JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.63.8.12

20.63.8.12 was found in our database!

This IP was reported 919 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.63.8.12

Whois 20.63.8.12

IP Abuse Reports for 20.63.8.12:

This IP address has been reported a total of 919 times from 448 distinct sources. 20.63.8.12 was first reported on June 22nd 2026, and the most recent report was 20 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇱 n33	2026-06-26 17:33:16 (20 minutes ago)	Attack detected detected by fail2ban. Service: nginx-ghost-upstream. Banned after 3 failed attempts.	Hacking Web App Attack
Anonymous	2026-06-26 17:20:29 (32 minutes ago)	20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php H ... show more 20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 20733 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 20695 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /inputs.php HTTP/1.1" 404 20657 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /admin.php HTTP/1.1" 404 20655 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:28 +0000] "GET /goods.php HTTP/1.1" 404 20655 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:29 +0000] "GET /file.php HTTP/1.1" 404 20653 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:29 +0000] "GET /adminfuns.php HTTP/1.1" 404 20663 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:29 +0000] "GET /404.php HTTP/1.1" 404 20651 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:29 +0000] "GET /wk/index.php HTTP/1.1" 404 20661 "-" "-" "-" 20.63.8.12 - - [26/Jun/2026:17:20:29 +0000] "GET /about.php HTTP/1.1" 404 20655 "-" "-" "-" ... show less	Port Scan Brute-Force
🇫🇮 Christopher Hughes	2026-06-26 17:15:47 (37 minutes ago)	[Fri Jun 26 18:15:46.548126 2026] [proxy_fcgi:error] [pid 1188033:tid 139822207309376] [client 20.63 ... show more [Fri Jun 26 18:15:46.548126 2026] [proxy_fcgi:error] [pid 1188033:tid 139822207309376] [client 20.63.8.12:13893] AH01071: Got error 'Primary script unknown' [Fri Jun 26 18:15:46.677671 2026] [proxy_fcgi:error] [pid 1188033:tid 139822775862848] [client 20.63.8.12:13893] AH01071: Got error 'Primary script unknown' [Fri Jun 26 18:15:46.934121 2026] [proxy_fcgi:error] [pid 1188033:tid 139822767470144] [client 20.63.8.12:13893] AH01071: Got error 'Primary script unknown' [Fri Jun 26 18:15:47.074084 2026] [proxy_fcgi:error] [pid 1188033:tid 139822249272896] [client 20.63.8.12:13893] AH01071: Got error 'Primary script unknown' [Fri Jun 26 18:15:47.330897 2026] [proxy_fcgi:error] [pid 1188033:tid 139822098269760] [client 20.63.8.12:13893] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇩🇪 enjoyably	2026-06-26 17:02:32 (50 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇩🇪 4server	2026-06-26 16:56:56 (56 minutes ago)	[FriJun2618:56:53.0419382026][security2:error][pid2950634:tid2950710][client20.63.8.12:0]ModSecurity ... show more [FriJun2618:56:53.0419382026][security2:error][pid2950634:tid2950710][client20.63.8.12:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"wp-content/uploads/.\*\\\\\\\\.ph\(\?:p\\|tml\\|t\)\"atREQUEST_FILENAME.[file\"/etc/apache2/conf.d/modsec_rules/99_asl_jitp.conf\"][line\"5100\"][id\"382238\"][rev\"2\"][msg\"Atomicorp.comWAFRules-VirtualJustInTimePatch:PHPfileexecutioninuploadsdirectorydenied\"][data\"wp-content/uploads/index.php\"][severity\"CRITICAL\"][hostname\"thilyatecnologie.ch\"][uri\"/wp-content/uploads/index.php\"][unique_id\"aj6vVf_3iKT2DWl_I01FdgAAAMY\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 Kreapptivo	2026-06-26 16:41:53 (1 hour ago)	[26/Jun/2026:18:41:51 +0200] Web-Request: "GET /wp-content/plugins/hellopress/wp_filemanager.php", U ... show more [26/Jun/2026:18:41:51 +0200] Web-Request: "GET /wp-content/plugins/hellopress/wp_filemanager.php", User-Agent: "-" [26/Jun/2026:18:41:52 +0200] Web-Request: "GET /wp-content/plugins/hellopress/wp_filemanager.php", User-Agent: "-" show less	Bad Web Bot Web App Attack
🇳🇱 JCB	2026-06-26 16:40:00 (1 hour ago)	20.63.8.12 - - [25/Jun/2026:15:18:34 +0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 456 "- ... show more 20.63.8.12 - - [25/Jun/2026:15:18:34 +0300] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 456 "-" "-" 20.63.8.12 - - [25/Jun/2026:15:18:34 +0300] "GET /inputs.php HTTP/1.1" 404 456 "-" "-" ... show less	Web App Attack
