JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.220.248

135.232.220.248 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 61%: ?

61%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.220.248

Whois 135.232.220.248

IP Abuse Reports for 135.232.220.248:

This IP address has been reported a total of 13 times from 11 distinct sources. 135.232.220.248 was first reported on May 8th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-11 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 RAP	2026-06-11 02:29:08 (3 days ago)	2026-06-11 02:29:08 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇩🇪 zupan	2026-06-11 02:19:17 (3 days ago)	Blocked by UFW on vps [2086/tcp] \| SPT: 1735 \| TTL: 44 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on vps [2086/tcp] \| SPT: 1735 \| TTL: 44 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇩🇪 KiekerJan	2026-06-11 01:57:44 (3 days ago)	135.232.220.248 - - [11/Jun/2026:03:57:42 +0200] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 ... show more 135.232.220.248 - - [11/Jun/2026:03:57:42 +0200] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 135.232.220.248 - - [11/Jun/2026:03:57:43 +0200] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" ... show less	Web App Attack
🇷🇸 Scan	2026-06-11 00:25:29 (3 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-11 00:00:18 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 135.232.220.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 135.232.220.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 20:00:12.848364 2026] [security2:error] [pid 18089:tid 18089] [client 135.232.220.248:1253] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.108"] [uri "/.git/HEAD"] [unique_id "ain6jIJP5h_OkucpX6abswAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:57:37 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 135.232.220.248 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 135.232.220.248 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:57:34.219738 2026] [security2:error] [pid 3711:tid 3711] [client 135.232.220.248:1525] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.167"] [uri "/.git/HEAD"] [unique_id "ainr3j6T5qp7m22bS6QFkQAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kivitendo.de	2026-06-10 22:13:05 (3 days ago)	[Thu Jun 11 00:13:02.936677 2026] [authz_core:error] [pid 56473:tid 56473] [client 135.232.220.248:1 ... show more [Thu Jun 11 00:13:02.936677 2026] [authz_core:error] [pid 56473:tid 56473] [client 135.232.220.248:1574] AH01630: client denied by server configuration: /var/www/filterbox.de/server-status [Thu Jun 11 00:13:13.284770 2026] [authz_core:error] [pid 56176:tid 56176] [client 135.232.220.248:1842] AH01630: client denied by server configuration: /var/www/filterbox.de/.htpasswd ... show less	Brute-Force Web App Attack
🇳🇱 DrLex0	2026-06-10 21:49:10 (3 days ago)	Poking for git configs and env files 135.232.220.248 80 - [10/Jun/2026:21:49:08 +0000] "GET /.git/H ... show more Poking for git configs and env files 135.232.220.248 80 - [10/Jun/2026:21:49:08 +0000] "GET /.git/HEAD HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 135.232.220.248 80 - [10/Jun/2026:21:49:09 +0000] "GET /.env HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4 Safari/605.1.15" 135.232.220.248 80 - [10/Jun/2026:21:49:10 +0000] "GET /.env.local HTTP/1.1" 404 2402 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" show less	Brute-Force Bad Web Bot Web App Attack
🇷🇸 Scan	2026-06-03 01:51:04 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
Anonymous	2026-06-02 23:36:03 (1 week ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 Rayulcifer	2026-05-08 06:29:58 (1 month ago)	135.232.220.248 - - [08/May/2026:01:29:57 -0500] "CONNECT www.sse.com.cn:443 HTTP/1.1" 502 488 "-" " ... show more 135.232.220.248 - - [08/May/2026:01:29:57 -0500] "CONNECT www.sse.com.cn:443 HTTP/1.1" 502 488 "-" "Go-http-client/1.1" 135.232.220.248 - - [08/May/2026:01:29:57 -0500] "CONNECT finance.sina.com.cn:443 HTTP/1.1" 502 488 "-" "Go-http-client/1.1" 135.232.220.248 - - [08/May/2026:01:29:57 -0500] "CONNECT web.ifzq.gtimg.cn:443 HTTP/1.1" 502 488 "-" "Go-http-client/1.1" 135.232.220.248 - - [08/May/2026:01:29:57 -0500] "CONNECT proxy.finance.qq.com:443 HTTP/1.1" 502 488 "-" "Go-http-client/1.1" 135.232.220.248 - - [08/May/2026:01:29:57 -0500] "\x16\x03\x01\x05\xd4\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇯🇵 demonsword	2026-05-08 06:10:01 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: www.eastmoney.com:443 show less	Open Proxy Port Scan

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 72.56.41.50

🇷🇺 178.207.10.91

🇨🇳 171.114.228.122

🇮🇪 108.130.75.219

🇸🇬 43.153.204.181

🇳🇱 34.32.146.187

🇺🇸 20.80.88.247

🇺🇸 20.64.105.183

🇺🇸 216.25.89.73

🇺🇸 198.57.247.165

🇨🇳 180.76.55.21

🇺🇸 172.203.195.4

🇺🇸 162.216.149.10

🇳🇱 93.123.72.183

🇺🇸 66.132.172.241

🇺🇸 66.132.172.60

🇯🇵 15.152.22.79

🇺🇸 3.91.252.169

🇫🇮 178.20.210.152

🇺🇸 172.202.113.251