JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.201.51

135.232.201.51 was found in our database!

This IP was reported 507 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.201.51

Whois 135.232.201.51

IP Abuse Reports for 135.232.201.51:

This IP address has been reported a total of 507 times from 213 distinct sources. 135.232.201.51 was first reported on September 23rd 2025, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 Fasetech	2026-06-17 18:46:05 (6 hours ago)	SecLedge detected suspicious activity. Score: 66.6. Sensor: T-Pot.	Brute-Force Web App Attack
🇯🇵 SentinalX by uzumaru	2026-06-13 02:47:46 (4 days ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.google.com:443 show less	Open Proxy Port Scan
🇯🇵 SentinalX by uzumaru	2026-06-06 08:38:21 (1 week ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: ptlogin.4399.com:443 show less	Open Proxy Port Scan
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (2 weeks ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇬🇧 PeravixGroup	2026-06-03 02:20:52 (2 weeks ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇬🇧 Andrew	2026-06-03 01:57:23 (2 weeks ago)	Blocked by UFW (TCP on port 80). Source port: 35468 TTL: 106 Packet length: 40 TOS: 0x00 This repor ... show more Blocked by UFW (TCP on port 80). Source port: 35468 TTL: 106 Packet length: 40 TOS: 0x00 This report (for 135.232.201.51) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇳🇱 Yachiyo Runami	2026-06-03 01:44:15 (2 weeks ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 50 \| ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 50 \| Len: 60B(2x) \| Win: 64240(2) \| F2B/ufw-honeypot@2026-06-03T01:44:15Z show less	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-03 00:35:30 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.51 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 20:35:23.995616 2026] [security2:error] [pid 17261:tid 17261] [client 135.232.201.51:35466] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.209"] [uri "/.env"] [unique_id "ah92y_l81nfe5MjiJ0fv4gAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 00:29:48 (2 weeks ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-02 23:19:27 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.51 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 19:19:20.461702 2026] [security2:error] [pid 19315:tid 19315] [client 135.232.201.51:35489] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.51"] [uri "/.git/HEAD"] [unique_id "ah9k-FqgQDSEiRCLNAH7ugAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 JPPO	2026-06-02 12:52:07 (2 weeks ago)	Multiport scan 8 ports : 80 443(x2) 2082 2083 2086 2087 8080 8443	Port Scan
🇺🇸 MPL	2026-06-02 12:17:16 (2 weeks ago)	tcp port scan (7 or more attempts)	Port Scan
🇩🇪 Axel	2026-06-02 11:48:57 (2 weeks ago)	[2026-06-02 11:48:57 UTC] Honeypot HTTPS-Alt connection attempt \| AXFRA HONEYPOT	Web App Attack
Anonymous	2026-06-02 11:37:19 (2 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇩🇪 robinwolff	2026-06-02 10:55:32 (2 weeks ago)		Web App Attack Hacking

Showing 1 to 15 of 507 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 106.75.237.200

🇧🇷 4.201.96.144

🇹🇼 198.235.24.44

🇺🇸 192.178.119.146

🇷🇺 188.127.225.120

🇳🇱 185.45.192.245

🇺🇸 154.16.112.232

🇺🇸 136.144.35.217

🇰🇷 121.168.164.245

🇭🇰 103.14.33.174

🇭🇰 101.36.117.234

🇺🇸 91.230.168.4

🇩🇪 87.106.19.251

🇷🇴 80.94.95.242

🇸🇪 31.59.160.12

🇨🇳 14.103.116.87

🇸🇬 209.58.160.54

🇺🇸 195.184.76.23

🇲🇽 187.251.123.104

🇺🇸 147.185.132.75