JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 132.196.89.16

132.196.89.16 was found in our database!

This IP was reported 52 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 132.196.89.16

Whois 132.196.89.16

IP Abuse Reports for 132.196.89.16:

This IP address has been reported a total of 52 times from 45 distinct sources. 132.196.89.16 was first reported on June 5th 2026, and the most recent report was 15 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-07 21:59:02 (15 hours ago)	Auto-ban: 203 malicious requests on 2026-06-06 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 203 malicious requests on 2026-06-06 (e.g., env/backup probes, brute-force, or error bursts). show less	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2026-06-07 05:13:16 (1 day ago)	1 attack on Alfa URLs: GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1	Hacking
🇳🇱 homeshowdomain.nl	2026-06-06 22:00:21 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-06	Web App Attack SSH Hacking
Anonymous	2026-06-06 08:05:04 (2 days ago)	PHP file probing detected by Fail2Ban	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 07:31:26 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 132.196.89.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 132.196.89.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:31:19.617861 2026] [security2:error] [pid 7454:tid 7454] [client 132.196.89.16:6706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cypro.com"] [uri "/wp-config.php"] [unique_id "aiPMx-Jb03xOaD7ok8RrGAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-06-06 07:26:30 (2 days ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇩🇪 betternews.app	2026-06-06 07:18:06 (2 days ago)	"a web request contained keyword "wp-content"; Suspicious URL: /wp-content/plugins/hellopress/wp_fil ... show more "a web request contained keyword "wp-content"; Suspicious URL: /wp-content/plugins/hellopress/wp_filemanager.php" show less	Web Spam Blog Spam Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 07:08:25 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 132.196.89.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 132.196.89.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 03:08:20.478399 2026] [security2:error] [pid 31823:tid 31823] [client 132.196.89.16:2209] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.angelaridgwaydressage.com"] [uri "/wp-config.php"] [unique_id "aiPHZOJlRLgl_9SnlZwRIQAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 pinguin	2026-06-06 05:27:37 (2 days ago)	Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/1.1 (GE ... show more Triggered Cloudflare WAF (linkMaze) from US. Action taken: LINK_MAZE_INJECTED Protocol: HTTP/1.1 (GET method) Endpoint: /images UA: Empty string This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇩🇪 raph	2026-06-06 05:14:12 (2 days ago)	[DOT FILES] crawler .env, .git, .config, etc.	Bad Web Bot Web App Attack
🇬🇧 openstrike.co.uk	2026-06-06 05:13:05 (2 days ago)	2 attacks on Alfa URLs: GET /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1	Hacking
🇫🇷 tilellit.pro	2026-06-06 05:11:57 (2 days ago)	Fail2Ban banned 132.196.89.16 for security violations in jail nginx-aggressive. Log: 2026/06/06 05:1 ... show more Fail2Ban banned 132.196.89.16 for security violations in jail nginx-aggressive. Log: 2026/06/06 05:11:54 [error] FastCGI sent in stderr: "Primary script unknown" , client: 132.196.89.16, server: [REDACTED], request: "GET /wp-info.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED] 2026/06/06 05:11:57 [error] FastCGI sent in stderr: "Primary script unknown" , client: 132.196.89.16, server: [REDACTED], request: "GET /wp-info.php HTTP/2.0", upstream: [REDACTED], host: [REDACTED] ... show less	Bad Web Bot Web App Attack
Anonymous	2026-06-06 04:22:33 (2 days ago)	132.196.89.16 - - [06/Jun/2026:06:19:02 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.ph ... show more 132.196.89.16 - - [06/Jun/2026:06:19:02 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 46694 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:05 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 40420 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:09 +0200] "GET /ahax.php HTTP/1.1" 404 40399 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:10 +0200] "GET /breads1.php HTTP/1.1" 404 40045 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:11 +0200] "GET /must.php HTTP/1.1" 404 40047 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:12 +0200] "GET /up.php HTTP/1.1" 404 40039 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:13 +0200] "GET /leaf_php.php HTTP/1.1" 404 40045 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:13 +0200] "GET /nowpf.php HTTP/1.1" 404 40042 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:15 +0200] "GET /bypass.php HTTP/1.1" 404 40043 "-" "-" 132.196.89.16 - - [06/Jun/2026:06:19:17 +0200] "GET /about.php HTTP/1.1" 404 40042 "-" "-" 132.196.89.16 - - [06/Jun/2026 ... show less	DDoS Attack
Anonymous	2026-06-06 04:02:11 (2 days ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: US, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent show less	Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-06-06 04:00:18 (2 days ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot

Showing 1 to 15 of 52 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 64.62.156.146

🇨🇳 220.202.112.177

🇧🇷 187.120.73.79

🇺🇸 185.92.182.129

🇧🇷 177.101.0.11

🇻🇳 165.154.137.186

🇺🇸 107.173.197.132

🇺🇸 47.77.229.178

🇩🇪 193.124.20.227

🇧🇷 189.36.251.188

🇵🇭 158.62.6.22

🇳🇱 104.28.163.192

🇮🇳 103.44.136.115

🇵🇰 45.194.15.168

🇺🇸 34.170.121.237

🇻🇳 14.187.11.175

🇭🇰 199.45.155.72

🇶🇦 176.202.63.144

🇳🇱 176.65.139.140

🇻🇳 171.244.143.209