JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.119.239.128

135.119.239.128 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 46%: ?

46%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.119.239.128

Whois 135.119.239.128

IP Abuse Reports for 135.119.239.128:

This IP address has been reported a total of 15 times from 11 distinct sources. 135.119.239.128 was first reported on August 9th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 KPS	2026-06-03 07:48:29 (1 day ago)	PortscanM	Port Scan
Anonymous	2026-06-03 07:11:49 (1 day ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 edena	2026-06-03 07:06:35 (1 day ago)	135.119.239.128 - - [03/Jun/2026:09:06:24 +0200] "GET /.git/config HTTP/1.1" 403 1830 "-" "Mozilla/5 ... show more 135.119.239.128 - - [03/Jun/2026:09:06:24 +0200] "GET /.git/config HTTP/1.1" 403 1830 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 135.119.239.128 - - [03/Jun/2026:09:06:34 +0200] "GET /wp-config.php HTTP/1.1" 403 322 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 135.119.239.128 - - [03/Jun/2026:09:06:35 +0200] "GET /wp-config.php.bak HTTP/1.1" 403 1830 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" ... show less	Web App Attack Bad Web Bot
🇩🇪 Starburst SysOp Team	2026-06-03 06:31:16 (1 day ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-1)	Hacking Bad Web Bot
🇬🇧 PeravixGroup	2026-06-03 05:59:29 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇮🇹 VHosting	2026-05-21 08:05:02 (2 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
Anonymous	2026-05-21 07:58:49 (2 weeks ago)	(caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; P ... show more (caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:07:58:48 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:07:58:48 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:07:58:48 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:07:58:48 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:07:58:48 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 05:18:19 (2 weeks ago)	(caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; P ... show more (caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:05:18:06 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:05:18:06 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:05:18:11 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:05:18:12 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:05:18:16 +0000] "GET /.git/config HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 04:54:46 (2 weeks ago)	(caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; P ... show more (caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:50:10 +0000] "GET /@fs/.git/config?import&raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:50:10 +0000] "GET /@fs/.git/config?import?raw HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:54:44 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:54:44 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:54:44 +0000] "GET /.env HTTP/1.1" show less	Port Scan
Anonymous	2026-05-21 04:14:35 (2 weeks ago)	(caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; P ... show more (caddyscan) Scanner path probe from 135.119.239.128 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:14:31 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:14:31 +0000] "GET /config/.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:14:32 +0000] "GET /.git/config HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:14:32 +0000] "GET /.env HTTP/1.1" [REDACTED] 200 2627 135.119.239.128 - - [21/May/2026:04:14:32 +0000] "GET /.env HTTP/1.1" show less	Port Scan
🇩🇪 bontekoe.technology	2026-02-14 10:00:41 (3 months ago)	Port scan or Brute-Force detected. (src_port=25600, dst_port=443)	Brute-Force
🇺🇸 TPI-Abuse	2025-11-10 06:39:34 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 135.119.239.128 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 135.119.239.128 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 10 01:39:28.725103 2025] [security2:error] [pid 9685:tid 9685] [client 135.119.239.128:32521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cemesur-vision21.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cemesur-vision21.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aRGIoGfakwwSwvqF_BpF5AAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 quicksand	2025-09-29 21:49:44 (8 months ago)	Scraping user agent [GET /] [Python/3.9 aiohttp/3.10.6]	Bad Web Bot Web App Attack
🇳🇱 BlueWire Hosting	2025-08-09 20:10:08 (9 months ago)	Detected as a bad bot	Bad Web Bot
🇺🇸 quicksand	2025-08-09 15:11:04 (9 months ago)	Scraping user agent [GET /] [Python/3.9 aiohttp/3.10.6]	Bad Web Bot Web App Attack

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 104.248.9.183

🇨🇦 34.19.213.119

🇹🇼 198.235.24.50

🇧🇷 187.120.101.225

🇵🇱 138.124.20.112

🇺🇸 104.248.57.162

🇮🇳 103.89.136.111

🇫🇷 95.111.230.59

🇺🇸 50.62.22.47

🇯🇵 8.216.7.184

🇲🇿 197.219.228.242

🇺🇦 195.5.15.237

🇩🇪 193.124.20.232

🇵🇸 178.214.77.68

🇵🇸 178.214.77.67

🇵🇸 178.214.76.172

🇺🇸 143.42.164.182

🇨🇳 118.145.213.116

🇨🇳 115.212.55.44

🇺🇸 104.248.236.198