JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.89.253.114

20.89.253.114 was found in our database!

This IP was reported 95 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Osaka, Osaka

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.89.253.114

Whois 20.89.253.114

IP Abuse Reports for 20.89.253.114:

This IP address has been reported a total of 95 times from 81 distinct sources. 20.89.253.114 was first reported on June 25th 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 maxpower	2026-06-25 19:57:06 (1 minute ago)	(aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.89.253.114 (JP/Japan/-): 1 in the last 360 ... show more (aggressive_scanner) REGOLA 9 - Aggressive Web Scanner 20.89.253.114 (JP/Japan/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 20.89.253.114 - - [25/Jun/2026:21:57:03 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 323 "-" "-" "-" host=comprendoschool.it show less	Port Scan
🇩🇪 pscriptos	2026-06-25 19:48:12 (9 minutes ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇺🇦 URAN Publishing Service	2026-06-25 19:43:09 (15 minutes ago)	20.89.253.114 - - [25/Jun/2026:22:41:35 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.89.253.114 - - [25/Jun/2026:22:41:35 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 251 "-" "-" 20.89.253.114 - - [25/Jun/2026:22:43:06 +0300] "GET /wp-content/admin.php HTTP/1.1" 404 196 "-" "-" ... show less	Web App Attack
🇨🇱 n33	2026-06-25 19:35:49 (22 minutes ago)	Attack detected detected by fail2ban. Service: nginx-ghost-upstream. Banned after 3 failed attempts.	Hacking Web App Attack
🇳🇱 Mangelot Hosting	2026-06-25 19:33:45 (24 minutes ago)	(upload_shell) srv103 Shell upload 20.89.253.114 (JP/Japan/-): 1 in the last 3600 secs; Ports: ; Di ... show more (upload_shell) srv103 Shell upload 20.89.253.114 (JP/Japan/-): 1 in the last 3600 secs; Ports: ; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
Anonymous	2026-06-25 19:29:49 (28 minutes ago)	(mod_security) mod_security triggered on hostname [redacted] 20.89.253.114 (JP/Japan/-)	SQL Injection
🇺🇸 chronos	2026-06-25 19:28:29 (29 minutes ago)	[AUTORAVALT][[25/06/2026 - 16:28:29 -03:00 UTC] Attack from [Microsoft Corporation] [20.89.253.114] ... show more [AUTORAVALT][[25/06/2026 - 16:28:29 -03:00 UTC] Attack from [Microsoft Corporation] [20.89.253.114] Action: BLocKed Hacking... Unauthorized attempts to access the server. Web App Attack -> Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software ] ... show less	Hacking Web App Attack
🇦🇺 Anytech	2026-06-25 19:27:55 (30 minutes ago)	Blocked by Conn-Monitor: Web scanning activity	Hacking Web App Attack
🇺🇸 Epimetheus	2026-06-25 19:24:14 (33 minutes ago)	Unauthorized access attempts: [GET] /b.php [GET] /t.php [GET] /areak1.php [GET] /sf.php [GET] /atom ... show more Unauthorized access attempts: [GET] /b.php [GET] /t.php [GET] /areak1.php [GET] /sf.php [GET] /atomlib.php [GET] /test1.php [GET] /themes.php [GET] /adminfuns.php [GET] /nw.php [GET] /function/function.php [GET] /wp-includes/Requests/library/index.php [GET] /elp.php [GET] /cv.php [GET] /classwithtostring.php [GET] /class-t.api.php [GET] /wp-content/admin.php [GET] /a7.php [GET] /h.php [GET] /wp-mail.php [GET] /wp-content/themes/admin.php [GET] /admin/controller/extension/ [GET] /edit-tags.php [GET] /this_is_a_new_hello_world.php [GET] /inputs.php [GET] /goods.php UA: Unknown show less	Web App Attack
🇬🇧 Apache	2026-06-25 19:16:36 (41 minutes ago)	(mod_security) mod_security (id:20000010) triggered by 20.89.253.114 (JP/Japan/-): 5 in the last 300 ... show more (mod_security) mod_security (id:20000010) triggered by 20.89.253.114 (JP/Japan/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇸🇬 anotherwatcher	2026-06-25 19:15:24 (42 minutes ago)	bad bot	Bad Web Bot
Anonymous	2026-06-25 19:13:28 (44 minutes ago)	20.89.253.114 - - [25/Jun/2026:21:13:25 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.89.253.114 - - [25/Jun/2026:21:13:25 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:25 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:25 +0200] "GET /inputs.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /admin.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /goods.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /file.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /adminfuns.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /404.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:26 +0200] "GET /wk/index.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:27 +0200] "GET /about.php HTTP/1.1" 404 164 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:13:27 +0200] ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-25 19:13:28 (44 minutes ago)	20.89.253.114 - - [25/Jun/2026:21:12:27 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.89.253.114 - - [25/Jun/2026:21:12:27 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:30 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:31 +0200] "GET /inputs.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:33 +0200] "GET /admin.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:35 +0200] "GET /goods.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:37 +0200] "GET /file.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:39 +0200] "GET /adminfuns.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:41 +0200] "GET /404.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:45 +0200] "GET /about.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026:21:12:47 +0200] "GET /term.php HTTP/1.1" 404 58834 "-" "-" 20.89.253.114 - - [25/Jun/2026 ... show less	Web App Attack
🇹🇭 thaizone.com	2026-06-25 19:05:36 (52 minutes ago)	Hacking attempts against websites (D1) #1	Web App Attack Hacking
🇺🇦 URAN Publishing Service	2026-06-25 19:02:06 (56 minutes ago)	20.89.253.114 - - [25/Jun/2026:22:02:04 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 20.89.253.114 - - [25/Jun/2026:22:02:04 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 721 "-" "-" ... show less	Web App Attack

Showing 1 to 15 of 95 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇭 209.99.190.113

🇸🇪 195.178.191.5

🇫🇷 185.177.72.66

🇧🇷 177.135.126.153

🇨🇳 124.88.141.93

🇮🇩 103.78.104.246

🇸🇬 47.237.254.73

🇦🇺 220.240.104.100

🇹🇼 128.14.237.120

🇰🇷 119.209.12.20

🇬🇧 87.236.176.194

🇭🇷 85.203.20.28

🇷🇺 85.95.166.40

🇱🇹 45.227.254.170

🇬🇧 37.10.113.213

🇺🇸 160.153.176.197

🇨🇳 110.249.201.139

🇷🇴 80.94.92.55

🇺🇸 45.86.208.25

🇳🇱 172.217.96.16