JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.119.27.130

135.119.27.130 was found in our database!

This IP was reported 1,086 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.119.27.130

Whois 135.119.27.130

IP Abuse Reports for 135.119.27.130:

This IP address has been reported a total of 1,086 times from 553 distinct sources. 135.119.27.130 was first reported on June 15th 2026, and the most recent report was 31 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 Bedios GmbH	2026-06-21 14:36:28 (31 minutes ago)	Wordpress hacking attempt	Web App Attack
🇩🇪 iNetWorker	2026-06-21 14:01:25 (1 hour ago)	trolling for resource vulnerabilities	Web App Attack
🇦🇺 2000cn.com.au	2026-06-21 13:41:33 (1 hour ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇺🇸 Gabriel Camargo	2026-06-21 12:56:36 (2 hours ago)	135.119.27.130 - - [21/Jun/2026:07:56:35 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.p ... show more 135.119.27.130 - - [21/Jun/2026:07:56:35 -0500] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 162 "-" "-" 135.119.27.130 - - [21/Jun/2026:07:56:36 -0500] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 162 "-" "-" 135.119.27.130 - - [21/Jun/2026:07:56:36 -0500] "GET /core/init.php HTTP/1.1" 404 162 "-" "-" ... show less	Brute-Force SSH
🇮🇩 soc-yk	2026-06-21 12:54:15 (2 hours ago)	Type: suspicious_network_activity Risk: 100 Events: 733 Evidence: - Persistent suspicious network a ... show more Type: suspicious_network_activity Risk: 100 Events: 733 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified show less	Port Scan Hacking
🇱🇻 garmtech.com	2026-06-21 12:50:48 (2 hours ago)	Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. ... show more Attempted access to sensitive endpoint (/wp-content/plugins/hellopress/wp_filemanager.php) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇨🇱 n33	2026-06-21 12:31:59 (2 hours ago)	Attack detected detected by fail2ban. Service: nginx-ghost-upstream. Banned after 3 failed attempts.	Hacking Web App Attack
🇳🇴 Abuse Buster	2026-06-21 11:48:40 (3 hours ago)	135.119.27.130 - [21/Jun/2026:13:48:38 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 135.119.27.130 - [21/Jun/2026:13:48:38 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 135.119.27.130 Forwared for: 135.119.27.130 135.119.27.130 - [21/Jun/2026:13:48:38 +0200] "GET /this_is_a_new_hello_world.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 135.119.27.130 Forwared for: 135.119.27.130 135.119.27.130 - [21/Jun/2026:13:48:39 +0200] "GET /core/init.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 135.119.27.130 Forwared for: 135.119.27.130 135.119.27.130 - [21/Jun/2026:13:48:39 +0200] "GET /aa.php HTTP/2.0" 404 36 "-" "-" Connecting ip: 135.119.27.130 Forwared for: 135.119.27.130 ... show less	Web App Attack
🇫🇷 dynamix	2026-06-21 11:39:39 (3 hours ago)	Multiple WAF Violations	Web App Attack
Anonymous	2026-06-21 11:32:25 (3 hours ago)	Backdrop CMS module - malicious activity detected	Bad Web Bot Web App Attack
🇩🇪 pscriptos	2026-06-21 11:21:54 (3 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-probing	Web App Attack Hacking
🇺🇸 entangled_mongoose	2026-06-21 10:53:33 (4 hours ago)	Probed /wp-content/plugins/hellopress/wp_filemanager.php.	Web App Attack
🇫🇷 dusfor72	2026-06-21 10:37:48 (4 hours ago)	stupid access attempts on non-existant files ...	Brute-Force Web App Attack
🇫🇷 Campus France	2026-06-21 10:25:01 (4 hours ago)	[Sun Jun 21 12:25:00.362663 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/v ... show more [Sun Jun 21 12:25:00.362663 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/var/www/html/this_is_a_new_hello_world.php' not found or unable to stat [Sun Jun 21 12:25:00.608810 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/var/www/html/aa.php' not found or unable to stat [Sun Jun 21 12:25:00.728510 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/var/www/html/xmrlpc.php' not found or unable to stat [Sun Jun 21 12:25:00.846752 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/var/www/html/class.php' not found or unable to stat [Sun Jun 21 12:25:00.964987 2026] [php:error] [pid 2709362] [client 135.119.27.130:30032] script '/var/www/html/goods.php' not found or unable to stat ... show less	Brute-Force Web App Attack
🇧🇷 Halux	2026-06-21 10:02:48 (5 hours ago)	135.119.27.130 Probing protected path or service	Web App Attack

Showing 1 to 15 of 1086 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 45.33.52.85

🇮🇳 2405:201:a420:2852:6c91:806:dddd:8b70

🇲🇴 182.93.50.90

🇺🇸 172.190.13.234

🇰🇷 152.32.139.96

🇪🇸 149.91.97.132

🇳🇱 91.92.40.8

🇸🇦 90.148.147.58

🇷🇴 80.94.92.182

🇱🇹 45.227.254.170

🇺🇸 34.86.2.161

🇯🇵 172.253.80.216

🇺🇸 104.234.53.95

🇺🇸 54.86.44.65

🇳🇱 51.158.205.203

🇩🇪 45.133.251.253

🇲🇦 196.117.117.124

🇳🇱 176.65.139.94

🇨🇳 112.29.110.90

🇮🇹 93.51.172.237