JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.29.68.224

20.29.68.224 was found in our database!

This IP was reported 322 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.29.68.224

Whois 20.29.68.224

IP Abuse Reports for 20.29.68.224:

This IP address has been reported a total of 322 times from 272 distinct sources. 20.29.68.224 was first reported on May 29th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Holger	2026-06-04 11:13:52 (2 hours ago)	WordPress WebAttack	Brute-Force Web App Attack
Anonymous	2026-06-01 07:59:24 (3 days ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (47/60 min)'; Requests=47	Port Scan
🇷🇴 andreighitan	2026-06-01 00:00:00 (3 days ago)	Coordinated Azure webshell scanning campaign against 84.46.253.134. Active May-Jun 2026. ZAC Bayern ... show more Coordinated Azure webshell scanning campaign against 84.46.253.134. Active May-Jun 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
🇳🇱 Site.eu	2026-05-31 09:14:48 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇭🇺 NyaljBe	2026-05-31 03:23:00 (4 days ago)	20.29.68.224 - - [29/May/2026:20:35:59 +0200] "GET /acp.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 ... show more 20.29.68.224 - - [29/May/2026:20:35:59 +0200] "GET /acp.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:58 +0200] "GET /12.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:58 +0200] "GET /man.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:58 +0200] "GET /2.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:58 +0200] "GET /fs.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:57 +0200] "GET /aj11.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:57 +0200] "GET /xxa.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:57 +0200] "GET /ggb.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:56 +0200] "GET /7.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - - [29/May/2026:20:35:56 +0200] "GET /img.php HTTP show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-30 21:59:36 (4 days ago)	Auto-ban: 256 malicious requests on 2026-05-29 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 256 malicious requests on 2026-05-29 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇨🇱 SinaiCL	2026-05-30 20:26:36 (4 days ago)	Automated Nginx block. Attack type: file scan on cpanel proxy subdomains. Total malicious requests: ... show more Automated Nginx block. Attack type: file scan on cpanel proxy subdomains. Total malicious requests: 190 across multiple servers. show less	Bad Web Bot
🇺🇸 1cyb3rpunk	2026-05-30 19:28:26 (4 days ago)	Honeypot trap [path_not_found_probe] on sectrace.org — path: /wp-content/plugins/hellopress/wp_filem ... show more Honeypot trap [path_not_found_probe] on sectrace.org — path: /wp-content/plugins/hellopress/wp_filemanager.php stage: recon. Automated scanner/attacker activity. show less	Port Scan Brute-Force Bad Web Bot Web App Attack
🇫🇷 geot	2026-05-30 15:31:07 (4 days ago)	WordPress scanning bot	Hacking Bad Web Bot Web App Attack
🇧🇪 Ivo Vynckier	2026-05-30 13:51:00 (5 days ago)	20.29.68.224 - - [29/May/2026:19:00:57 +0200] "GET /moshou.php HTTP/1.1" 404 27 "-" "-" 20.29.68.22 ... show more 20.29.68.224 - - [29/May/2026:19:00:57 +0200] "GET /moshou.php HTTP/1.1" 404 27 "-" "-" 20.29.68.224 - - [29/May/2026:19:00:57 +0200] "GET /lib.php HTTP/1.1" 404 27 "-" "-" 20.29.68.224 - - [29/May/2026:19:00:57 +0200] "GET /zoper1.php HTTP/1.1" 404 27 "-" "-" 20.29.68.224 - - [29/May/2026:19:00:57 +0200] "GET /19.php HTTP/1.1" 404 27 "-" "-" 20.29.68.224 - - [29/May/2026:19:00:58 +0200] "GET /geforce.php HTTP/1.1" 404 27 "-" "-" 20.29.68.224 - - [29/May/2026:19:00:58 +0200] "GET /dostshell.php HTTP/1.1" 404 27 "-" "-" show less	Web App Attack
Anonymous	2026-05-30 09:02:38 (5 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇺🇸 Charlesiv	2026-05-30 08:01:09 (5 days ago)	Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE ASN: 8075 (Microsoft Co ... show more Triggered Cloudflare WAF (botFight) from US. Action taken: MANAGED_CHALLENGE ASN: 8075 (Microsoft Corporation) Protocol: HTTP/1.1 (GET method) Endpoint: /3369.php Timestamp: 2026-05-30T00:38:47Z Ray ID: a039ad9509c7c0a8 UA: Empty string show less	Bad Web Bot
🇬🇧 openstrike.co.uk	2026-05-30 05:13:29 (5 days ago)	95 attacks on PHP URLs: GET /3369.php HTTP/1.1	Web App Attack
🇭🇺 DumaNet	2026-05-30 04:57:00 (5 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 May 29. 21:01:25 Source IP: 20.29. ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 May 29. 21:01:25 Source IP: 20.29.68.224 Portion of the log(s): 20.29.68.224 - [29/May/2026:21:01:22 +0200] "GET /xxa.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:22 +0200] "GET /ggb.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:22 +0200] "GET /7.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:21 +0200] "GET /img.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:21 +0200] "GET /min.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:21 +0200] "GET /options.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:20 +0200] "GET /ss.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:20 +0200] "GET /file6.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:20 +0200] "GET /press.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01:20 +0200] "GET /cilus.php HTTP/1.1" 404 153 "-" "-" 20.29.68.224 - [29/May/2026:21:01 show less	Web App Attack
🇺🇸 octageeks.com	2026-05-30 04:06:58 (5 days ago)	Wordpress malicious attack:[octascan]	Web App Attack

Showing 1 to 15 of 322 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.176.29.30

🇵🇰 175.107.213.70

🇰🇷 121.142.87.218

🇨🇳 114.217.53.40

🇺🇸 64.62.197.85

🇳🇵 202.51.89.100

🇬🇧 193.176.29.15

🇺🇸 173.252.70.51

🇺🇸 173.252.70.49

🇺🇸 173.252.70.42

🇵🇰 139.135.46.181

🇧🇷 108.179.193.80

🇩🇪 104.140.188.18

🇳🇱 88.151.33.224

🇨🇳 60.191.221.172

🇮🇪 54.155.52.114

🇺🇸 52.4.213.199

🇨🇳 202.101.73.82

🇰🇿 194.32.140.229

🇺🇸 178.156.253.13