AbuseIPDB » 111.90.150.28

111.90.150.28 was found in our database!

This IP was reported 955 times. Confidence of Abuse is 100%: ?

100%

ISP	Shinjiru Technology Sdn Bhd
Usage Type	Data Center/Web Hosting/Transit
Hostname(s)	adidas-2.com
Domain Name	shinjiru.com.my
Country	Malaysia
City	Kuala Lumpur, Wilayah Persekutuan Kuala Lumpur

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 111.90.150.28

Whois 111.90.150.28

IP Abuse Reports for 111.90.150.28:

This IP address has been reported a total of 955 times from 137 distinct sources. 111.90.150.28 was first reported on May 13th 2022, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
theEngineer	14 hours ago	Exploit attempt against non-existent file - /wp-login	Web App Attack
Unwasted	16 hours ago	Abusive content scan (abuse_score:>80)	Hacking Brute-Force Web App Attack
GeekOnTheHill	17 hours ago	GET /wp-login.php HTTP/1.1	Hacking Web App Attack
bigorre.org	17 hours ago	suspicious query, Sniffing for wordpress log:/wp-login.php	Web App Attack
expandmade.com	17 hours ago	trolling for wp-login [17/Aug/2022:15:34:41 "GET /wp-login.php"]	Web App Attack
Rocky Mountain Bioengineering Symposium	17 hours ago	111.90.150.28 - - [17/Aug/2022:09:15:35 -0600] "GET /wp-login.php HTTP/1.1" 301 464 "-" "Mozilla/5.0 ... show more111.90.150.28 - - [17/Aug/2022:09:15:35 -0600] "GET /wp-login.php HTTP/1.1" 301 464 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" ... show less	Web App Attack
nyclee.net	20 hours ago	WebApp Attack	Brute-Force Web App Attack
plzenskypruvodce.cz	21 hours ago	[Wed Aug 17 13:07:44.787395 2022] [access_compat:error] [pid 145540:tid 140051912558336] [client 111 ... show more[Wed Aug 17 13:07:44.787395 2022] [access_compat:error] [pid 145540:tid 140051912558336] [client 111.90.150.28:43728] AH01797: client denied by server configuration: /var/www/vzkrisenevarhany.cz/www/xmlrpc.php [Wed Aug 17 13:19:51.535229 2022] [access_compat:error] [pid 147253:tid 140051971307264] [client 111.90.150.28:37658] AH01797: client denied by server configuration: /var/www/tzb-chmelarova.cz/www/xmlrpc.php ... show less	Web App Attack
Anonymous	22 hours ago	(mod_security) mod_security (id:972687) triggered by 111.90.150.28 (MY/Malaysia/adidas-2.com): 2 in ... show more(mod_security) mod_security (id:972687) triggered by 111.90.150.28 (MY/Malaysia/adidas-2.com): 2 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Aug 17 06:30:07.037122 2022] [:error] [pid 2718566] [client 111.90.150.28:42476] [client 111.90.150.28] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "guedesribeiro.com.br"] [uri "/xmlrpc.php"] [unique_id "Yvy1HyWxMwfFxbf-5tS7_AAAAAI"] [Wed Aug 17 06:51:17.600056 2022] [:error] [pid 2729213] [client 111.90.150.28:44030] [client 111.90.150.28] ModSecurity: Access denied with code 401 (phase 2). Operator EQ matched 0 at REQUEST_HEADERS. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "7"] [id "972687"] [msg "xmlrpc request blocked, no referrer"] [hostname "gatilsheroncats.com"] [uri "/xmlrpc.php"] [unique_id "Yvy6Fe5E5OMAwLAfnWL-1AAAABM"] show less	Port Scan
Anonymous	16 Aug 2022	Fail2Ban Auto Report of Attack	Web App Attack
Sklurk	16 Aug 2022		Web App Attack
Anonymous	16 Aug 2022	Attempted WordPress login: 111.90.150.28 - - [16/Aug/2022:15:49:47 +0100] "GET /wp-login.php ... show moreAttempted WordPress login: 111.90.150.28 - - [16/Aug/2022:15:49:47 +0100] "GET /wp-login.php HTTP/1.1" 200 234 "http://runto.me.uk/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:96.0) Gecko/20100101 Firefox/96" show less	Hacking Web App Attack
HJ5Ss4Ju	16 Aug 2022	Blocked by Wordfence (SID 4)	Web App Attack
HJ5Ss4Ju	16 Aug 2022	Blocked by Wordfence (SID 5)	Web App Attack
Anonymous	16 Aug 2022	[Tue Aug 16 06:17:23.861604 2022] [fcgid:warn] [pid 27072:tid 139826795890432] [client 111.90.150.28 ... show more[Tue Aug 16 06:17:23.861604 2022] [fcgid:warn] [pid 27072:tid 139826795890432] [client 111.90.150.28:44464] mod_fcgid: stderr: WP User : admin authentication failure | IP : 111.90.150.28 | URL https://www.pekola.net/wp-admin/ [Tue Aug 16 06:22:54.303528 2022] [fcgid:warn] [pid 27072:tid 139825512429312] [client 111.90.150.28:56270] mod_fcgid: stderr: WP User : admin authentication failure | IP : 111.90.150.28 | URL https://souldubler.com/wp-admin/ [Tue Aug 16 06:56:40.008486 2022] [fcgid:warn] [pid 27072:tid 139824447080192] [client 111.90.150.28:43892] mod_fcgid: stderr: WP User : admin authentication failure | IP : 111.90.150.28 | URL https://www.pekola.net/wp-admin/ ... show less	Brute-Force Web App Attack

Is this your IP? You may request to takedown any associated reports. We will attempt to verify your ownership. Request Takedown 🚩