JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.89.44.87

20.89.44.87 was found in our database!

This IP was reported 87 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇯🇵 Japan
City	Tokyo, Tokyo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.89.44.87

Whois 20.89.44.87

IP Abuse Reports for 20.89.44.87:

This IP address has been reported a total of 87 times from 80 distinct sources. 20.89.44.87 was first reported on June 28th 2026, and the most recent report was 1 minute ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 iNetWorker	2026-06-28 13:39:05 (1 minute ago)	trolling for resource vulnerabilities	Web App Attack
🇮🇹 Inartis	2026-06-28 13:37:29 (2 minutes ago)	20.89.44.87 - - [28/Jun/2026:15:37:03 +0200] "GET /admin.php HTTP/1.1" 404 47735 "-" "Mozilla/5.0 (W ... show more 20.89.44.87 - - [28/Jun/2026:15:37:03 +0200] "GET /admin.php HTTP/1.1" 404 47735 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.44.87 - - [28/Jun/2026:15:37:25 +0200] "GET /adminfuns.php HTTP/1.1" 404 47747 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.44.87 - - [28/Jun/2026:15:37:28 +0200] "GET /xmlrpc.php HTTP/1.1" 403 461 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-06-28 13:35:47 (4 minutes ago)	[redacted] 20.89.44.87 - - [28/Jun/2026:14:35:43 +0100] "GET /wp-content/uploads/[redacted] HTTP/1.1 ... show more [redacted] 20.89.44.87 - - [28/Jun/2026:14:35:43 +0100] "GET /wp-content/uploads/[redacted] HTTP/1.1" 302 1554 0/60647 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" [redacted] 20.89.44.87 - - [28/Jun/2026:14:35:46 +0100] "GET /wp-admin/[redacted] HTTP/1.1" 302 1554 0/57097 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
Anonymous	2026-06-28 13:33:34 (6 minutes ago)	20.89.44.87 - - [28/Jun/2026:15:33:33 +0200] "GET /wp-content/uploads/ HTTP/1.1" 301 169 "-" "Mozill ... show more 20.89.44.87 - - [28/Jun/2026:15:33:33 +0200] "GET /wp-content/uploads/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 todix	2026-06-28 13:30:44 (9 minutes ago)	Web App Attack Exploid from 20.89.44.87	Web App Attack
🇫🇷 sthoyer.de	2026-06-28 13:29:13 (11 minutes ago)	20.89.44.87 - - [28/Jun/2026:15:29:12 +0200] "GET /inputs.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Wi ... show more 20.89.44.87 - - [28/Jun/2026:15:29:12 +0200] "GET /inputs.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.89.44.87 - - [28/Jun/2026:15:29:12 +0200] "GET /ioxi-o.php HTTP/1.1" 302 495 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Web App Attack
🇫🇷 masterguru	2026-06-28 13:25:33 (14 minutes ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-197)	Hacking
🇮🇩 soc-yk	2026-06-28 13:20:13 (20 minutes ago)	Type: suspicious_network_activity Risk: 68 Events: 248 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 68 Events: 248 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇩🇪 ger-stg-sifi1	2026-06-28 13:16:30 (23 minutes ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇮🇩 zam	2026-06-28 13:09:22 (31 minutes ago)	20.89.44.87 - - [28/Jun/2026:13:09:13 +0000] "GET /inputs.php HTTP/1.1" 404 9110 20.89.44.87 - - [28 ... show more 20.89.44.87 - - [28/Jun/2026:13:09:13 +0000] "GET /inputs.php HTTP/1.1" 404 9110 20.89.44.87 - - [28/Jun/2026:13:09:14 +0000] "GET /ioxi-o.php HTTP/1.1" 404 9110 20.89.44.87 - - [28/Jun/2026:13:09:15 +0000] "GET /function/function.php HTTP/1.1" 404 9110 20.89.44.87 - - [28/Jun/2026:13:09:15 +0000] "GET /rip.php HTTP/1.1" 404 9110 20.89.44.87 - - [28/Jun/2026:13:09:16 +0000] "GET /admin.php HTTP/1.1" 404 9110 {"log":"20.89.44.87 - - [28/Jun/2026:13:09:17 +0000] \ show less	Web App Attack
🇺🇸 Epimetheus	2026-06-28 13:04:13 (36 minutes ago)	Unauthorized access attempts: [GET] /info.php [GET] /randkeyword.PhP7 [GET] /classwithtostring.php ... show more Unauthorized access attempts: [GET] /info.php [GET] /randkeyword.PhP7 [GET] /classwithtostring.php [GET] /wp-includes/Requests/src/Response/about.php [GET] /as.php [GET] /ws.php [GET] /autoload_classmap.php [GET] /ioxi-o.php [GET] /xmlrpc.php [GET] /inputs.php [GET] /file.php [GET] /wp-conf.php [GET] /wp-content/themes/index.php [GET] /wp-includes/images/ [GET] /wp-content/plugins/index.php [GET] /wp-content/admin.php [GET] /wp-content/uploads/ UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 show less	Web App Attack
🇫🇷 AGEPCom	2026-06-28 12:56:44 (43 minutes ago)	Smart-Ban: IP bannie via score AbuseIPDB	Brute-Force Web App Attack
🇮🇩 soc-yk	2026-06-28 12:56:22 (44 minutes ago)	Type: web_scanning Risk: 67 Events: 212 Evidence: - Automated hostile web probing detected - Repeat ... show more Type: web_scanning Risk: 67 Events: 212 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Web App Attack
🇮🇹 mediarama.com	2026-06-28 12:45:41 (54 minutes ago)	Banned by Fail2Ban	Web App Attack
Anonymous	2026-06-28 12:40:56 (59 minutes ago)	2026/06/28 11:16:18 [error] 265775#265775: 6805 open() "/var/www/monitor.bitfleet.com/wp-login.php" ... show more 2026/06/28 11:16:18 [error] 265775#265775: 6805 open() "/var/www/monitor.bitfleet.com/wp-login.php" failed (2: No such file or directory), client: 20.89.44.87, server: monitor.bitfleet.com, request: "GET /wp-login.php HTTP/1.1", host: "nazaninazari.com" 2026/06/28 11:16:23 [error] 265775#265775: 6805 "/var/www/monitor.bitfleet.com/cgi-bin/index.html" is not found (2: No such file or directory), client: 20.89.44.87, server: monitor.bitfleet.com, request: "GET /cgi-bin/ HTTP/1.1", host: "nazaninazari.com" 2026/06/28 12:40:55 [error] 265776#265776: 6872 open() "/var/www/monitor.bitfleet.com/wp-login.php" failed (2: No such file or directory), client: 20.89.44.87, server: monitor.bitfleet.com, request: "GET /wp-login.php HTTP/1.1", host: "kelasezaban.org" ... show less	Brute-Force

Showing 1 to 15 of 87 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.149.159

🇷🇺 152.32.227.252

🇷🇺 144.31.48.86

🇧🇩 103.154.158.70

🇳🇱 91.92.40.7

🇺🇸 20.127.155.221

🇰🇷 1.235.192.214

🇩🇪 2a01:4f8:1c18:38c4::1

🇺🇸 216.73.161.178

🇺🇸 216.73.161.174

🇳🇱 204.76.203.219

🇧🇷 200.155.66.2

🇳🇱 195.178.110.30

🇵🇰 192.140.151.227

🇺🇸 173.239.211.142

🇳🇱 164.92.158.242

🇭🇰 123.58.213.128

🇨🇳 116.179.32.212

🇮🇳 103.12.132.60

🇫🇷 88.187.73.89