JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 101.128.96.20

101.128.96.20 was found in our database!

This IP was reported 57 times. Confidence of Abuse is 11%: ?

11%

ISP	PT Cyberindo Aditama
Usage Type	Fixed Line ISP
ASN	AS135478
Domain Name	cbn.net.id
Country	🇮🇩 Indonesia
City	Ubud, Bali

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 101.128.96.20

Whois 101.128.96.20

IP Abuse Reports for 101.128.96.20:

This IP address has been reported a total of 57 times from 34 distinct sources. 101.128.96.20 was first reported on December 14th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Vegascosmetics	2026-06-20 21:26:36 (1 day ago)	(Kingcopy.org-AI-IDS-Report):IP automatically blocked after obfuscated redirect. Vegas Security	DDoS Attack Hacking Exploited Host
🇸🇪 adaml1324	2026-04-23 19:17:46 (1 month ago)	Web application exploit probing	Web App Attack
Anonymous	2026-04-03 19:20:40 (2 months ago)	101.128.96.20 - - [03/Apr/2026:21:14:12 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 ... show more 101.128.96.20 - - [03/Apr/2026:21:14:12 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/74.0.0.0 Safari/537.36" 101.128.96.20 - - [03/Apr/2026:21:14:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/74.0.0.0 Safari/537.36" 101.128.96.20 - - [03/Apr/2026:21:19:13 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/97.0.0.0 Safari/537.36" 101.128.96.20 - - [03/Apr/2026:21:19:13 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/97.0.0.0 Safari/537.36" 101.128.96.20 - - [03/Apr/2026:21:20:39 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.3; x86) AppleWebKit/537.36 (KHTML, like Gecko) Safari/15.0.0.0 Safari/537.36 ... show less	Brute-Force Web App Attack
🇦🇺 screwlooseit.com.au	2026-04-02 06:22:53 (2 months ago)	Blocked by CSF 13 firewall - Rule: XMLRPC ID/Indonesia/-	Web App Attack
Anonymous	2026-03-31 22:08:00 (2 months ago)	101.128.96.20 - - [01/Apr/2026:00:01:05 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 ... show more 101.128.96.20 - - [01/Apr/2026:00:01:05 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/91.0.0.0 Safari/537.36" 101.128.96.20 - - [01/Apr/2026:00:01:07 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; arm64) AppleWebKit/537.36 (KHTML, like Gecko) Firefox/91.0.0.0 Safari/537.36" 101.128.96.20 - - [01/Apr/2026:00:06:35 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/90.0.0.0 Safari/537.36" 101.128.96.20 - - [01/Apr/2026:00:06:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 403 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; x86) AppleWebKit/537.36 (KHTML, like Gecko) Edge/90.0.0.0 Safari/537.36" 101.128.96.20 - - [01/Apr/2026:00:07:59 +0200] "POST /xmlrpc.php HTTP/1.0" 200 593 "-" "Mozilla/5.0 (Windows NT 6.2; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.0.0 Safari/53 ... show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-03-30 21:45:04 (2 months ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇫🇷 polido	2026-03-30 20:34:32 (2 months ago)	Unauthorized connection attempt to port 443 from 101.128.96.20	Port Scan
🇺🇸 myagent.site	2026-03-30 18:12:01 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇺🇸 deskpass.com	2026-03-29 12:53:55 (2 months ago)	POST /xmlrpc.php	Web App Attack
🇳🇱 wlt-blocker	2026-03-29 11:51:02 (2 months ago)	Unauthorized access to webpage admin	Web App Attack
🇩🇪 kjaerulff	2026-03-28 17:58:02 (2 months ago)	Failed Wordpress login using xmlrpc.php	Web App Attack
🇬🇧 [email protected]	2026-03-28 00:30:33 (2 months ago)	...	Brute-Force SSH
🇺🇸 myagent.site	2026-03-27 21:19:03 (2 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇫🇷 Kenshin869	2026-03-27 20:20:41 (2 months ago)	Wordpress unauthorized access attempt	Brute-Force
🇩🇪 Interceptor_HQ	2026-03-27 13:16:01 (2 months ago)	request_uri: /xmlrpc.php -- automatic report --	Brute-Force Hacking

Showing 1 to 15 of 57 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 192.145.210.25

🇨🇴 181.54.165.138

🇺🇸 143.42.0.20

🇨🇳 111.113.89.244

🇷🇴 80.94.92.186

🇷🇴 80.94.92.65

🇨🇳 59.51.98.254

🇺🇸 20.55.35.217

🇹🇭 202.29.225.158

🇫🇷 176.133.31.101

🇨🇳 124.174.70.250

🇮🇳 115.98.170.193

🇨🇳 110.249.201.3

🇺🇸 108.181.22.199

🇵🇱 87.251.64.158

🇩🇪 85.203.15.85

🇩🇪 85.203.15.76

🇺🇦 45.11.57.172

🇺🇸 20.65.195.117

🇺🇸 20.64.104.44