JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.232.196.122

191.232.196.122 was found in our database!

This IP was reported 121 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft do Brasil Imp. e Com. Software e Video G
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.232.196.122

Whois 191.232.196.122

IP Abuse Reports for 191.232.196.122:

This IP address has been reported a total of 121 times from 86 distinct sources. 191.232.196.122 was first reported on June 6th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 SpaceHost-Server	2026-06-08 22:27:24 (3 hours ago)		Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-08 21:59:13 (3 hours ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-07. show less	Web App Attack SSH Hacking
🇬🇧 openstrike.co.uk	2026-06-08 05:13:23 (20 hours ago)	104 attacks on PHP URLs: GET /wp-conffg.php HTTP/1.1	Web App Attack
Anonymous	2026-06-08 03:07:12 (22 hours ago)	Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: Word ... show more Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: BR, Attack patterns: WordPress scanning, Webshell probing, Cloud secrets probing show less	Bad Web Bot Web App Attack
Anonymous	2026-06-08 00:10:37 (1 day ago)	vars[0]=md5&vars[1][]=Hello	Fraud Orders Hacking Brute-Force Web App Attack
🇳🇱 Site.eu	2026-06-07 23:18:09 (1 day ago)	Excessive multi-domain requests	Brute-Force
🇳🇱 homeshowdomain.nl	2026-06-07 21:59:25 (1 day ago)	Auto-ban: >3000 req/min op 2026-06-07	Web App Attack SSH Hacking
🇩🇪 strxmpp	2026-06-07 18:07:00 (1 day ago)	191.232.196.122 - - [07/Jun/2026:20:06:59 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager. ... show more 191.232.196.122 - - [07/Jun/2026:20:06:59 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 655 "-" "-" ... show less	Bad Web Bot
🇺🇸 Rayulcifer	2026-06-07 18:06:27 (1 day ago)	[Sun Jun 07 18:06:20.584685 2026] [authz_core:error] [pid 1935852:tid 125174909220544] [client 191.2 ... show more [Sun Jun 07 18:06:20.584685 2026] [authz_core:error] [pid 1935852:tid 125174909220544] [client 191.232.196.122:12782] AH01630: client denied by server configuration: proxy:http://localhost:4000/wp-content/plugins/hellopress/wp_filemanager.php [Sun Jun 07 18:06:26.439092 2026] [authz_core:error] [pid 1935589:tid 125175337051840] [client 191.232.196.122:12799] AH01630: client denied by server configuration: proxy:http://localhost:4000/this_is_a_new_hello_world.php [Sun Jun 07 18:06:26.554417 2026] [authz_core:error] [pid 1935589:tid 125174892435136] [client 191.232.196.122:12799] AH01630: client denied by server configuration: proxy:http://localhost:4000/wp-signup.php [Sun Jun 07 18:06:26.669152 2026] [authz_core:error] [pid 1935589:tid 125174229739200] [client 191.232.196.122:12799] AH01630: client denied by server configuration: proxy:http://localhost:4000/class.php [Sun Jun 07 18:06:26.783945 2026] [authz_core:error] [pid 1935589:tid 125173583828672] [client 191.232.196.122:12799] AH0 ... show less	Brute-Force SSH
🇬🇧 Buster	2026-06-07 17:37:00 (1 day ago)	Usual script kiddie wordpress attack script from Perm Blocked ASN and country	Open Proxy Brute-Force Web App Attack
🇺🇸 Epimetheus	2026-06-07 17:34:18 (1 day ago)	Unauthorized access attempts: [GET] /wp-trackback.php [GET] /wp-start.php [GET] /wp-mail.php [GET] ... show more Unauthorized access attempts: [GET] /wp-trackback.php [GET] /wp-start.php [GET] /wp-mail.php [GET] /wp-activate.php [GET] /wp-conffq.php [GET] /index.php [GET] /php.ini [GET] /moon.php [GET] /classwithtostring.php [GET] /install.php [GET] /readme.php [GET] /0x.php [GET] /ALFA_DATA/index.php [GET] /403.php [GET] /brand.php [GET] /wp-admin/maint/about.php [GET] /0x1949.php [GET] /css.php [GET] /ini.php [GET] /fm.php [GET] /themes.php [GET] /class.php [GET] /wp-content/plugins/hellopress/wp_filemanager.php [GET] /wp-signup.php UA: Unknown show less	Web App Attack
🇫🇮 danskefilm.dk	2026-06-07 17:30:01 (1 day ago)	wordpress login attempts	Web App Attack
🇸🇬 securejdprop	2026-06-07 16:33:50 (1 day ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 191.232.196.122 performed ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 191.232.196.122 performed 'crowdsecurity/http-probing' (12 events over 16.054910825s) at 2026-06-07 16:33:49.142174909 +0000 UTC show less	Hacking Web App Attack
🇬🇧 Axel	2026-06-07 16:14:02 (1 day ago)	Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by pol ... show more Blocked by ModSecurity. Rule ID: 210730 Message: COMODO WAF: URL file extension is restricted by policy\|\|lixxus.co.uk\|F\|2 Phase: 2 Severity: CRITICAL URI: /php.ini Server: UK-01 show less	Web App Attack Hacking SQL Injection
Anonymous	2026-06-07 14:58:35 (1 day ago)	Brute forcing Wordpress login	Hacking Web App Attack

Showing 1 to 15 of 121 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 218.157.251.94

🇳🇱 176.65.148.158

🇳🇱 172.253.7.213

🇮🇳 152.59.166.113

🇺🇸 147.185.132.105

🇺🇸 216.25.89.141

🇧🇪 207.175.69.178

🇳🇱 176.65.139.41

🇨🇳 120.85.117.148

🇹🇼 111.185.177.34

🇺🇸 107.150.103.12

🇨🇳 106.227.75.197

🇫🇷 62.171.184.24

🇧🇷 45.172.162.153

🇪🇪 31.59.160.12

🇺🇸 216.25.89.84

🇧🇷 205.210.31.212

🇧🇷 187.95.234.232

🇺🇸 172.190.102.86

🇰🇷 140.238.18.9