AbuseIPDB » 20.28.148.94

Check an IP Address, Domain Name, or Subnet

e.g. 18.207.133.27, microsoft.com, or 5.188.10.0/24

20.28.148.94 was found in our database!

This IP was reported 81 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
Domain Name	microsoft.com
Country	Australia
City	Sydney, New South Wales

IP info including ISP, Usage Type, and Location provided by IP2Location. Updated monthly.

Report 20.28.148.94

Whois 20.28.148.94

IP Abuse Reports for 20.28.148.94:

This IP address has been reported a total of 81 times from 43 distinct sources. 20.28.148.94 was first reported on May 20th 2022, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago. It is possible that this IP is no longer involved in abusive activities.

Reporter	Date	Comment	Categories
tradenet	02 Jun 2022	20.28.148.94 - - [02/Jun/2022:12:48:20 -0500] "POST //xmlrpc.php HTTP/2.0" 200 236 "-" "Mozilla/5.0 ... show more20.28.148.94 - - [02/Jun/2022:12:48:20 -0500] "POST //xmlrpc.php HTTP/2.0" 200 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:12:48:20 -0500] "POST //xmlrpc.php HTTP/2.0" 200 212 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:12:48:21 -0500] "POST //xmlrpc.php HTTP/2.0" 200 212 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:12:48:22 -0500] "POST //xmlrpc.php HTTP/2.0" 200 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:12:48:23 -0500] "POST //xmlrpc.php HTTP/2.0" 200 236 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0 ... show less	Bad Web Bot Web App Attack
CryptoYakari	02 Jun 2022	20.28.148.94 - - [02/Jun/2022:11:38:16 +0300] "GET /plex//wp-includes/wlwmanifest.xml HTTP/1.0" 404 ... show more20.28.148.94 - - [02/Jun/2022:11:38:16 +0300] "GET /plex//wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:11:38:28 +0300] "GET /plex//xmlrpc.php?rsd HTTP/1.0" 404 201 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:11:38:36 +0300] "GET /plex//blog/wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:11:38:37 +0300] "GET /plex//web/wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:11:38:37 +0300] "GET /plex//wordpress/wp-includes/wlwmanifest.xml H ... show less	Web Spam Blog Spam Bad Web Bot Web App Attack
CryptoYakari	02 Jun 2022	20.28.148.94 - - [02/Jun/2022:09:51:59 +0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 ... show more20.28.148.94 - - [02/Jun/2022:09:51:59 +0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:09:51:59 +0300] "GET //xmlrpc.php?rsd HTTP/1.0" 404 201 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:09:52:01 +0300] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:09:52:40 +0300] "GET //web/wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" 20.28.148.94 - - [02/Jun/2022:09:52:41 +0300] "GET //wordpress/wp-includes/wlwmanifest.xml HTTP/1.0" 404 3589 "-" "Mo ... show less	Web Spam Blog Spam Bad Web Bot Web App Attack
Major Hostility	01 Jun 2022	"GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 "GET /xmlrpc.php?rsd HTTP/1.1" 403 "GET ... show more"GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 "GET /xmlrpc.php?rsd HTTP/1.1" 403 "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 show less	Web App Attack
AMRE	01 Jun 2022	xmlrpc	Brute-Force
akac	01 Jun 2022	Probing for Windows Live Writer Manifest files (wlwmanifest.xml) Request: GET /wp-includes/wlw ... show moreProbing for Windows Live Writer Manifest files (wlwmanifest.xml) Request: GET /wp-includes/wlwmanifest.xml User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36 show less	Web Spam Brute-Force Bad Web Bot Web App Attack
HJ5Ss4Ju	31 May 2022	Blocked by Wordfence (SID 5)	Web App Attack
conseilgouz	31 May 2022	pre-7 : Trying access unauthorized files/dir=>//wp-includes/wlwmanifest.xml	Hacking
Mihr	31 May 2022	Wordpress vulnerability scanning: "/sito/wp-includes/wlwmanifest.xml"	Web App Attack
simgui8	31 May 2022	WordPress xmlrpc attack.	Brute-Force Web App Attack
blinx	31 May 2022	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
appuni	31 May 2022	(wordpress) Failed wordpress login from 20.28.148.94 (US/United States/-): (CF_ENABLE)	Brute-Force
Maykson	31 May 2022	20.28.148.94 - - [31/May/2022:04:10:33 -0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 403 3576 ... show more20.28.148.94 - - [31/May/2022:04:10:33 -0300] "GET //wp-includes/wlwmanifest.xml HTTP/1.1" 403 3576 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" ... show less	Exploited Host Web App Attack
CryptoYakari	31 May 2022	20.28.148.94 - - [31/May/2022:08:49:14 +0300] "GET / HTTP/1.0" 403 569 "-" "Mozilla/5.0 (Windows NT ... show more20.28.148.94 - - [31/May/2022:08:49:14 +0300] "GET / HTTP/1.0" 403 569 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" 20.28.148.94 - - [31/May/2022:08:49:15 +0300] "GET //?author=1 HTTP/1.0" 403 569 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" 20.28.148.94 - - [31/May/2022:08:49:16 +0300] "GET //?author=2 HTTP/1.0" 403 568 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36" ... show less	Web Spam Blog Spam Bad Web Bot Web App Attack
nyclee.net	31 May 2022	Excessive Request/Connection Hacking Attempt to HoneyPot	Hacking Brute-Force