JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.201.35

135.232.201.35 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 69%: ?

69%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.201.35

Whois 135.232.201.35

IP Abuse Reports for 135.232.201.35:

This IP address has been reported a total of 38 times from 25 distinct sources. 135.232.201.35 was first reported on August 10th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇹🇭 Sawasdee	2026-06-02 01:45:12 (2 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-02 00:57:17 (3 days ago)	tcp port scan (3 or more attempts)	Port Scan
🇷🇸 Scan	2026-06-02 00:47:01 (3 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇳🇱 EGP Abuse Dept	2026-06-02 00:04:15 (3 days ago)	Unauthorized connection to proxy port 8080	Port Scan Hacking
🇦🇺 LiftUp Hosting	2026-06-02 00:03:56 (3 days ago)	Honeypot hit: Empty payload (likely service probe); 2086 [1] TCP	Port Scan
🇹🇷 SeczarSecureOps	2026-06-01 23:40:39 (3 days ago)	Auto-blocked by Seczar SecureOps — Port Scan Detection (7 events in 10min) at 2026-06-01 23:40	Port Scan
🇫🇮 6kilowatti	2026-06-01 23:09:09 (3 days ago)	2026-06-02T02:09:09.123060+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18 ... show more 2026-06-02T02:09:09.123060+03:00 6kw kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:16:3e:b6:e7:09:78:9a:18:bd:57:7e:08:00 SRC=135.232.201.35 DST=5.61.88.83 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=28548 DF PROTO=TCP SPT=46096 DPT=2086 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 MPL	2026-06-01 22:07:15 (3 days ago)	tcp port scan (10 or more attempts)	Port Scan
🇺🇸 RAP	2026-06-01 21:22:28 (3 days ago)	2026-06-01 21:22:28 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 PeravixGroup	2026-06-01 20:37:08 (3 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-25 15:39:18 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 11:39:13.069503 2026] [security2:error] [pid 1256:tid 1256] [client 135.232.201.35:27665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "pro.handyrehab.com"] [uri "/config/.env"] [unique_id "ahRtIQeMwqNaj-yrDVI33gAAAAw"], referer: https://medium.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 14:13:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.35 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.35 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 25 10:13:24.031270 2026] [security2:error] [pid 15726:tid 15726] [client 135.232.201.35:27665] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "smartsolutionsgroup.info"] [uri "/config/.env"] [unique_id "ahRZBM_gAshwTzlVwx2kdQAAAAE"], referer: https://www.notion.so/ show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 demonsword	2026-05-09 00:13:31 (3 weeks ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: example.com:443 show less	Open Proxy Port Scan
🇺🇸 Rayulcifer	2026-04-26 10:48:15 (1 month ago)	135.232.201.35 - - [26/Apr/2026:05:48:14 -0500] "GET http://clients2.google.com/time/1/current?cup2k ... show more 135.232.201.35 - - [26/Apr/2026:05:48:14 -0500] "GET http://clients2.google.com/time/1/current?cup2key=9:XkhMqRg-jgtvWwxMyc_2GstrcUwULI1xVny5H7oRIcw&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1" 200 855 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" 135.232.201.35 - - [26/Apr/2026:05:48:14 -0500] "CONNECT www.google.com:443 HTTP/1.1" 502 488 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇩🇪 2048	2026-04-05 12:44:08 (1 month ago)	2026-04-05T13:44:05.423780+01:00 machodeer kernel: [3649864.998629] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-04-05T13:44:05.423780+01:00 machodeer kernel: [3649864.998629] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.232.201.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=7775 DF PROTO=TCP SPT=48144 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-05T13:44:06.429339+01:00 machodeer kernel: [3649866.005468] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.232.201.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=7776 DF PROTO=TCP SPT=48144 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-04-05T13:44:07.449889+01:00 machodeer kernel: [3649867.025343] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=135.232.201.35 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=7777 DF PROTO=TCP SPT=48144 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.142

🇺🇸 162.216.149.184

🇺🇸 137.184.190.246

🇷🇴 92.118.39.62

🇺🇸 64.62.156.29

🇱🇹 45.227.254.170

🇯🇵 43.165.174.224

🇳🇱 5.61.209.126

🇨🇳 220.181.51.113

🇩🇪 213.209.159.56

🇧🇷 191.5.31.61

🇧🇷 187.120.72.114

🇳🇱 185.223.235.7

🇺🇸 172.234.21.101

🇮🇶 138.124.158.150

🇨🇳 120.196.66.80

🇨🇳 115.199.130.111

🇮🇳 103.82.210.181

🇺🇸 100.51.6.16

🇺🇸 100.29.192.18