JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 191.232.234.48

191.232.234.48 was found in our database!

This IP was reported 238 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft do Brasil Imp. e Com. Software e Video G
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 191.232.234.48

Whois 191.232.234.48

IP Abuse Reports for 191.232.234.48:

This IP address has been reported a total of 238 times from 208 distinct sources. 191.232.234.48 was first reported on June 8th 2026, and the most recent report was 10 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 excill	2026-06-09 03:17:05 (10 minutes ago)	Honeypot mesh observed 576 attack events in 24h — cowrie/dionaea/heralding/suricata	Port Scan Hacking Brute-Force SSH
🇪🇸 yvoictra	2026-06-09 01:48:16 (1 hour ago)	191.232.234.48 - - [09/Jun/2026:03:48:15 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 191.232.234.48 - - [09/Jun/2026:03:48:15 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 162 "-" "-" 191.232.234.48 - - [09/Jun/2026:03:48:15 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 162 "-" "-" 191.232.234.48 - - [09/Jun/2026:03:48:15 +0200] "GET /nf_tracking.php HTTP/1.1" 404 162 "-" "-" 191.232.234.48 - - [09/Jun/2026:03:48:16 +0200] "GET /ms-edit.php HTTP/1.1" 404 162 "-" "-" 191.232.234.48 - - [09/Jun/2026:03:48:16 +0200] "GET /wp-Blogs.php HTTP/1.1" 404 162 "-" "-" ... show less	Brute-Force Web App Attack
🇩🇪 itsolon	2026-06-09 01:23:37 (2 hours ago)	[09/Jun/2026:03:23:33 +0200] 178096821394.428858 191.232.234.48 0 217.154.7.177 443 [09/Jun/2026:03: ... show more [09/Jun/2026:03:23:33 +0200] 178096821394.428858 191.232.234.48 0 217.154.7.177 443 [09/Jun/2026:03:23:34 +0200] 17809682148.816228 191.232.234.48 22100 217.154.7.177 80 [09/Jun/2026:03:23:35 +0200] 178096821548.809845 191.232.234.48 0 217.154.7.177 443 [09/Jun/2026:03:23:36 +0200] 178096821673.044299 191.232.234.48 22100 217.154.7.177 80 [09/Jun/2026:03:23:36 +0200] 178096821644.561376 191.232.234.48 0 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇺🇸 xpto	2026-06-09 01:20:31 (2 hours ago)	Blocked for probing for web application vulnerabilities	Web App Attack
🇺🇸 sandap1	2026-06-09 01:15:00 (2 hours ago)	Blocked by os-abuseipdb; 5 hits, proto=tcp, ports=80,src_ip=191.232.234.48	Port Scan Hacking
Anonymous	2026-06-09 01:14:17 (2 hours ago)	PSCSERV WPSCAN 191.232.234.48	Bad Web Bot Web App Attack
🇩🇪 pltcldvlpr	2026-06-09 01:11:50 (2 hours ago)	CMS/framework probe: 191.232.234.48 - - [09/Jun/2026:03:11:49 +0200] "GET /wp-content/plugins/hellop ... show more CMS/framework probe: 191.232.234.48 - - [09/Jun/2026:03:11:49 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 178 "-" "-" asn=8075 org="Microsoft Corporation" country=BR ... show less	Web App Attack
🇹🇭 thaizone.com	2026-06-09 01:10:18 (2 hours ago)	Hacking attempts against websites (D1) #2	Web App Attack Hacking
🇩🇪 Trueforce Threat Report	2026-06-09 01:08:27 (2 hours ago)	Automated report, trolling for resource vulnerabilities	Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-09 01:07:31 (2 hours ago)	Probing for exploits 191.232.234.48 - - [09/Jun/2026:03:06:28 +0200] "GET /wp-content/plugins/hellop ... show more Probing for exploits 191.232.234.48 - - [09/Jun/2026:03:06:28 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 169 "-" "-" 191.232.234.48 - - [09/Jun/2026:03:07:28 +0200] "GET /8.php HTTP/1.1" 422 0 "-" "-" show less	Hacking Web App Attack
🇬🇧 andypiper	2026-06-09 01:00:39 (2 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇨🇭 blinx	2026-06-09 00:57:20 (2 hours ago)	Suspicious activity detected by Modsecurity	Web Spam Port Scan Hacking Bad Web Bot Web App Attack
🇫🇮 Christopher Hughes	2026-06-09 00:55:52 (2 hours ago)	[Tue Jun 09 01:45:47.428430 2026] [proxy_fcgi:error] [pid 544672:tid 139822784255552] [client 191.23 ... show more [Tue Jun 09 01:45:47.428430 2026] [proxy_fcgi:error] [pid 544672:tid 139822784255552] [client 191.232.234.48:62923] AH01071: Got error 'Primary script unknown' [Tue Jun 09 01:55:51.208268 2026] [proxy_fcgi:error] [pid 544672:tid 139822775862848] [client 191.232.234.48:62801] AH01071: Got error 'Primary script unknown' [Tue Jun 09 01:55:51.818186 2026] [proxy_fcgi:error] [pid 544672:tid 139822626747968] [client 191.232.234.48:62801] AH01071: Got error 'Primary script unknown' [Tue Jun 09 01:55:52.343400 2026] [proxy_fcgi:error] [pid 544672:tid 139821737547328] [client 191.232.234.48:62801] AH01071: Got error 'Primary script unknown' [Tue Jun 09 01:55:52.559002 2026] [proxy_fcgi:error] [pid 544672:tid 139822635140672] [client 191.232.234.48:62801] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
Anonymous	2026-06-09 00:54:21 (2 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
Anonymous	2026-06-09 00:54:14 (2 hours ago)	Web Probe / Attack	Web App Attack

Showing 1 to 15 of 238 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 80.94.92.165

🇺🇸 209.141.47.217

🇺🇸 198.98.56.205

🇩🇪 167.94.146.48

🇺🇸 147.182.209.133

🇨🇳 120.192.81.133

🇺🇸 97.101.147.8

🇫🇷 85.217.140.29

🇳🇱 45.148.10.147

🇸🇬 43.160.233.207

🇹🇼 34.80.112.161

🇺🇸 34.74.195.101

🇮🇳 202.9.122.123

🇩🇪 194.88.98.126

🇺🇸 184.154.194.183

🇺🇸 162.216.150.87

🇷🇴 92.118.39.236

🇳🇱 91.92.42.10

🇮🇹 82.59.46.116

🇩🇪 213.209.159.231