JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.118.17.138

20.118.17.138 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.118.17.138

Whois 20.118.17.138

IP Abuse Reports for 20.118.17.138:

This IP address has been reported a total of 42 times from 33 distinct sources. 20.118.17.138 was first reported on January 23rd 2026, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Mendip_Defender	2026-06-27 09:29:11 (10 minutes ago)	20.118.17.138 - - [27/Jun/2026:10:29:02 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "https://wessex ... show more 20.118.17.138 - - [27/Jun/2026:10:29:02 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "https://wessex4x4response.org.uk/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.118.17.138 - - [27/Jun/2026:10:29:04 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇲🇹 Malta	2026-06-27 09:10:16 (29 minutes ago)	20.118.17.138 - - [27/Jun/2026:11:10:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows N ... show more 20.118.17.138 - - [27/Jun/2026:11:10:16 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇪🇸 masterguru	2026-06-27 06:32:24 (3 hours ago)	(PERMBLOCK) 20.118.17.138 (US/United States/-) has had more than 4 temp blocks in the last 86400 sec ... show more (PERMBLOCK) 20.118.17.138 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs (0-122) show less	Hacking
🇩🇪 london2038.com	2026-06-27 04:45:36 (4 hours ago)	Attacking WordPress 20.118.17.138 - - [27/Jun/2026:06:45:34 +0200] "POST /wp-login.php HTTP/2.0" 503 ... show more Attacking WordPress 20.118.17.138 - - [27/Jun/2026:06:45:34 +0200] "POST /wp-login.php HTTP/2.0" 503 19289 "https://<REDACTED>/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-06-27 04:45:09 (4 hours ago)	Repeated attacks detected by Fail2Ban in recidive jail	Hacking
Anonymous	2026-06-27 02:46:10 (6 hours ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-27 02:20:07 (7 hours ago)	2026-06-27T02:46:38.625504+02:00 aion wordpress[758060]: Authentication attempt for unknown user mic ... show more 2026-06-27T02:46:38.625504+02:00 aion wordpress[758060]: Authentication attempt for unknown user michael from 20.118.17.138 2026-06-27T04:20:05.847564+02:00 aion wordpress[837513]: Authentication attempt for unknown user michael from 20.118.17.138 ... show less	Hacking Brute-Force
🇫🇷 SpaceHost-Server	2026-06-27 02:15:02 (7 hours ago)	20.118.17.138 - - [27/Jun/2026:04:13:24 +0200] "POST /wp-login.php HTTP/1.1" 200 15865 "https://fina ... show more 20.118.17.138 - - [27/Jun/2026:04:13:24 +0200] "POST /wp-login.php HTTP/1.1" 200 15865 "https://finaz.pluswohnen.de/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.118.17.138 - - [27/Jun/2026:04:14:55 +0200] "POST /wp-login.php HTTP/1.1" 200 11652 "https://rainbow.wp-knowhow.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.118.17.138 - - [27/Jun/2026:04:15:01 +0200] "POST /wp-login.php HTTP/1.1" 200 16416 "https://lotsen.wp4dich.com/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" show less	Hacking Web App Attack
🇨🇭 Origon	2026-06-27 02:00:37 (7 hours ago)	recidive - IP: 20.118.17.138 - 2026-06-26 10:54:31,940 fail2ban.actions [1068196]: NOTICE [plesk-wo ... show more recidive - IP: 20.118.17.138 - 2026-06-26 10:54:31,940 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 20.118.17.138 2026-06-27 03:15:32,025 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 20.118.17.138 2026-06-27 04:00:36,855 fail2ban.actions [1068196]: NOTICE [plesk-wordpress] Ban 20.118.17.138 show less	Web App Attack
🇨🇦 KIsmay	2026-06-27 01:50:41 (7 hours ago)	Jun 26 17:35:24 www4 WPAudit[3287696]: 20.118.17.138 siscobc.com "Mozilla/5.0 (Windows NT 10.0; Win6 ... show more Jun 26 17:35:24 www4 WPAudit[3287696]: 20.118.17.138 siscobc.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:siscobc123! FAIL Jun 26 17:54:57 www4 WPAudit[3289413]: 20.118.17.138 www.nelsonbcwelding.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sbd-admin:Sbd-admin123! FAIL Jun 26 21:28:24 www4 WPAudit[3305037]: 20.118.17.138 www.bestnelson.org "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" katietabor-developer:katietabordeveloper@ FAIL Jun 26 21:30:08 www4 WPAudit[3303954]: 20.118.17.138 siscobc.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" sisco:Sisco@ FAIL Jun 26 21:50:40 www4 WPAudit[3306696]: 20.118.17.138 siscobc.com "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Geck ... show less	Brute-Force Web App Attack
🇬🇧 andypiper	2026-06-27 01:02:59 (8 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇬🇧 Mendip_Defender	2026-06-27 00:50:21 (8 hours ago)	20.118.17.138 - - [27/Jun/2026:01:50:12 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "https://wessex ... show more 20.118.17.138 - - [27/Jun/2026:01:50:12 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "https://wessex4x4response.org.uk/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 20.118.17.138 - - [27/Jun/2026:01:50:14 +0100] "GET /wp-login.php HTTP/1.1" 200 7826 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
🇦🇺 QT	2026-06-27 00:36:58 (9 hours ago)	Unauthorised WordPress admin login attempted at 2026-06-27 10:36:57 +1000	Web App Attack
🇫🇷 solution.it	2026-06-27 00:09:36 (9 hours ago)	[Sat Jun 27 02:09:36.177853 2026] [php7:error] [pid 3109213:tid 3109213] [client 20.118.17.138:38016 ... show more [Sat Jun 27 02:09:36.177853 2026] [php7:error] [pid 3109213:tid 3109213] [client 20.118.17.138:38016] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇷🇴 SpamStopper	2026-06-26 23:56:20 (9 hours ago)	Fail2Ban - WP Spoofing	Port Scan Brute-Force Web App Attack

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 217.61.143.105

🇫🇷 82.64.38.234

🇬🇧 35.203.211.53

🇹🇳 197.5.145.114

🇮🇩 182.9.33.4

🇺🇸 128.203.204.195

🇰🇷 119.204.60.250

🇹🇭 118.193.56.246

🇻🇳 103.106.104.25

🇳🇱 89.21.67.149

🇭🇰 43.129.170.61

🇺🇸 20.65.195.48

🇺🇸 5.161.101.51

🇺🇸 2a03:2880:f800:19::

🇺🇸 170.106.152.135

🇺🇸 162.216.149.12

🇩🇪 158.94.208.36

🇳🇿 121.73.169.140

🇫🇷 92.205.50.247

🇳🇱 91.92.40.12