JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.228.83.111

4.228.83.111 was found in our database!

This IP was reported 2,605 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇧🇷 Brazil
City	Campinas, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.228.83.111

Whois 4.228.83.111

IP Abuse Reports for 4.228.83.111:

This IP address has been reported a total of 2,605 times from 718 distinct sources. 4.228.83.111 was first reported on May 20th 2026, and the most recent report was 26 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kadour	2026-06-02 05:51:00 (2 days ago)	[Tue Jun 02 00:50:46.666360 2026] [proxy_fcgi:error] [pid 1436964:tid 1437122] [client 4.228.83.111: ... show more [Tue Jun 02 00:50:46.666360 2026] [proxy_fcgi:error] [pid 1436964:tid 1437122] [client 4.228.83.111:25382] AH01071: Got error 'Primary script unknown' [Tue Jun 02 00:50:47.015080 2026] [proxy_fcgi:error] [pid 1436964:tid 1437134] [client 4.228.83.111:25382] AH01071: Got error 'Primary script unknown' [Tue Jun 02 00:50:47.333920 2026] [proxy_fcgi:error] [pid 1436964:tid 1437135] [client 4.228.83.111:25382] AH01071: Got error 'Primary script unknown' [Tue Jun 02 00:50:47.937143 2026] [proxy_fcgi:error] [pid 1436964:tid 1437130] [client 4.228.83.111:25382] AH01071: Got error 'Primary script unknown' [Tue Jun 02 00:50:59.273418 2026] [proxy_fcgi:error] [pid 1436964:tid 1437119] [client 4.228.83.111:38509] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇫🇮 Christopher Hughes	2026-06-02 05:49:07 (2 days ago)	[Tue Jun 02 06:49:03.796909 2026] [proxy_fcgi:error] [pid 320245:tid 139775025616448] [client 4.228. ... show more [Tue Jun 02 06:49:03.796909 2026] [proxy_fcgi:error] [pid 320245:tid 139775025616448] [client 4.228.83.111:43717] AH01071: Got error 'Primary script unknown' [Tue Jun 02 06:49:04.458447 2026] [proxy_fcgi:error] [pid 320245:tid 139774811698752] [client 4.228.83.111:43717] AH01071: Got error 'Primary script unknown' [Tue Jun 02 06:49:04.673825 2026] [proxy_fcgi:error] [pid 320245:tid 139774786520640] [client 4.228.83.111:43717] AH01071: Got error 'Primary script unknown' [Tue Jun 02 06:49:05.106138 2026] [proxy_fcgi:error] [pid 320245:tid 139774761342528] [client 4.228.83.111:43717] AH01071: Got error 'Primary script unknown' [Tue Jun 02 06:49:07.160441 2026] [proxy_fcgi:error] [pid 320245:tid 139773628884544] [client 4.228.83.111:43717] AH01071: Got error 'Primary script unknown' ... show less	Web App Attack
🇳🇱 i-turnradio.nl	2026-06-02 05:46:07 (2 days ago)	2026-06-02 @ 07:46:07 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filema ... show more 2026-06-02 @ 07:46:07 (CET) ~ Blocked for trying to access: /wp-content/plugins/hellopress/wp_filemanager.php show less	Web App Attack
🇺🇸 ctidrv	2026-06-02 05:10:54 (2 days ago)	Honeypot detection. Threat score: 65/100. Collector: wp_login. \| Request: GET /wp-admin/js/autoload_ ... show more Honeypot detection. Threat score: 65/100. Collector: wp_login. \| Request: GET /wp-admin/js/autoload_classmap.php \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36 \| rDNS: 4.228.83.111 \| Reasons: wp_login_probe show less	Bad Web Bot
🇩🇪 4server	2026-06-02 05:00:29 (2 days ago)	[TueJun0207:00:24.6941792026][security2:error][pid3823073:tid3823116][client4.228.83.111:0]ModSecuri ... show more [TueJun0207:00:24.6941792026][security2:error][pid3823073:tid3823116][client4.228.83.111:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"\^/wp-content/$uploads\\|cache\\|backup\\|backups\\|upgrade\\|ai1wm-backups$/.\*\\\\\\\\.ph$p[0-9]\?\\|tml\\|ar$\$\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"317\"][id\"990070\"][msg\"PHPexecutionblockedinstoragedirectory\"][hostname\"autodiscover.danielasilvia.ch\"][uri\"/wp-content/upgrade/index.php\"][unique_id\"ah5jaDJUrZoH9TbDu831UQAAAEQ\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 Vianpyro	2026-06-02 04:46:24 (2 days ago)	Honeypot: 104 request(s) in 0 min. Paths: /wp-content/plugins/hellopress/wp_filemanager.php, /this_i ... show more Honeypot: 104 request(s) in 0 min. Paths: /wp-content/plugins/hellopress/wp_filemanager.php, /this_is_a_new_hello_world.php, /admin.php, /goods.php, /public/css.php. Method(s): GET. ASN: 8075 (Microsoft Corporation). show less	Web App Attack Bad Web Bot Brute-Force Hacking
