JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.193.42

135.232.193.42 was found in our database!

This IP was reported 126 times. Confidence of Abuse is 66%: ?

66%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.193.42

Whois 135.232.193.42

IP Abuse Reports for 135.232.193.42:

This IP address has been reported a total of 126 times from 97 distinct sources. 135.232.193.42 was first reported on November 25th 2025, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2026-06-28 10:22:07 (17 hours ago)	Port Scan ...	Port Scan
🇯🇵 VXG-NET	2026-06-28 10:01:24 (18 hours ago)	port=80, indicator_type=info-leak	Hacking
Anonymous	2026-06-28 08:49:49 (19 hours ago)	Unauthorized access (8080/tcp/http-alt)	Port Scan
🇺🇸 sumnone	2026-06-28 06:33:08 (21 hours ago)	Port probing on unauthorized port 2087	Port Scan Hacking Exploited Host
🇺🇸 TPI-Abuse	2026-06-28 05:06:23 (23 hours ago)	(mod_security) mod_security (id:210730) triggered by 135.232.193.42 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 135.232.193.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 28 01:06:18.255333 2026] [security2:error] [pid 12663:tid 12663] [client 135.232.193.42:26569] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|192.64.150.216\|F\|2"] [data ".env.backup"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "192.64.150.216"] [uri "/.env.backup"] [unique_id "akCryrZBa88qnZPa2sNCTQAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 Jim Keir	2026-06-16 12:14:03 (1 week ago)	2026-06-16 12:14:03 135.232.193.42 File scanning, blocking 135.232.193.42 for 5 minutes	Web App Attack
🇳🇱 homeshowdomain.nl	2026-06-10 22:02:58 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-09. show less	Web App Attack SSH Hacking
🇧🇷 SOC PR	2026-06-09 06:26:02 (2 weeks ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
Anonymous	2026-06-09 06:07:12 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-06-09 06:04:08 (2 weeks ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 MPL	2026-06-09 05:00:18 (2 weeks ago)	tcp/multiple (8 or more attempts)	Port Scan
🇨🇿 Countryman	2026-06-09 04:34:51 (2 weeks ago)	IPS detection: HTPasswd.Access	Hacking
🇷🇸 Scan	2026-06-09 03:01:01 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Rayulcifer	2026-04-12 06:39:22 (2 months ago)	135.232.193.42 - - [12/Apr/2026:01:39:20 -0500] "GET https://yun.naizha.top HTTP/1.1" 200 90601 "htt ... show more 135.232.193.42 - - [12/Apr/2026:01:39:20 -0500] "GET https://yun.naizha.top HTTP/1.1" 200 90601 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" 135.232.193.42 - - [12/Apr/2026:01:39:20 -0500] "GET https://yun.naizha.top HTTP/1.1" 200 90620 "https://www.google.com/" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 Rayulcifer	2026-04-06 15:52:39 (2 months ago)	135.232.193.42 - - [06/Apr/2026:10:52:37 -0500] "CONNECT graph.vshield.pro:443 HTTP/1.1" 502 488 "-" ... show more 135.232.193.42 - - [06/Apr/2026:10:52:37 -0500] "CONNECT graph.vshield.pro:443 HTTP/1.1" 502 488 "-" "-" 135.232.193.42 - - [06/Apr/2026:10:52:37 -0500] "\x16\x03\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH

Showing 1 to 15 of 126 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇬 172.68.190.130

🇺🇸 155.103.69.40

🇨🇳 123.145.17.237

🇭🇰 119.13.84.173

🇻🇳 103.200.25.198

🇨🇳 101.42.22.243

🇫🇷 91.231.89.225

🇺🇸 64.62.156.132

🇺🇸 23.94.155.20

🇭🇰 199.45.154.153

🇹🇼 198.235.24.96

🇬🇧 194.50.235.150

🇨🇳 180.153.197.237

🇩🇪 172.252.8.92

🇬🇧 146.198.193.110

🇮🇳 103.190.239.165

🇫🇷 91.231.89.65

🇺🇸 66.132.172.133

🇺🇸 65.49.1.39

🇨🇳 59.37.13.66