I have a couple of apache addons to thwart malicious traffic.
Yesterday, got a notice from one of those:
"Subject: HTTP BLACKLIST 20.205.11.41
HTTP Blacklisted 20.205.11.41"
Why? According go logs, it was checking to see if my blog (a WordPress) had
xmlrpc ... which it doesn't!
The IP address is from Microsoft.
whois gets this info:
Comment: To report suspected security issues specific to traffic emanating from Microsoft online services, including the distribution of malicious content or other illicit or illegal material through a Microsoft online service, please submit reports to:
Comment: * https://cert.microsoft.com.
Don't think I'll report to Microsoft, but add to my block list.
20.192.0.0/10
IMHO, when Microsoft starts to be the "Internet Police", we are all in trouble!
'SoS', Ken