JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.9.67.71

20.9.67.71 was found in our database!

This IP was reported 382 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.9.67.71

Whois 20.9.67.71

IP Abuse Reports for 20.9.67.71:

This IP address has been reported a total of 382 times from 324 distinct sources. 20.9.67.71 was first reported on June 13th 2026, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-16 10:51:37 (10 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 alpha	2026-06-16 02:39:14 (19 hours ago)	Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)	Bad Web Bot Web App Attack
🇳🇱 Site.eu	2026-06-15 18:51:36 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 sean markis	2026-06-15 16:30:00 (1 day ago)	Saturday 13th of June 2026 at 10:52:56 AM has blocked IP address 20.9.67.71. The reason is: "Exceed ... show more Saturday 13th of June 2026 at 10:52:56 AM has blocked IP address 20.9.67.71. The reason is: "Exceeded the maximum number of page not found errors per minute for a crawler.". The duration of the block is 1 day. User IP: 20.9.67.71 User hostname: 20.9.67.71 User location: Des Moines, Iowa, United States show less	DDoS Attack Port Scan Brute-Force Bad Web Bot Exploited Host Web App Attack FTP Brute-Force Ping of Death Hacking
🇫🇷 Catalin Negru	2026-06-15 12:47:20 (1 day ago)	Recidive ban by fail2ban on server.blackbit.ro	Brute-Force
🇺🇸 chronos	2026-06-15 07:14:43 (1 day ago)	[AUTORAVALT][[15/06/2026 - 04:14:43 -03:00 UTC] Attack from [Microsoft Corporation] [20.9.67.71] Act ... show more [AUTORAVALT][[15/06/2026 - 04:14:43 -03:00 UTC] Attack from [Microsoft Corporation] [20.9.67.71] Action: BLocKed DDoS Attack -> Participating in distributed denial-of-service. Phishing -> Phishing websites and/or email. Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam. Blog Spam -> CMS blog comment spam. Web App Attack -> Attempts to probe ] ... show less	DDoS Attack Phishing Web Spam Blog Spam Web App Attack
🇫🇷 IRISIO	2026-06-15 06:35:58 (1 day ago)	scans/SQL injection/spam posts : 83 queries	Web App Attack SQL Injection
🇫🇷 alpha	2026-06-15 02:38:56 (1 day ago)	Automated honeypot: scanner probed decoy URL on cdn.aldorand.fr (honeypot decoy)	Bad Web Bot Web App Attack
Anonymous	2026-06-14 17:07:41 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇫🇮 geot	2026-06-14 13:24:34 (2 days ago)	WordPress scanning bot	Hacking Bad Web Bot Web App Attack
Anonymous	2026-06-14 10:23:00 (2 days ago)	Bad behaviour, unwanted probing of non existing files	Bad Web Bot Exploited Host Web App Attack Hacking
🇬🇧 openstrike.co.uk	2026-06-14 05:13:48 (2 days ago)	366 attacks on PHP URLs: GET /invisi.php HTTP/1.1	Web App Attack
🇭🇺 NyaljBe	2026-06-14 04:08:00 (2 days ago)	20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /h2a2ck.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - ... show more 20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /h2a2ck.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /drykl.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /flox.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /cxl.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:48 +0200] "GET /rum.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /wolf.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /asu.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /momo.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /loxico93.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /Ov-Simple1.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - - [13/Jun/2026:23:54:47 +0200] "GET /wpconf.php HT show less	Web App Attack
🇭🇺 DumaNet	2026-06-14 03:46:00 (2 days ago)	Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 23:35:25 Source IP: 20.9.6 ... show more Web app attack attempts, scanning for vulnerability. Date: 2026 Jun 13. 23:35:25 Source IP: 20.9.67.71 Portion of the log(s): 20.9.67.71 - [13/Jun/2026:23:35:23 +0200] "GET /h2a2ck.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:23 +0200] "GET /drykl.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:22 +0200] "GET /flox.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:22 +0200] "GET /cxl.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:22 +0200] "GET /rum.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:21 +0200] "GET /wolf.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:21 +0200] "GET /asu.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:21 +0200] "GET /momo.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:20 +0200] "GET /loxico93.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:20 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-" 20.9.67.71 - [13/Jun/2026:23:35:20 +0200 show less	Web App Attack
🇱🇹 im	2026-06-14 03:20:59 (2 days ago)	HTTP	Port Scan

Showing 1 to 15 of 382 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.243.113.148

🇹🇭 182.53.207.106

🇨🇳 39.154.22.55

🇧🇪 34.78.29.97

🇺🇸 206.189.188.103

🇮🇩 182.253.156.184

🇳🇱 176.65.148.29

🇺🇸 172.212.158.185

🇬🇧 138.68.153.47

🇺🇸 108.181.23.83

🇮🇹 84.17.59.115

🇺🇸 74.7.241.7

🇨🇳 36.112.133.74

🇨🇳 210.22.90.58

🇧🇷 205.210.31.242

🇲🇽 187.144.122.115

🇧🇷 177.57.11.94

🇺🇸 147.185.132.103

🇨🇳 117.132.5.139

🇺🇸 107.175.220.67