JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.9.55.237

20.9.55.237 was found in our database!

This IP was reported 369 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.9.55.237

Whois 20.9.55.237

IP Abuse Reports for 20.9.55.237:

This IP address has been reported a total of 369 times from 276 distinct sources. 20.9.55.237 was first reported on May 23rd 2026, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇷🇴 andreighitan	2026-06-01 00:00:00 (6 days ago)	Coordinated Azure webshell scanning campaign against 84.46.253.134. Active May-Jun 2026. ZAC Bayern ... show more Coordinated Azure webshell scanning campaign against 84.46.253.134. Active May-Jun 2026. ZAC Bayern ref BY0257-500359-26/8. show less	Brute-Force
Anonymous	2026-05-31 19:47:27 (6 days ago)	$f2bV_matches	Brute-Force
🇨🇦 polycoda	2026-05-29 12:28:05 (1 week ago)	AutoBlock: 🎯 Vulnerability Scanner (Non Decay-Based) - 📊 Admin Panel Scanning (Decay-Based)	Hacking Bad Web Bot Web App Attack
🇺🇸 decisionconcepts	2026-05-29 03:31:48 (1 week ago)	Auto report from Fail2Ban jail apache-auth on rhel9vm.birdcage.local	Bad Web Bot Web App Attack
🇧🇷 Peregrine	2026-05-26 03:13:37 (1 week ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.9.55.237 198.41.227.162 - - [23/May/2026:13:21:0 ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.9.55.237 198.41.227.162 - - [23/May/2026:13:21:04 -0300] "GET /admin.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇺🇸 chronos	2026-05-25 06:57:03 (1 week ago)	[AUTORAVALT][[25/05/2026 - 03:57:02 -03:00 UTC] Attack from [Microsoft Corporation] [20.9.55.237] Ac ... show more [AUTORAVALT][[25/05/2026 - 03:57:02 -03:00 UTC] Attack from [Microsoft Corporation] [20.9.55.237] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software pl] ... show less	Hacking Web App Attack
🇬🇧 openstrike.co.uk	2026-05-25 05:14:45 (1 week ago)	174 attacks on PHP URLs: GET /rh.php HTTP/1.1	Web App Attack
🇧🇷 Peregrine	2026-05-25 03:13:17 (1 week ago)	Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.9.55.237 198.41.227.162 - - [23/May/2026:13:21:0 ... show more Fail2Ban ct101 Jail: tomcat-honeypot \| Evidence: 20.9.55.237 198.41.227.162 - - [23/May/2026:13:21:04 -0300] "GET /admin.php HTTP/1.1" 404 18193 show less	Bad Web Bot
🇫🇷 SpaceHost-Server	2026-05-24 22:33:06 (1 week ago)		Brute-Force Web App Attack
🇫🇷 Murazaki	2026-05-24 22:03:53 (1 week ago)	git.benadel.fr 20.9.55.237 - - [24/May/2026:07:58:34 +0200] "GET /wp-content/plugins/hellopress/wp_f ... show more git.benadel.fr 20.9.55.237 - - [24/May/2026:07:58:34 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 503 190 "-" "-" "-" ... show less	Hacking
🇳🇱 homeshowdomain.nl	2026-05-24 21:59:13 (1 week ago)	Auto-ban: 31 malicious requests on 2026-05-23 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 31 malicious requests on 2026-05-23 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇩🇪 www.Examensfragen.de	2026-05-24 19:43:45 (2 weeks ago)		Web Spam Bad Web Bot
🇧🇪 Saec	2026-05-24 11:33:13 (2 weeks ago)	Cloudflare WAF blocked 152 requests in 1h from US. Top paths probed: /wp-login.php, /, /wp.php. Patt ... show more Cloudflare WAF blocked 152 requests in 1h from US. Top paths probed: /wp-login.php, /, /wp.php. Pattern: bot/scanner abuse. Auto-reported by Jarvis CF monitor. show less	Brute-Force Web App Attack
Anonymous	2026-05-24 08:02:46 (2 weeks ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇺🇸 Epimetheus	2026-05-24 07:32:36 (2 weeks ago)	Unauthorized access attempts: [GET] /wp-admin/maint/about.php [GET] /wp-content/plugins/index.php [ ... show more Unauthorized access attempts: [GET] /wp-admin/maint/about.php [GET] /wp-content/plugins/index.php [GET] /a.php [GET] /log.php [GET] /7.php [GET] /wp-config-sample.php [GET] /a5.php [GET] /jga.php [GET] /php.php [GET] /wp-Blogs.php [GET] /011i.php [GET] /chosen.php [GET] /fs.php [GET] /leaf.php [GET] /grsiuk.php [GET] /166.php [GET] /ms-edit.php [GET] /admin.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack

Showing 1 to 15 of 369 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 185.216.145.170

🇰🇷 183.104.26.197

🇺🇸 147.185.132.105

🇭🇰 103.229.125.106

🇹🇷 91.93.232.146

🇬🇧 81.19.219.248

🇺🇸 66.132.172.145

🇳🇱 45.148.10.141

🇬🇧 5.226.140.52

🇸🇾 205.209.67.3

🇷🇴 193.32.162.125

🇸🇪 185.246.130.20

🇧🇷 172.70.101.132

🇬🇧 162.158.216.172

🇲🇦 81.192.46.32

🇺🇸 74.94.234.151

🇨🇳 58.19.141.133

🇺🇸 52.176.211.73

🇸🇬 43.134.124.153

🇺🇸 43.130.42.111