JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.119.63.203

135.119.63.203 was found in our database!

This IP was reported 217 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Des Moines, Iowa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.119.63.203

Whois 135.119.63.203

IP Abuse Reports for 135.119.63.203:

This IP address has been reported a total of 217 times from 174 distinct sources. 135.119.63.203 was first reported on May 26th 2026, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇹 dwmp	2026-05-26 16:49:40 (1 week ago)	Url probing: /wp-includes/blocks/block/	Web App Attack
Anonymous	2026-05-26 16:48:45 (1 week ago)	$f2bV_matches	Brute-Force
🇺🇸 Jason Howell	2026-05-26 16:48:36 (1 week ago)	135.119.63.203 - - [26/May/2026:11:48:34 -0500] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 301 ... show more 135.119.63.203 - - [26/May/2026:11:48:34 -0500] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 301 586 "-" "-" 135.119.63.203 - - [26/May/2026:11:48:34 -0500] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 301 376 "-" "-" 135.119.63.203 - - [26/May/2026:11:48:34 -0500] "GET /wp-content/uploads/wp-login.php HTTP/1.1" 404 165636 "-" "-" 135.119.63.203 - - [26/May/2026:11:48:35 -0500] "GET /wp-login.php HTTP/1.1" 301 548 "-" "-" 135.119.63.203 - - [26/May/2026:11:48:35 -0500] "GET /wp-login.php HTTP/1.1" 200 5543 "-" "-" ... show less	Web App Attack
Anonymous	2026-05-26 16:43:53 (1 week ago)	(caddyscan) Scanner path probe from 135.119.63.203 (US/United States/-): 5 in the last 3600 secs; Po ... show more (caddyscan) Scanner path probe from 135.119.63.203 (US/United States/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 135.119.63.203 - - [26/May/2026:16:43:42 +0000] "GET /wp-admin/css/colors/blue/ HTTP/1.1" [REDACTED] 200 2627 135.119.63.203 - - [26/May/2026:16:43:43 +0000] "GET /wp-admin/js/index.php HTTP/1.1" [REDACTED] 200 2627 135.119.63.203 - - [26/May/2026:16:43:43 +0000] "GET /wp-admin/css/index.php HTTP/1.1" [REDACTED] 200 2627 135.119.63.203 - - [26/May/2026:16:43:47 +0000] "GET /wp-admin/js/admin.php HTTP/1.1" [REDACTED] 200 2627 135.119.63.203 - - [26/May/2026:16:43:48 +0000] "GET /wp-admin/css/ HTTP/1.1" show less	Port Scan
🇩🇪 paissangroup	2026-05-26 16:41:17 (1 week ago)	Multiple WAF Violations	Web App Attack
🇩🇪 netclix.gr	2026-05-26 16:37:37 (1 week ago)	(aggressive_scan) Aggressive Web Exploit Scan 135.119.63.203 (US/United States/-): 5 in the last 460 ... show more (aggressive_scan) Aggressive Web Exploit Scan 135.119.63.203 (US/United States/-): 5 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 135.119.63.203 - - [26/May/2026:19:37:33 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 808 "-" "-" 135.119.63.203 - - [26/May/2026:19:37:33 +0300] "GET /aaa.php HTTP/1.1" 404 808 "-" "-" 135.119.63.203 - - [26/May/2026:19:37:33 +0300] "GET /admin.php HTTP/1.1" 404 808 "-" "-" 135.119.63.203 - - [26/May/2026:19:37:34 +0300] "GET /wp-includes/Text/Diff/index.php HTTP/1.1" 404 808 "-" "-" 135.119.63.203 - - [26/May/2026:19:37:34 +0300] "GET /aa.php HTTP/1.1" 404 808 "-" "-" show less	Port Scan
🇩🇪 todix	2026-05-26 16:34:58 (1 week ago)	WebAttack or semilar from 135.119.63.203	Web App Attack
🇩🇪 Hazzard	2026-05-26 16:31:09 (1 week ago)	(apache-empty-ua) Failed empty apache-ua trigger with match [redacted]): (CF_ENABLE)	Hacking
🇫🇷 andreighitan	2026-05-26 16:27:18 (1 week ago)	Webshell probe against WordPress hosting server	Web App Attack
🇨🇦 Mediashaker	2026-05-26 16:25:11 (1 week ago)	(apache-scanners) Failed apache-scanners trigger with match [redacted] from 135.119.63.203 (US/Unite ... show more (apache-scanners) Failed apache-scanners trigger with match [redacted] from 135.119.63.203 (US/United States/-) show less	Port Scan
🇬🇧 Apache	2026-05-26 16:19:52 (1 week ago)	(mod_security) mod_security (id:20000010) triggered by 135.119.63.203 (US/United States/-): 5 in the ... show more (mod_security) mod_security (id:20000010) triggered by 135.119.63.203 (US/United States/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇸🇬 pusathosting.com	2026-05-26 16:12:02 (1 week ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇳🇱 Mangelot Hosting	2026-05-26 16:08:30 (1 week ago)	(upload_shell) srv101 Shell upload 135.119.63.203 (US/United States/-): 1 in the last 3600 secs; Por ... show more (upload_shell) srv101 Shell upload 135.119.63.203 (US/United States/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: show less	Web App Attack
🇩🇪 ger-stg-sifi1	2026-05-26 16:05:20 (1 week ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
🇧🇾 lns.bz	2026-05-26 16:04:48 (1 week ago)	Too many 404 requests [BY]	Web App Attack

Showing 121 to 135 of 217 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 2a02:9b0:4031:b099:142e:a5cd:fb3:f2f5

🇨🇳 218.82.118.142

🇧🇪 198.235.24.181

🇧🇪 198.235.24.179

🇧🇪 198.235.24.173

🇨🇴 179.33.186.150

🇧🇷 177.129.209.233

🇧🇷 177.124.155.48

🇯🇵 168.138.197.172

🇺🇸 138.99.39.33

🇧🇳 119.160.166.237

🇮🇳 103.38.182.49

🇺🇸 96.127.175.154

🇺🇸 68.183.145.118

🇭🇰 43.128.60.40

🇹🇼 35.229.206.236

🇧🇪 34.14.117.241

🇺🇸 15.204.182.106

🇧🇪 198.235.24.168

🇧🇪 198.235.24.166