Apache (noscripts) (Jail: apache-noscript)	Hacking Exploited Host
🇵🇱 wHosts	2026-05-04 01:06:43 (1 month ago)	Blocked by Fail2Ban	Web App Attack
🇺🇸 Player Unknown	2026-05-04 00:36:12 (1 month ago)	20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /100.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Wind ... show more 20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /100.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /elp.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /ftde.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /test1.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.204.106 - - [03/May/2026:17:36:11 -0700] "GET /wp-temp.php HTTP/1.1" 404 47 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.12.204.106 ... show less	Brute-Force SSH
🇩🇪 Reinhard	2026-05-04 00:21:28 (1 month ago)	Software package attack. /100.php	Web App Attack

Showing 76 to 90 of 448 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.122.41.58

🇵🇭 157.20.142.3

🇰🇷 121.142.244.108

🇨🇳 111.228.48.124

🇮🇩 103.154.77.48

🇺🇸 64.62.156.222

🇩🇪 43.131.55.89

🇷🇺 213.183.120.56

🇺🇸 172.253.242.125

🇺🇸 172.202.92.73

🇩🇪 164.92.176.202

🇨🇳 120.79.178.220

🇳🇱 91.92.243.20

🇳🇱 86.89.218.186

🇫🇷 85.217.140.11

🇫🇷 82.25.113.235

🇷🇴 80.94.92.168

🇩🇪 2a01:4f8:150:13a5::100:2d

🇺🇸 2607:ff10:c8:594::c

🇺🇸 216.25.89.80