AbuseIPDB » 20.189.181.75
20.189.181.75
This IP was reported 8 times. Confidence of
Abuse
is 49% : ?
ISP
Microsoft Corporation
Usage Type
Data Center/Web Hosting/Transit
ASN
AS8075
Domain Name
microsoft.com
Country
๐บ๐ธ
United States of America
City
San Jose, California
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 20.189.181.75 :
This IP address has been reported a total of
8
times from
7 distinct
sources.
20.189.181.75 was first reported on
June 10th 2026 , and the most recent report was
2 days ago
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐บ๐ธ
MPL
2026-06-10 22:04:31
(2 days ago)
tcp port scan (16 or more attempts)
Port Scan
๐ง๐พ
lns.bz
2026-06-10 20:48:48
(2 days ago)
Too many 404 requests [BY]
Web App Attack
๐ฆ๐บ
LiftUp Hosting
2026-06-10 19:57:56
(2 days ago)
Honeypot hit: Empty payload (likely service probe); 2087 [4], 2082 [1], 2086 [1], 2083 [1] TCP
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-10 19:54:27
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.189.181.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.189.181.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 15:54:23.070097 2026] [security2:error] [pid 16661:tid 16696] [client 20.189.181.75:2689] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.86"] [uri "/.git/HEAD"] [unique_id "ainA7-ELj_u0I_Dmu2s0VAAAAM8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
Yachiyo Runami
2026-06-10 18:29:57
(2 days ago)
Port Scan on Honeypot | Ports: 80/HTTP | Proto: TCP(1) | Flags: all SYN | TTL: 42 | Len: 60B | Win: ...
show more
Port Scan on Honeypot | Ports: 80/HTTP | Proto: TCP(1) | Flags: all SYN | TTL: 42 | Len: 60B | Win: 64240(1) | F2B/ufw-honeypot@2026-06-10T18:29:57Z
show less
Port Scan
Hacking
๐ฉ๐ช
bescared
2026-06-10 18:26:49
(2 days ago)
F2B - Malicious activity detected. Excessive port scans. -151302cd-
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-10 18:06:59
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.189.181.75 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.189.181.75 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 14:06:53.584181 2026] [security2:error] [pid 25518:tid 25518] [client 20.189.181.75:3664] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.157"] [uri "/.git/config"] [unique_id "aimnvbqWMzAIsKZe0mWJWgAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
RAP
2026-06-10 17:00:01
(2 days ago)
2026-06-10 17:00:01 UTC Unauthorized activity to TCP port 8080. Web App
Port Scan
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: