JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.189.186.2

20.189.186.2 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 84%: ?

84%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	San Jose, California

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.189.186.2

Whois 20.189.186.2

IP Abuse Reports for 20.189.186.2:

This IP address has been reported a total of 24 times from 17 distinct sources. 20.189.186.2 was first reported on April 23rd 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇯🇵 demonsword	2026-06-06 13:15:31 (1 day ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ptlogin.4399.com:443 show less	Open Proxy Port Scan
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (3 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
Anonymous	2026-06-03 05:59:25 (4 days ago)	Illegitimate and/or suspicious requests.	Hacking
🇧🇷 SOC Blue Team	2026-06-03 05:26:16 (4 days ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇺🇸 donarev419	2026-06-03 04:09:27 (4 days ago)	Port scan detected on port 2082 (connection without data transfer)	Port Scan
🇯🇵 pixelboost.kr	2026-06-03 03:54:08 (4 days ago)	20.189.186.2 - - [03/Jun/2026:12:54:05 +0900] "GET /.git/HEAD HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Wi ... show more 20.189.186.2 - - [03/Jun/2026:12:54:05 +0900] "GET /.git/HEAD HTTP/1.1" 404 181 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 20.189.186.2 - - [03/Jun/2026:12:54:07 +0900] "GET /.git/config HTTP/1.1" 404 118 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-03 02:11:06 (4 days ago)	tcp ports: 8080,2083 (4 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-03 01:53:11 (4 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 sumnone	2026-06-03 00:59:58 (4 days ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-03 00:45:47 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 20.189.186.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.189.186.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:45:41.941083 2026] [security2:error] [pid 2027:tid 2027] [client 20.189.186.2:7297] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.149"] [uri "/.git/HEAD"] [unique_id "ah95NW2sTEx4GI1LeTgHlwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 00:21:07 (4 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 SilverZippo	2026-06-02 23:58:56 (4 days ago)	Web App Attack	Web App Attack
🇨🇳 WMK965	2026-06-02 23:48:36 (4 days ago)	20.189.186.2 - - [03/Jun/2026:07:48:29 +0800] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Maci ... show more 20.189.186.2 - - [03/Jun/2026:07:48:29 +0800] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" 20.189.186.2 - - [03/Jun/2026:07:48:31 +0800] "GET /.git/config HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" "-" 20.189.186.2 - - [03/Jun/2026:07:48:35 +0800] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" "-" show less	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 22:31:48 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 20.189.186.2 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 20.189.186.2 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 18:31:41.860356 2026] [security2:error] [pid 20569:tid 20569] [client 20.189.186.2:7308] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.15"] [uri "/.git/HEAD"] [unique_id "ah9ZzZStEd5vLFbz93PlrQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-05-31 20:02:00 (1 week ago)		Brute-Force SSH Hacking

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2404:6800:4003:c26::122

🇮🇳 182.95.185.74

🇨🇳 112.132.249.164

🇨🇳 106.117.110.86

🇫🇷 85.217.140.26

🇧🇷 209.14.88.118

🇳🇱 185.242.226.126

🇮🇳 136.232.11.10

🇧🇷 129.121.42.236

🇺🇸 77.110.124.126

🇺🇸 34.199.252.22

🇨🇳 222.223.62.8

🇺🇸 159.203.134.149

🇩🇪 155.117.127.214

🇸🇪 155.4.244.179

🇺🇸 23.81.152.142

🇩🇪 2a02:4780:3f:2124:0:9e9:43ef:1

🇪🇬 197.47.62.179

🇺🇸 130.211.204.135

🇲🇾 121.123.141.251