JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.39.200.92

20.39.200.92 was found in our database!

This IP was reported 92 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇰🇷 Korea (the Republic of)
City	Seoul, Seoul

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.39.200.92

Whois 20.39.200.92

IP Abuse Reports for 20.39.200.92:

This IP address has been reported a total of 92 times from 68 distinct sources. 20.39.200.92 was first reported on September 8th 2025, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇸 Smel	2025-11-20 00:44:25 (7 months ago)	Unauthorized Probe/Connection, Hack -	Port Scan Hacking
🇩🇪 igerman	2025-10-18 16:13:58 (8 months ago)	caddy probes: [web] GET /ioxi2.php -> 403 [web] GET /MARIJUANA.php -> 403 [web] GET /file17.php -> 4 ... show more caddy probes: [web] GET /ioxi2.php -> 403 [web] GET /MARIJUANA.php -> 403 [web] GET /file17.php -> 403 [web] GET /ma1.php -> 403 [web] GET /nope.php -> 403 [web] GET /pm.php -> 403 [wordpress] GET /wp-xx.php -> 403 [wordpress] GET /wp-xm.php -> 403 [web] GET /aaa.php -> 403 show less	Web App Attack
🇬🇧 myintarweb	2025-10-11 03:28:51 (8 months ago)	20.39.200.92 - - [08/Sep/2025:11:15:14 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager. ... show more 20.39.200.92 - - [08/Sep/2025:11:15:14 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 410 1506 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack
🇬🇧 myintarweb	2025-09-19 14:56:38 (9 months ago)	20.39.200.92 - - [08/Sep/2025:11:15:14 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager. ... show more 20.39.200.92 - - [08/Sep/2025:11:15:14 +0100] 80 "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 410 1506 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack
Anonymous	2025-09-14 23:08:25 (9 months ago)	Probing to gain illegal access	Web App Attack
🇫🇷 COMAITE	2025-09-14 22:38:35 (9 months ago)	Multiple web server 400 error codes from same source ip 20.39.200.92.	Web App Attack
🇩🇪 jasperedv.de	2025-09-14 21:47:04 (9 months ago)	Apache Login - Brutforcing	Brute-Force Web App Attack
🇪🇪 Unwasted	2025-09-14 21:15:26 (9 months ago)	Blocked IP still knocking	Hacking
🇫🇷 tr1n	2025-09-14 20:47:09 (9 months ago)	Triggered Cloudflare WAF (botFight) from KR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET ... show more Triggered Cloudflare WAF (botFight) from KR. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /lo.php UA: Empty string show less	Bad Web Bot
🇩🇪 ps-center	2025-09-14 20:40:50 (9 months ago)	DIS: Web Attack GET /wp-content/plugins/hellopress/wp_filemanager.php	Web Spam Hacking Bad Web Bot Web App Attack
🇪🇪 Unwasted	2025-09-14 20:15:22 (9 months ago)	Abusive content scan (abuse_score:>80)	Hacking Brute-Force Web App Attack
🇧🇪 boxed-it	2025-09-14 18:11:56 (9 months ago)	GET /wp-content/plugins/hellopress/wp_filemanager.php (Tarpitted for 4m22s, wasted 15.47kB)	Web App Attack
🇺🇸 psh-ack	2025-09-14 17:59:35 (9 months ago)	Honeypot detection: HTTP attack on port 80. Recent activity: HTTP on port 80 - GET /wp-content/plugi ... show more Honeypot detection: HTTP attack on port 80. Recent activity: HTTP on port 80 - GET /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇮🇩 Burayot	2025-09-14 17:49:26 (9 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.39.200.92 (KR/South Korea/-): 2 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.39.200.92 (KR/South Korea/-): 2 in the last 3600 secs show less	Web App Attack
Anonymous	2025-09-14 17:46:27 (9 months ago)	[Sun Sep 14 20:46:24.556490 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/w ... show more [Sun Sep 14 20:46:24.556490 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/www/varbanov.org_keys/file8.php' not found or unable to stat [Sun Sep 14 20:46:25.047469 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/www/varbanov.org_keys/ahax.php' not found or unable to stat [Sun Sep 14 20:46:25.995457 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/www/varbanov.org_keys/aa.php' not found or unable to stat [Sun Sep 14 20:46:26.463944 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/www/varbanov.org_keys/CLA.php' not found or unable to stat [Sun Sep 14 20:46:26.958579 2025] [php7:error] [pid 27419] [client 20.39.200.92:2309] script '/var/www/varbanov.org_keys/lc.php' not found or unable to stat ... show less	DDoS Attack Exploited Host Web App Attack

Showing 1 to 15 of 92 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇦 37.221.138.52

🇨🇳 218.25.89.208

🇧🇷 190.115.84.25

🇲🇽 187.190.35.163

🇺🇸 143.42.0.20

🇳🇱 45.153.34.165

🇳🇱 45.148.10.239

🇨🇳 221.228.203.3

🇲🇽 187.191.48.4

🇬🇧 159.65.91.36

🇺🇸 146.70.195.99

🇨🇳 123.134.151.24

🇮🇳 117.216.210.246

🇨🇳 117.81.212.152

🇻🇳 116.110.14.140

🇭🇰 114.111.53.214

🇩🇪 87.106.210.86

🇸🇬 68.178.166.90

🇹🇼 61.220.235.10

🇨🇳 58.242.190.39