JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.89.43.232

20.89.43.232 was found in our database!

This IP was reported 208 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.89.43.232

Whois 20.89.43.232

IP Abuse Reports for 20.89.43.232:

This IP address has been reported a total of 208 times from 122 distinct sources. 20.89.43.232 was first reported on June 5th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 Epimetheus	2026-06-08 00:20:17 (3 hours ago)	Unauthorized access attempts: [GET] /aa.php [GET] /lock360.php [GET] /a.php [GET] /file.php [GET] / ... show more Unauthorized access attempts: [GET] /aa.php [GET] /lock360.php [GET] /a.php [GET] /file.php [GET] /default.php [GET] /index.php [GET] /anonse/lock360.php [GET] /hehe.php [GET] /xleet.php [GET] /2.php [GET] /wp-configs.php [GET] /plugin.php [GET] /update.php [GET] /input.php [GET] /gecko-new.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 sthoyer.de	2026-06-08 00:00:52 (3 hours ago)	20.89.43.232 - - [08/Jun/2026:02:00:50 +0200] "GET /a.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Window ... show more 20.89.43.232 - - [08/Jun/2026:02:00:50 +0200] "GET /a.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.43.232 - - [08/Jun/2026:02:00:51 +0200] "GET /aa.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.43.232 - - [08/Jun/2026:02:00:51 +0200] "GET /aaa.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 ipblock.com	2026-06-07 23:53:00 (3 hours ago)	IPBlock protected site ID [4055-d][s=01]. Exploit request, vulnerability scanner.	Hacking Bad Web Bot Web App Attack
🇺🇸 koinkash.org	2026-06-07 23:27:50 (3 hours ago)	They are fraudulent. Malicious threat actor requesting php file /a.php	Web App Attack
🇫🇮 as211431.net	2026-06-07 23:26:29 (3 hours ago)	Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from JP. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: /aaa.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 kosada.com	2026-06-07 23:15:43 (4 hours ago)	Web vulnerability probing: /lock360.php	Web App Attack
🇫🇷 AGEPCom	2026-06-07 23:12:39 (4 hours ago)	Smart-Ban: IP bannie via score AbuseIPDB	Brute-Force Web App Attack
🇹🇭 thaizone.com	2026-06-07 23:05:29 (4 hours ago)	Hacking attempts against websites (D1) #3	Web App Attack Hacking
🇳🇱 Site.eu	2026-06-07 22:44:38 (4 hours ago)	Excessive multi-domain requests	Brute-Force
🇳🇴 Abuse Buster	2026-06-07 22:08:17 (5 hours ago)	20.89.43.232 - [08/Jun/2026:00:08:14 +0200] "GET /a.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows N ... show more 20.89.43.232 - [08/Jun/2026:00:08:14 +0200] "GET /a.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.43.232 - [08/Jun/2026:00:08:15 +0200] "GET /aa.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.43.232 - [08/Jun/2026:00:08:15 +0200] "GET /aaa.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.43.232 - [08/Jun/2026:00:08:16 +0200] "GET /ab.php HTTP/2.0" 404 36 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇷🇺 Deynekin.com	2026-06-07 22:04:10 (5 hours ago)	This IP address has been identified as part of a botnet infrastructure used by threat actors, indica ... show more This IP address has been identified as part of a botnet infrastructure used by threat actors, indicating automated and malicious activity. show less	Fraud Orders Web App Attack SSH Web Spam FTP Brute-Force Phishing Email Spam Port Scan Brute-Force Exploited Host Hacking SQL Injection
🇩🇪 Skyrider	2026-06-07 21:49:55 (5 hours ago)	crowdsecurity/http-probing	Web App Attack
🇳🇱 Site.eu	2026-06-07 21:47:11 (5 hours ago)	Excessive 404/403 errors	Brute-Force
🇩🇪 FeG Deutschland	2026-06-07 21:20:52 (5 hours ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
🇺🇸 Epimetheus	2026-06-07 21:10:17 (6 hours ago)	Unauthorized access attempts: [GET] /cloud.php [GET] /aaa.php [GET] /xleet.php [GET] /aa.php [GET] ... show more Unauthorized access attempts: [GET] /cloud.php [GET] /aaa.php [GET] /xleet.php [GET] /aa.php [GET] /plugin.php [GET] /wp-configs.php [GET] /cron.php [GET] /edit.php [GET] /functions.php [GET] /hehe.php [GET] /flower.php [GET] /admin.php [GET] /randkeyword.php [GET] /k.php [GET] /aaa.php [GET] /autoload_classmap.php [GET] /cookie.php [GET] /anonse/lock360.php UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack

Showing 1 to 15 of 208 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 109.105.194.6

🇺🇸 107.173.225.192

🇨🇳 106.13.123.237

🇱🇹 81.30.98.144

🇱🇹 81.30.98.142

🇧🇷 45.167.71.244

🇨🇱 190.5.32.67

🇧🇷 187.111.17.236

🇺🇸 147.185.132.111

🇨🇳 106.75.25.139

🇮🇳 103.69.200.212

🇯🇴 94.249.90.238

🇳🇱 89.105.195.118

🇱🇹 81.30.98.158

🇺🇸 66.132.195.24

🇮🇳 52.140.76.154

🇮🇩 43.243.142.42

🇧🇪 34.156.181.144

🇺🇸 3.142.170.60

🇷🇴 2.57.121.112