JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.119.239.38

135.119.239.38 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Boydton, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.119.239.38

Whois 135.119.239.38

IP Abuse Reports for 135.119.239.38:

This IP address has been reported a total of 34 times from 29 distinct sources. 135.119.239.38 was first reported on April 9th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 JCB	2026-06-03 13:04:00 (17 hours ago)	135.119.239.38 - - [02/Jun/2026:23:41:07 +0300] "GET /.DS_Store HTTP/1.1" 404 236 135.119.239.38 - ... show more 135.119.239.38 - - [02/Jun/2026:23:41:07 +0300] "GET /.DS_Store HTTP/1.1" 404 236 135.119.239.38 - - [02/Jun/2026:23:41:08 +0300] "GET /config.php HTTP/1.1" 404 236 ... show less	Web App Attack
🇸🇪 adaml1324	2026-06-03 06:05:55 (1 day ago)	TCP port scan detected From server logs: DIRECT_IP_HTTPS ip=[attacker] time=02/Jun/2026:21:10:49 +0 ... show more TCP port scan detected From server logs: DIRECT_IP_HTTPS ip=[attacker] time=02/Jun/2026:21:10:49 +0200 2026-06-02 21:10:49 TCP port 8080 show less	Port Scan
🇬🇧 andypiper	2026-06-03 01:01:40 (1 day ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇷🇸 Scan	2026-06-03 00:13:20 (1 day ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇧🇾 lns.bz	2026-06-03 00:01:40 (1 day ago)	.env scanning [BY]	Web App Attack
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 MPL	2026-06-02 21:51:08 (1 day ago)	tcp port scan (4 or more attempts)	Port Scan
🇹🇷 Threat.live	2026-06-02 21:50:05 (1 day ago)	Suspicious Connection Attempts	Brute-Force
🇧🇾 lns.bz	2026-06-02 21:45:00 (1 day ago)	Too many 404 requests [BY]	Web App Attack
🇺🇸 mc4bbs	2026-06-02 21:31:36 (1 day ago)	Automated Apache detection on Windows host. 5 suspicious HTTP requests within 300 seconds. Examples: ... show more Automated Apache detection on Windows host. 5 suspicious HTTP requests within 300 seconds. Examples: GET /.git/HEAD -> 404 UA=""; GET /.git/config -> 404 UA=""; GET /.env.local -> 404 UA=""; GET /.env.production -> 404 UA=""; GET /.env.backup -> 404 UA="" show less	Web App Attack Hacking
🇺🇸 Rayulcifer	2026-06-02 21:14:01 (1 day ago)	135.119.239.38 - - [02/Jun/2026:16:14:00 -0500] "GET /.env.local HTTP/1.1" 200 871 "-" "Mozilla/5.0 ... show more 135.119.239.38 - - [02/Jun/2026:16:14:00 -0500] "GET /.env.local HTTP/1.1" 200 871 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
Anonymous	2026-06-02 21:00:04 (1 day ago)	\| Suspicious URL access.	Web App Attack Hacking SQL Injection
🇫🇷 JPPO	2026-06-02 19:52:12 (1 day ago)	Multiport scan 8 ports : 80 443(x2) 2082 2083 2086 2087 8080 8443	Port Scan
🇺🇸 TPI-Abuse	2026-06-02 19:17:45 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 135.119.239.38 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.119.239.38 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 15:17:37.827399 2026] [security2:error] [pid 25559:tid 25559] [client 135.119.239.38:8523] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.148"] [uri "/.git/HEAD"] [unique_id "ah8sUaIkY2vBZQsV_J0ZHwAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-02 19:14:11 (1 day ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: crowdsecurity/http-sensitive-files.	Bad Web Bot Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 186.248.197.77

🇺🇸 172.98.33.29

🇮🇳 168.220.237.171

🇰🇷 112.219.151.50

🇨🇦 85.217.149.58

🇩🇪 78.47.4.5

🇨🇦 61.8.181.201

🇳🇱 45.153.34.160

🇸🇬 43.156.71.43

🇲🇲 37.111.53.110

🇯🇵 20.89.244.168

🇰🇷 220.88.3.53

🇺🇸 209.90.232.26

🇬🇧 188.240.59.44

🇬🇧 188.30.63.114

🇸🇬 161.118.203.255

🇬🇧 159.253.63.187

🇳🇱 158.94.209.146

🇭🇰 150.5.169.176

🇺🇸 91.230.168.188