JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 20.29.41.126

20.29.41.126 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 96%: ?

96%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 20.29.41.126

Whois 20.29.41.126

IP Abuse Reports for 20.29.41.126:

This IP address has been reported a total of 38 times from 24 distinct sources. 20.29.41.126 was first reported on July 4th 2023, and the most recent report was 12 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-19 20:26:02 (12 hours ago)	(PERMBLOCK) 20.29.41.126 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs ... show more (PERMBLOCK) 20.29.41.126 (US/United States/-) has had more than 4 temp blocks in the last 86400 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-06-19 20:09:57 (12 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 16:09:51.213930 2026] [security2:error] [pid 10354:tid 10354] [client 20.29.41.126:50100] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|brushmileage.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "brushmileage.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ajWiDyRvNDn0T7Yj68-lnQAAAA8"], referer: https://www.google.com/search?q=wordpress show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 WeekendWeb	2026-06-19 19:41:29 (13 hours ago)	Wordpress Vunerability attack	Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 19:26:56 (13 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 15:26:48.887873 2026] [security2:error] [pid 26510:tid 26510] [client 20.29.41.126:62415] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|earthtwoworkshop.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "earthtwoworkshop.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajWX-B1KOIPyLVq3fDUk3AAAAAw"], referer: https://www.bing.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 2000cn.com.au	2026-06-19 19:14:55 (13 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bf-wordpress_bf	Web App Attack Brute-Force
Anonymous	2026-06-19 19:10:05 (13 hours ago)	CMS (WordPress or Joomla) brute force attempt.	Brute-Force
🇺🇸 TPI-Abuse	2026-06-19 18:11:50 (14 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 14:11:46.888833 2026] [security2:error] [pid 2655:tid 2655] [client 20.29.41.126:53026] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|naominixon.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "naominixon.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajWGYh8UuKCuGZdFtBKhigAAAAk"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 Mangelot Hosting	2026-06-19 17:53:20 (15 hours ago)	(wp_login_try) srv101 WP Login Attempt 20.29.41.126 (US/United States/-): 10 in the last 3600 secs; ... show more (wp_login_try) srv101 WP Login Attempt 20.29.41.126 (US/United States/-): 10 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇳🇱 Site.eu	2026-06-19 17:52:28 (15 hours ago)	Repeated wp-login/xmlrpc attempts	Brute-Force SSH
🇪🇸 alferez	2026-06-19 17:21:17 (15 hours ago)	Multiple WP Login Attack	Hacking Exploited Host Web App Attack
🇫🇷 COMAITE	2026-06-19 16:57:45 (16 hours ago)	CMS (WordPress or Joomla) brute force attempt.	Web App Attack
🇺🇸 mnsf	2026-06-19 16:06:09 (16 hours ago)	Abuse Detected (9)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 16:00:35 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:00:30.702208 2026] [security2:error] [pid 32606:tid 32606] [client 20.29.41.126:51960] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|expertprofessionalcleaners.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "expertprofessionalcleaners.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajVnnhgwBh3524a3GV3idQAAAAE"], referer: https://t.co/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-19 15:45:05 (17 hours ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-19 15:43:04 (17 hours ago)	(mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 20.29.41.126 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 11:42:58.819588 2026] [security2:error] [pid 519:tid 529] [client 20.29.41.126:58953] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thestoryofmyvoice.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thestoryofmyvoice.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajVjgpQXlKEjVjALBeI7RQAAAIQ"], referer: https://www.google.com/search?q=wordpress show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.92

🇦🇷 179.61.10.34

🇮🇳 171.76.131.102

🇦🇷 153.67.181.110

🇮🇳 152.59.18.64

🇺🇸 147.185.132.142

🇨🇦 138.197.164.175

🇮🇩 103.150.218.161

🇹🇷 78.173.87.2

🇺🇸 44.71.54.77

🇳🇱 37.46.113.235

🇨🇳 27.99.146.106

🇸🇳 213.154.80.51

🇨🇦 198.91.233.131

🇬🇧 193.163.125.149

🇮🇷 185.180.131.9

🇺🇸 172.253.210.17

🇮🇳 103.180.212.135

🇳🇱 91.92.40.7

🇺🇸 73.224.157.124