🇫🇮 Christopher Hughes	2026-06-26 16:36:46 (1 hour ago)	[Fri Jun 26 17:36:44.228493 2026] [proxy_fcgi:error] [pid 1188033:tid 139822081484352] [client 20.63 ... show more [Fri Jun 26 17:36:44.228493 2026] [proxy_fcgi:error] [pid 1188033:tid 139822081484352] [client 20.63.8.12:12837] AH01071: Got error 'Primary script unknown' [Fri Jun 26 17:36:44.362159 2026] [proxy_fcgi:error] [pid 1188033:tid 139822224094784] [client 20.63.8.12:12837] AH01071: Got error 'Primary script unknown' [Fri Jun 26 17:36:44.759958 2026] [proxy_fcgi:error] [pid 1188033:tid 139821167138368] [client 20.63.8.12:12837] AH01071: Got error 'Primary script unknown' [Fri Jun 26 17:36:44.894112 2026] [proxy_fcgi:error] [pid 1188033:tid 139822792648256] [client 20.63.8.12:12837] AH01071: Got error 'Primary script unknown' [Fri Jun 26 17:36:45.207830 2026] [proxy_fcgi:error] [pid 1188033:tid 139822207309376] [client 20.63.8.12:12837] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
Anonymous	2026-06-26 16:24:36 (1 hour ago)	wp admin page access attempt ...	Hacking Web App Attack
Anonymous	2026-06-26 16:18:31 (1 hour ago)	Aggressive Robot or Attack DDOS	DDoS Attack
🇩🇪 macrob	2026-06-26 15:40:06 (2 hours ago)	2026/06/26 15:40:03 [error] 4133851#4133851: 332368581 access forbidden by rule, client: 20.63.8.12 ... show more 2026/06/26 15:40:03 [error] 4133851#4133851: 332368581 access forbidden by rule, client: 20.63.8.12, server: binixo.mx, request: "GET /admin.php HTTP/1.1", host: "binixo.mx" 2026/06/26 15:40:03 [error] 4133851#4133851: 332368581 access forbidden by rule, client: 20.63.8.12, server: binixo.mx, request: "GET /wp-content/uploads/index.php HTTP/1.1", host: "binixo.mx" 2026/06/26 15:40:04 [error] 4133851#4133851: 332368581 access forbidden by rule, client: 20.63.8.12, server: binixo.mx, request: "GET /wp-admin/user/index.php HTTP/1.1", host: "binixo.mx" ... show less	Web App Attack
🇫🇷 pm33	2026-06-26 15:36:36 (2 hours ago)	Probing for resource vulnerabilities HTTP(S)	Web App Attack
🇫🇷 lindi	2026-06-26 15:36:09 (2 hours ago)	Probing for resource vulnerabilities ...	Web Spam Brute-Force Bad Web Bot Exploited Host Web App Attack
🇨🇭 Mario Bretscher	2026-06-26 15:24:17 (2 hours ago)	[Fri Jun 26 17:24:15.989503 2026] [php:error] [pid 193753] [client 20.63.8.12:57427] script '/var/ww ... show more [Fri Jun 26 17:24:15.989503 2026] [php:error] [pid 193753] [client 20.63.8.12:57427] script '/var/www/html/this_is_a_new_hello_world.php' not found or unable to stat [Fri Jun 26 17:24:16.094756 2026] [php:error] [pid 193753] [client 20.63.8.12:57427] script '/var/www/html/inputs.php' not found or unable to stat [Fri Jun 26 17:24:16.287912 2026] [php:error] [pid 193753] [client 20.63.8.12:57427] script '/var/www/html/admin.php' not found or unable to stat ... show less	Web App Attack
🇫🇷 LRNP	2026-06-26 15:09:52 (2 hours ago)	_:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /a7.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8 ... show more _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /a7.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /manager.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /w1.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /wp-includes/fonts/ HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /wp-login.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:14:59:46 +0000] "GET /default.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:15:09:50 +0000] "GET /wp-admin/maint/index.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:15:09:50 +0000] "GET /wp-content/uploads/min.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:15:09:52 +0000] "GET /zoom1.php HTTP/1.1" 404 146 "-" "-" _:80 20.63.8.12 - - [26/Jun/2026:15:09:52 +0000] "GET /lock360.php HTTP/1.1" 404 146 "-" "-" ... show less	Bad Web Bot Web App Attack

Showing 1 to 15 of 919 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 213.209.159.242

🇪🇸 90.162.116.66

🇺🇸 69.133.27.137

🇧🇷 190.115.84.25

🇧🇷 177.89.18.235

🇨🇳 171.113.163.245

🇲🇽 148.222.11.43

🇲🇦 102.52.144.254

🇨🇦 85.217.149.15

🇩🇪 69.5.169.51

🇺🇸 50.31.205.10

🇺🇸 34.148.156.74

🇺🇸 24.96.129.53

🇨🇳 221.235.197.248

🇩🇪 167.94.145.19

🇸🇬 157.230.42.17

🇨🇳 124.174.17.2

🇮🇩 118.99.114.224

🇺🇸 103.143.239.193

🇳🇱 45.154.98.112