JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.9.89.39

20.9.89.39 was found in our database!

This IP was reported 235 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.9.89.39

Whois 20.9.89.39

IP Abuse Reports for 20.9.89.39:

This IP address has been reported a total of 235 times from 201 distinct sources. 20.9.89.39 was first reported on June 21st 2026, and the most recent report was 19 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 Gem	2026-06-26 22:14:47 (19 hours ago)	Unauthorized web scan.	Web App Attack
🇫🇷 Catalin Negru	2026-06-25 13:03:41 (2 days ago)	Recidive ban by fail2ban on server.blackbit.ro	Brute-Force
🇬🇧 openstrike.co.uk	2026-06-23 05:14:37 (4 days ago)	308 attacks on PHP URLs: GET /aa.php HTTP/1.1	Web App Attack
🇳🇱 Site.eu	2026-06-23 00:55:11 (4 days ago)	Excessive multi-domain requests	Brute-Force
🇺🇸 micropedro	2026-06-22 23:59:43 (4 days ago)	3 incidents: web scanning/attack. First: 2026-06-21 17:05, Last: 2026-06-22 19:59 UTC. Triggers: ngi ... show more 3 incidents: web scanning/attack. First: 2026-06-21 17:05, Last: 2026-06-22 19:59 UTC. Triggers: nginx-noscript,ufw-repeater,ufw-repeater. show less	Port Scan Web App Attack
🇫🇷 SpaceHost-Server	2026-06-22 22:29:39 (4 days ago)		Brute-Force Web App Attack
Anonymous	2026-06-22 21:03:38 (4 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-06-22 12:17:31 (5 days ago)	2026-06-22 @ 14:17:31 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filema ... show more 2026-06-22 @ 14:17:31 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇧🇷 ludarkstar99	2026-06-22 12:10:19 (5 days ago)	Blocked by os-abuseipdb; 5 hits, proto=tcp, ports=80	Port Scan Hacking
🇮🇩 zam	2026-06-22 12:10:07 (5 days ago)	20.9.89.39 - - [22/Jun/2026:12:09:53 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php H ... show more 20.9.89.39 - - [22/Jun/2026:12:09:53 +0000] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 27293 20.9.89.39 - - [22/Jun/2026:12:09:54 +0000] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 27293 20.9.89.39 - - [22/Jun/2026:12:09:56 +0000] "GET /sql.php HTTP/1.1" 404 27293 20.9.89.39 - - [22/Jun/2026:12:09:57 +0000] "GET /1index.php HTTP/1.1" 404 27293 20.9.89.39 - - [22/Jun/2026:12:09:58 +0000] "GET /xxx.php HTTP/1.1" 404 27293 20.9.89.39 - - [22/Jun/2026:12:09:58 +0000] "GET /dropdown.php HTTP/1.1" 404 27293 show less	Web App Attack
Anonymous	2026-06-22 11:58:56 (5 days ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇸🇪 Juha Jurvanen	2026-06-22 11:51:03 (5 days ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇬🇧 AvonleaConsulting	2026-06-22 11:23:26 (5 days ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇬🇧 rakkor	2026-06-22 11:09:55 (5 days ago)	2026-06-22T12:09:54+01:00 NAS [Mon Jun 22 12:09:54.510807 2026] [proxy_fcgi:error] [pid 10542:tid 10 ... show more 2026-06-22T12:09:54+01:00 NAS [Mon Jun 22 12:09:54.510807 2026] [proxy_fcgi:error] [pid 10542:tid 10559] [client 20.9.89.39:51664] AH01071: Got error 'Primary script unknown' ... show less	Brute-Force Hacking
Anonymous	2026-06-22 11:08:54 (5 days ago)	wp admin page access attempt ...	Hacking Web App Attack

Showing 1 to 15 of 235 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 192.178.112.156

🇺🇸 172.110.223.203

🇭🇳 45.181.86.72

🇺🇸 172.215.145.207

🇨🇳 106.63.26.14

🇳🇱 89.248.167.131

🇪🇸 82.223.15.252

🇱🇹 62.60.130.219

🇺🇸 44.72.10.62

🇰🇷 218.149.228.161

🇧🇷 144.22.238.238

🇺🇸 96.78.175.36

🇺🇸 50.6.248.168

🇪🇸 44.30.162.52

🇳🇱 5.61.209.92

🇺🇸 2607:f8b0:400e:c05::129

🇬🇧 195.206.182.198

🇺🇸 44.170.77.149

🇬🇧 35.203.211.56

🇬🇧 185.127.69.236