JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.29.75.69

20.29.75.69 was found in our database!

This IP was reported 332 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.29.75.69

Whois 20.29.75.69

IP Abuse Reports for 20.29.75.69:

This IP address has been reported a total of 332 times from 279 distinct sources. 20.29.75.69 was first reported on June 24th 2026, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-25 21:19:20 (8 hours ago)	Too many Status 40X (62) Request Overload (128)	Brute-Force Web App Attack
Anonymous	2026-06-25 13:03:15 (16 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇫🇷 geot	2026-06-25 12:14:47 (17 hours ago)	WordPress scanning bot	Hacking Bad Web Bot Web App Attack
🇫🇷 IRISIO	2026-06-25 10:30:50 (19 hours ago)	scans/SQL injection/spam posts : 109 queries	Web App Attack SQL Injection
🇧🇪 Ivo Vynckier	2026-06-25 09:45:00 (20 hours ago)	20.29.75.69 - - [24/Jun/2026:18:52:31 +0200] "GET /joomla.php HTTP/1.1" 301 296 "-" "-" 20.29.75.69 ... show more 20.29.75.69 - - [24/Jun/2026:18:52:31 +0200] "GET /joomla.php HTTP/1.1" 301 296 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:31 +0200] "GET /joma.php HTTP/1.1" 301 294 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:31 +0200] "GET /opp.php HTTP/1.1" 301 293 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:32 +0200] "GET /c4.php HTTP/1.1" 301 292 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:32 +0200] "GET /l.php HTTP/1.1" 301 291 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:32 +0200] "GET /doo.php HTTP/1.1" 301 293 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:33 +0200] "GET /fff.php HTTP/1.1" 301 293 "-" "-" 20.29.75.69 - - [24/Jun/2026:18:52:33 +0200] "GET /nico.php HTTP/1.1" 301 294 "-" "-" show less	Web App Attack
🇬🇧 openstrike.co.uk	2026-06-25 05:14:25 (1 day ago)	264 attacks on PHP URLs: GET /simple.php HTTP/1.1	Web App Attack
Anonymous	2026-06-25 05:11:44 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇩🇪 SiyCah	2026-06-25 03:00:02 (1 day ago)	IP banned by fail2ban; banned in jail apache-auth. Report generated by fail2abuseipdb.	Hacking Brute-Force Web App Attack
🇫🇷 SpaceHost-Server	2026-06-24 22:28:29 (1 day ago)		Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-24 22:01:19 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-24	Web App Attack SSH Hacking
🇫🇷 tecnicorioja	2026-06-24 22:00:27 (1 day ago)	wp-login attack [24/Jun/2026:20:00:13	Brute-Force Web App Attack
Anonymous	2026-06-24 21:17:34 (1 day ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇮🇩 soc-yk	2026-06-24 20:30:14 (1 day ago)	Type: suspicious_network_activity Risk: 100 Events: 183 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 100 Events: 183 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇫🇷 airstream	2026-06-24 20:27:32 (1 day ago)	Brute-force / scan on app.air-stream.io	Brute-Force SSH
🇨🇭 4server	2026-06-24 20:27:08 (1 day ago)	[WedJun2422:27:02.9954902026][security2:error][pid3861281:tid3861338][client20.29.75.69:0]ModSecurit ... show more [WedJun2422:27:02.9954902026][security2:error][pid3861281:tid3861338][client20.29.75.69:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(filemanager\\|wp-file-manager\\|elfinder\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"443\"][id\"980500\"][msg\"WordPressfilemanagerexploitattempt\"][hostname\"autodiscover.lemox.ch\"][uri\"/wp-content/plugins/hellopress/wp_filemanager.php\"][unique_id\"ajw9lmfMHXgSGkpBHRJQHgAAAFQ\"] show less	Hacking Web App Attack

Showing 1 to 15 of 332 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇦 216.208.216.40

🇮🇳 182.95.185.142

🇺🇸 162.216.149.229

🇫🇷 92.205.184.118

🇨🇳 14.103.123.67

🇮🇳 182.95.185.14

🇮🇳 182.95.52.170

🇩🇪 176.100.36.222

🇰🇷 118.34.164.157

🇫🇷 91.231.89.240

🇺🇸 66.132.172.101

🇮🇳 13.234.53.25

🇺🇸 162.245.218.113

🇮🇩 103.157.26.23

🇻🇳 103.130.215.8

🇧🇩 103.4.145.50

🇺🇸 67.55.189.211

🇨🇳 36.137.131.9

🇭🇰 199.45.155.86

🇩🇪 31.76.106.26