JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.119.239.35

135.119.239.35 was found in our database!

This IP was reported 62 times. Confidence of Abuse is 70%: ?

70%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.119.239.35

Whois 135.119.239.35

IP Abuse Reports for 135.119.239.35:

This IP address has been reported a total of 62 times from 38 distinct sources. 135.119.239.35 was first reported on August 5th 2025, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-07 22:45:00 (1 hour ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇯🇵 demonsword	2026-06-07 13:46:36 (10 hours ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: fapi.binance.com:443 show less	Open Proxy Port Scan
🇹🇭 Sawasdee	2026-06-07 02:00:15 (21 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 kivitendo.de	2026-06-07 00:37:46 (23 hours ago)	[Sun Jun 07 02:37:49.328925 2026] [authz_core:error] [pid 14598:tid 14621] [client 135.119.239.35:35 ... show more [Sun Jun 07 02:37:49.328925 2026] [authz_core:error] [pid 14598:tid 14621] [client 135.119.239.35:35438] AH01630: client denied by server configuration: /var/www/julian-rademacher/server-status [Sun Jun 07 02:37:51.451558 2026] [authz_core:error] [pid 14630:tid 14645] [client 135.119.239.35:35907] AH01630: client denied by server configuration: /var/www/html/server-status ... show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 00:36:55 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 135.119.239.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.119.239.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 20:36:48.349685 2026] [security2:error] [pid 14506:tid 14506] [client 135.119.239.35:35918] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.151"] [uri "/.git/HEAD"] [unique_id "aiS9IOm0-pNAH-icmhDqYwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-07 00:00:33 (23 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 MakoWish	2026-06-06 21:52:11 (1 day ago)	Fuzzing for misconfigured web servers.	Hacking Web App Attack
🇩🇪 roki.ovh	2026-06-06 21:34:51 (1 day ago)	135.119.239.35 - - [06/Jun/2026:23:35:04 +0200] "GET /.env HTTP/1.1" 404 455 "-" "Mozilla/5.0 (compa ... show more 135.119.239.35 - - [06/Jun/2026:23:35:04 +0200] "GET /.env HTTP/1.1" 404 455 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-06 21:16:54 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 135.119.239.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.119.239.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 17:16:50.339711 2026] [security2:error] [pid 23631:tid 23631] [client 135.119.239.35:36800] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.62"] [uri "/.git/HEAD"] [unique_id "aiSOQonHzPVgg0sS32VzMgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇵🇱 webadmin	2026-06-06 21:16:26 (1 day ago)		Web App Attack
🇫🇷 dynamix	2026-06-06 20:51:09 (1 day ago)	Multiple WAF Violations	Web App Attack
🇫🇷 ISPLtd	2026-06-04 16:57:45 (3 days ago)	Jun 4 13:57:45 135.119.239.35 TCP SPT=12312 DPT=22 SYN ...	Port Scan SSH
🇯🇵 demonsword	2026-05-03 06:42:49 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: 1.1.1.1:443 show less	Open Proxy Port Scan
🇩🇪 2048	2026-04-15 07:25:00 (1 month ago)	2026-04-15T08:24:57.602811+01:00 machodeer kernel: [4494717.607013] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-04-15T08:24:57.602811+01:00 machodeer kernel: [4494717.607013] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.119.239.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=16021 DF PROTO=TCP SPT=18520 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-15T08:24:58.650614+01:00 machodeer kernel: [4494718.655577] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.119.239.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=16022 DF PROTO=TCP SPT=18520 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-15T08:24:59.675798+01:00 machodeer kernel: [4494719.680221] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.119.239.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=43 ID=16023 DF PROTO=TCP SPT=18520 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 Rayulcifer	2026-04-05 11:30:30 (2 months ago)	135.119.239.35 - - [05/Apr/2026:06:30:26 -0500] "CONNECT www.itemsatis.com:443 HTTP/1.1" 502 544 "-" ... show more 135.119.239.35 - - [05/Apr/2026:06:30:26 -0500] "CONNECT www.itemsatis.com:443 HTTP/1.1" 502 544 "-" "-" 135.119.239.35 - - [05/Apr/2026:06:30:26 -0500] "\x16\x03\x01\x01#\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH

Showing 1 to 15 of 62 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 163.7.9.84

🇮🇷 185.226.119.178

🇸🇪 171.25.158.68

🇺🇸 162.216.149.45

🇺🇸 147.185.132.52

🇳🇱 91.199.236.33

🇮🇳 66.116.224.143

🇭🇰 45.142.154.15

🇺🇸 34.66.224.20

🇺🇸 20.169.49.231

🇯🇵 8.216.17.247

🇷🇴 2.57.122.177

🇺🇸 147.185.132.100

🇨🇳 120.48.175.69

🇨🇳 120.48.154.88

🇰🇷 110.46.49.3

🇭🇰 103.230.240.59

🇮🇩 69.5.7.218

🇫🇷 51.255.131.231

🇳🇱 50.7.127.99