JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.38.12.56

20.38.12.56 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Phoenix, Arizona

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.38.12.56

Whois 20.38.12.56

IP Abuse Reports for 20.38.12.56:

This IP address has been reported a total of 79 times from 49 distinct sources. 20.38.12.56 was first reported on February 19th 2026, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇳 evicky2002	2026-05-06 06:00:00 (1 month ago)	Confirmed malicious by STILWaters CTI platform (score=85, sources=3)	Hacking Brute-Force SSH
🇩🇪 ghostwarriors	2026-04-01 00:56:00 (2 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇮🇹 ciccio diddo	2026-03-15 11:39:05 (3 months ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇮🇹 alph44	2026-03-15 09:21:17 (3 months ago)	(mod_security) mod_security (id:949110) triggered by 20.38.12.56 (US/United States/-): 5 in the last ... show more (mod_security) mod_security (id:949110) triggered by 20.38.12.56 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: show less	Web App Attack
🇮🇹 mauri64	2026-03-15 07:30:06 (3 months ago)	lfd - (mod_security) mod_security (id:949110) triggered by 20.38.12.56 (-): 5 in the last 3600 secs	Brute-Force
🇧🇪 cmbplf	2026-03-15 03:36:25 (3 months ago)	144 requests with url.path *.env	Brute-Force Bad Web Bot
🇮🇹 pantanet	2026-03-15 02:45:09 (3 months ago)	Fail2Ban nginx jail: nginx-badbots	Port Scan Hacking Brute-Force
🇮🇹 www.tana.it	2026-03-14 23:50:20 (3 months ago)	PHP scan	Web App Attack
🇮🇹 NonOggiCaroMio	2026-03-14 23:14:10 (3 months ago)	Arruso ca si: crowdsecurity/http-admin-interface-probing	Brute-Force
🇫🇷 service Informatique	2026-03-14 04:00:37 (3 months ago)	GET /prod/.env	Web App Attack
🇫🇷 Murazaki	2026-03-13 23:42:51 (3 months ago)	charif.fr 20.38.12.56 - - [13/Mar/2026:05:17:09 +0100] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_red ... show more charif.fr 20.38.12.56 - - [13/Mar/2026:05:17:09 +0100] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D%22%22+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 503 190 "-" "-" "-" ... show less	Hacking
🇹🇷 rtbh.com.tr	2026-03-13 20:12:02 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 interbiznw.com	2026-03-13 15:47:16 (3 months ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇫🇷 LRob.fr	2026-03-13 07:30:09 (3 months ago)	WAF repeated trigger detected by Fail2Ban in plesk-modsecurity jail	Web App Attack
🇫🇷 Guardian	2026-03-13 05:39:21 (3 months ago)	Multi abuses [2]: Unauthorized connection attempt / Port scanning (x7), Unauthorized attempt to retr ... show more Multi abuses [2]: Unauthorized connection attempt / Port scanning (x7), Unauthorized attempt to retrieve configuration file (x3) 20.38.12.56 [13/Mar/2026:05:39:13] "GET / HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:14] "GET /_profiler/phpinfo.php HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:15] "GET /phpinfo HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:16] "GET /_profiler/phpinfo HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:17] "GET /info HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:18] "GET /phpinfo.php HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:19] "GET /info.php HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:20] "GET /.env HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:20] "GET /.env.production HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:20] "GET /application/.env HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:14] "GET / HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:14] "GET /_profiler/phpinfo.php HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:15] "GET /phpinfo HTTP/1.1" 20.38.12.56 [13/Mar/2026:05:39:16] "GET /_profiler/phpinfo HTTP/1.1" 20.38.12.56 [13/Ma show less	Port Scan Web App Attack

Showing 1 to 15 of 79 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 204.76.203.212

🇨🇦 216.26.250.205

🇺🇸 167.148.85.182

🇳🇱 160.119.71.106

🇺🇸 147.185.132.137

🇱🇹 141.98.9.45

🇨🇳 123.158.253.240

🇯🇵 43.153.168.175

🇩🇴 38.199.103.245

🇺🇸 18.217.208.51

🇦🇷 2800:1e0:1030:204:9999::165

🇳🇱 185.223.235.32

🇬🇧 185.44.67.83

🇨🇳 182.43.235.75

🇬🇧 172.70.91.227

🇺🇸 154.17.24.194

🇵🇭 124.107.100.72

🇲🇾 121.121.139.118

🇨🇳 112.28.130.136

🇨🇳 60.188.249.64