JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.213.56.106

4.213.56.106 was found in our database!

This IP was reported 152 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇮🇳 India
City	Pune, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.213.56.106

Whois 4.213.56.106

IP Abuse Reports for 4.213.56.106:

This IP address has been reported a total of 152 times from 132 distinct sources. 4.213.56.106 was first reported on December 16th 2025, and the most recent report was 6 months ago.

Old Reports: The most recent abuse report for this IP address is from 6 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Site.eu	2025-12-18 05:34:09 (6 months ago)	Excessive 404/403 errors	Brute-Force
🇳🇱 homeshowdomain.nl	2025-12-17 23:00:17 (6 months ago)	Auto-ban: 14 malicious requests on 2025-12-16 (e.g., env/backup probes, brute-force, or error bursts ... show more Auto-ban: 14 malicious requests on 2025-12-16 (e.g., env/backup probes, brute-force, or error bursts). show less	Hacking Web App Attack SSH
🇯🇵 beon	2025-12-17 22:39:00 (6 months ago)	This IP was detected 4 times on my original honeypot and also performed automated reconnaissance and ... show more This IP was detected 4 times on my original honeypot and also performed automated reconnaissance and vulnerability scanning against my server between 2025-12-16T20:48:31Z UTC and 2025-12-16T20:48:42Z UTC. The honeypot files: /wp-content/plugins/hellopress/wp_filemanager.php, /wp.php, /autoload_classmap.php and /403.php. It issued 40 HTTP requests targeting 4 distinct suspicious paths within about 11 seconds. The targeted paths included examples such as: /file2.php, /re.php, /v3.php, /lib.php, /class9.php, /wsd.php and others. Multiple requests used filenames that resemble PHP web shells or exploitation payloads. The behavior is consistent with an automated directory and CMS reconnaissance scan, not normal user browsing. This IP appears to be performing malicious probing and should be treated as suspicious or blocked. show less	Hacking Brute-Force Web App Attack
🇹🇷 rtbh.com.tr	2025-12-17 20:10:30 (6 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇧🇪 Ivo Vynckier	2025-12-17 14:28:00 (6 months ago)	4.213.56.106 - - [16/Dec/2025:18:29:24 +0100] "GET /rss.php HTTP/1.1" 301 253 "-" "-" 4.213.56.106 ... show more 4.213.56.106 - - [16/Dec/2025:18:29:24 +0100] "GET /rss.php HTTP/1.1" 301 253 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:25 +0100] "GET /wpls.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:25 +0100] "GET /file7.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:26 +0100] "GET /zeal.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:26 +0100] "GET /c.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:27 +0100] "GET /133.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:27 +0100] "GET /makeasmtp.php HTTP/1.1" 404 27 "-" "-" 4.213.56.106 - - [16/Dec/2025:18:29:27 +0100] "GET /wrt.php HTTP/1.1" 301 253 "-" "-" show less	Web App Attack
Anonymous	2025-12-17 12:45:24 (6 months ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇬🇧 dadscabin	2025-12-17 07:17:00 (6 months ago)	excessive scraping	Brute-Force Bad Web Bot
Anonymous	2025-12-17 06:47:00 (6 months ago)	php url scan	Brute-Force Web App Attack
🇭🇺 DumaNet	2025-12-17 05:27:00 (6 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Dec 17. 01:24:55 Source IP: 4.213. ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Dec 17. 01:24:55 Source IP: 4.213.56.106 Portion of the log(s): 4.213.56.106 - [17/Dec/2025:01:24:52 +0100] "GET /sfcl.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:52 +0100] "GET /pu.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:51 +0100] "GET /222.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:51 +0100] "GET /buy.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:51 +0100] "GET /css/sf9.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:50 +0100] "GET /wp-includes/assets/zxl.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:50 +0100] "GET /wfile.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:50 +0100] "GET /wp-includes/Text/Diff/about.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:50 +0100] "GET /styll.php HTTP/1.1" 404 153 "-" "-" 4.213.56.106 - [17/Dec/2025:01:24:49 +0100] "GET /ah22.php HTTP/1.1" 404 show less	Web App Attack
🇺🇸 octageeks.com	2025-12-17 05:06:28 (6 months ago)	Wordpress malicious attack:[octascan]	Web App Attack
🇬🇧 djboddington	2025-12-17 01:53:27 (6 months ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Hacking Web App Attack
🇦🇺 nzhost.co.nz	2025-12-17 01:52:56 (6 months ago)	$f2bV_matches	Hacking Brute-Force
🇷🇴 RsH	2025-12-17 01:49:04 (6 months ago)	4.213.56.106 - - [17/Dec/2025:01:48:12 +0000] "GET /wp-admin/css/colors/midnight/about.php HTTP/2.0" ... show more 4.213.56.106 - - [17/Dec/2025:01:48:12 +0000] "GET /wp-admin/css/colors/midnight/about.php HTTP/2.0" 200 5628 "-" "-" 9af2c1befe708584-BOM 4.213.56.106 4.213.56.106 - - [17/Dec/2025:01:48:12 +0000] "GET /wp-admin/includes/ HTTP/2.0" 200 5628 "-" "-" 9af2c1c44ff18584-BOM 4.213.56.106 ... show less	Brute-Force Web App Attack
Anonymous	2025-12-17 01:31:48 (6 months ago)	spamd: identified spam	Email Spam
🇫🇷 Phenix Info	2025-12-17 01:31:06 (6 months ago)	SmallGuard.fr/Prestashop Honeypot	Web App Attack

Showing 1 to 15 of 152 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.247

🇮🇳 168.144.147.222

🇩🇪 165.154.164.57

🇧🇬 79.124.58.142

🇬🇧 51.68.207.118

🇨🇳 14.204.100.121

🇫🇮 204.168.205.167

🇮🇷 185.132.82.223

🇩🇪 151.240.164.89

🇰🇷 119.192.249.195

🇮🇳 117.239.45.10

🇷🇺 83.171.89.209

🇩🇪 69.5.169.228

🇺🇸 66.132.224.84

🇱🇹 45.227.254.170

🇳🇱 45.148.10.147

🇬🇧 5.226.140.48

🇨🇳 218.202.91.147

🇷🇺 217.24.185.244

🇬🇧 193.32.209.246