🇺🇸 conrad10781	2026-06-02 04:44:06 (2 days ago)	nginx-4xx	Web App Attack
🇸🇬 securejdprop	2026-06-02 04:38:38 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 4.228.83.111 performed 'c ... show more This IP was detected by CrowdSec triggering crowdsecurity/http-probing. Ip 4.228.83.111 performed 'crowdsecurity/http-probing' (12 events over 12.088756474s) at 2026-06-02 04:38:36.639889968 +0000 UTC show less	Hacking Web App Attack
🇨🇭 Mario Bretscher	2026-06-02 04:37:03 (2 days ago)	[Tue Jun 02 06:37:01.370095 2026] [php:error] [pid 2209227] [client 4.228.83.111:30080] script '/var ... show more [Tue Jun 02 06:37:01.370095 2026] [php:error] [pid 2209227] [client 4.228.83.111:30080] script '/var/www/html/this_is_a_new_hello_world.php' not found or unable to stat [Tue Jun 02 06:37:01.598213 2026] [php:error] [pid 2209227] [client 4.228.83.111:30080] script '/var/www/html/admin.php' not found or unable to stat [Tue Jun 02 06:37:01.808350 2026] [php:error] [pid 2209227] [client 4.228.83.111:30080] script '/var/www/html/goods.php' not found or unable to stat ... show less	Web App Attack
🇹🇷 Detmach	2026-06-02 04:26:15 (2 days ago)	Security attack detected. Multiple failed attempts from 4.228.83.111. IP banned for 1440 minutes at ... show more Security attack detected. Multiple failed attempts from 4.228.83.111. IP banned for 1440 minutes at 02.06.2026 07:26:08. Failed attempts: 1 show less	Brute-Force
Anonymous	2026-06-02 04:23:13 (2 days ago)	4.228.83.111 - - [02/Jun/2026:06:23:12 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 4.228.83.111 - - [02/Jun/2026:06:23:12 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 162 "-" "-" ... show less	Brute-Force Web App Attack
Anonymous	2026-06-02 04:03:17 (2 days ago)	Brute-Force reported by Fail2Ban	Brute-Force Web App Attack
🇫🇷 GoodOldTOS	2026-06-02 03:51:32 (2 days ago)	Bad keywords detected in request: /wp-content/	Web App Attack
🇩🇪 David Ferneding	2026-06-02 03:51:23 (2 days ago)	Blocked by UFW (TCP on 80) Source port: 12120 TTL: 115 Packet length: 52 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 12120 TTL: 115 Packet length: 52 TOS: 0x00 This report (for 4.228.83.111) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 Epimetheus	2026-06-02 03:36:33 (2 days ago)	Unauthorized access attempts: [GET] /wp-includes/ID3/index.php [GET] /wp-includes/html-api/ [GET] / ... show more Unauthorized access attempts: [GET] /wp-includes/ID3/index.php [GET] /wp-includes/html-api/ [GET] /info.php [GET] /chosen.php [GET] /222.php [GET] /wp-admin/css/colors/ [GET] /inputs.php [GET] /wp-includes/js/ [GET] /f35.php [GET] /wp-admin/css/colors/index.php [GET] /about.php [GET] /admin/controller/extension/extension/ultra.php [GET] /wp-admin/css/ [GET] /adminfuns.php [GET] /gelay.php [GET] /wp-includes/block-supports/ [GET] /wp-content/admin.php [GET] /classwithtostring.php [GET] /public/css.php [GET] /goods.php [GET] /admin.php [GET] /this_is_a_new_hello_world.php [GET] /wp-content/plugins/hellopress/wp_filemanager.php UA: Unknown show less	Web App Attack

Showing 271 to 285 of 2605 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 142.251.108.19

🇳🇱 192.178.118.144

🇫🇷 176.128.50.63

🇳🇱 176.65.149.45

🇺🇸 65.49.1.197

🇳🇱 45.142.193.12

🇺🇸 18.116.60.76

🇳🇱 173.194.169.116

🇵🇭 124.217.121.143

🇨🇳 124.117.194.221

🇨🇳 123.181.167.66

🇨🇳 101.96.202.228

🇪🇸 88.1.179.206

🇩🇪 69.5.169.159

🇸🇦 51.36.233.118

🇺🇸 206.206.103.148

🇿🇦 196.11.179.18

🇸🇬 194.5.82.142

🇺🇸 184.154.157.176

🇨🇳 122.224.205.42