AbuseIPDB » 20.189.112.171

Check an IP Address, Domain Name, or Subnet

e.g. 18.207.157.152, microsoft.com, or 5.188.10.0/24

20.189.112.171 was found in our database!

This IP was reported 79 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
Domain Name	microsoft.com
Country	Hong Kong
City	Hong Kong, Hong Kong

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 20.189.112.171

Whois 20.189.112.171

IP Abuse Reports for 20.189.112.171:

This IP address has been reported a total of 79 times from 33 distinct sources. 20.189.112.171 was first reported on August 5th 2022, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	Date	Comment	Categories
gu-alvareza	2 hours ago	WordPress.REST.API.Username.Enumeration.Information.Disclosure	Web App Attack
journals.uran.ua	14 Aug 2022	20.189.112.171 - - [14/Aug/2022:08:20:41 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [14/Aug/2022:08:20:41 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [14/Aug/2022:08:20:42 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [14/Aug/2022:06:02:55 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [14/Aug/2022:06:02:55 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [14/Aug/2022:06:02:57 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
Anonymous	13 Aug 2022	Probing for Open Source CMS Components	Hacking Brute-Force
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [14/Aug/2022:04:31:23 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [14/Aug/2022:04:31:23 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [14/Aug/2022:04:31:25 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [14/Aug/2022:02:59:13 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [14/Aug/2022:02:59:13 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [14/Aug/2022:02:59:15 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
nextweb	13 Aug 2022	(mod_security) mod_security (id:210410) triggered by 20.189.112.171 (HK/Hong Kong/Central and Wester ... show more(mod_security) mod_security (id:210410) triggered by 20.189.112.171 (HK/Hong Kong/Central and Western District/Central/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 5 in the last 3600 secs (CF_ENABLE) show less	Brute-Force
Dolphi	13 Aug 2022	POST //xmlrpc.php	Brute-Force Web App Attack
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [13/Aug/2022:17:05:22 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:17:05:22 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:17:05:23 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [13/Aug/2022:14:34:44 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:14:34:44 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:14:34:45 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	13 Aug 2022	20.189.112.171 - - [13/Aug/2022:11:53:39 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:11:53:39 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:11:53:41 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
mangomad	13 Aug 2022	Repeated Apache mod_security rule triggers	Brute-Force Web App Attack
journals.uran.ua	12 Aug 2022	20.189.112.171 - - [13/Aug/2022:04:05:12 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:04:05:12 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:04:05:13 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	12 Aug 2022	20.189.112.171 - - [13/Aug/2022:03:04:48 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:03:04:48 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:03:04:49 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack
journals.uran.ua	12 Aug 2022	20.189.112.171 - - [13/Aug/2022:01:43:54 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 ... show more20.189.112.171 - - [13/Aug/2022:01:43:54 +0300] "GET /wp-includes/ID3/license.txt HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 20.189.112.171 - - [13/Aug/2022:01:43:56 +0300] "GET /xmlrpc.php?rsd HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" ... show less	Web App Attack