JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.232.66

135.232.232.66 was found in our database!

This IP was reported 133 times. Confidence of Abuse is 85%: ?

85%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.232.66

Whois 135.232.232.66

IP Abuse Reports for 135.232.232.66:

This IP address has been reported a total of 133 times from 78 distinct sources. 135.232.232.66 was first reported on July 19th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 RAP	2026-06-05 12:40:38 (1 day ago)	2026-06-05 12:40:38 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-05 12:06:02 (1 day ago)	Fail2Ban - [WEB]Exploit attempts (SQLi, RCE, path traversal) on webexploits ... [ice01,ice02]	Hacking SQL Injection Web App Attack
🇳🇱 Roderic	2026-06-05 12:00:53 (1 day ago)	(apache_scanners-2) Failed apache-scanners trigger with match [redacted])	Port Scan
Anonymous	2026-06-05 11:48:38 (1 day ago)	[Fri Jun 05 13:48:36.419998 2026] [:error] [pid 2208345:tid 2208345] [client 135.232.232.66:24807] M ... show more [Fri Jun 05 13:48:36.419998 2026] [:error] [pid 2208345:tid 2208345] [client 135.232.232.66:24807] ModSecurity: Warning. Matched "Operator `PmFromFile' with parameter `restricted-files.data' against variable `REQUEST_FILENAME' (Value: `/.git/HEAD' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "131"] [id "930130"] [rev ""] [msg "Restricted File Access Attempt"] [data "Matched Data: .git/ found within REQUEST_FILENAME: /.git/HEAD"] [severity "2"] [ver "OWASP_CRS/4.28.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [uri "/.git/HEAD"] [unique_id "178066011628.578268"] [ref "o1,5v4,10t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin"] [Fri Jun 05 13:48:37.949429 2026] [:error] [pid 2208342:tid 2208342] [client 135.232.232.66:24777] ModSecurity: ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 11:19:36 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 135.232.232.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.232.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 07:19:32.694152 2026] [security2:error] [pid 14670:tid 14670] [client 135.232.232.66:25500] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.146"] [uri "/.git/HEAD"] [unique_id "aiKwxInHblI7UFGHMjJqtQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-05 10:07:01 (1 day ago)	Fail2Ban - [WEB]Custom exploit pattern detected on customexploits ... [wa01,wa02]	Hacking Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:58:11 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 135.232.232.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.232.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:58:06.364604 2026] [security2:error] [pid 12805:tid 12805] [client 135.232.232.66:23719] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.7"] [uri "/.git/config"] [unique_id "aiKdrjc9hvF5CZBgA3VWAgAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇪 AutosOnShow	2026-06-05 09:22:05 (1 day ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-05 09:21:14.310 \|	Web App Attack
🇩🇪 initsol	2026-06-05 08:57:03 (1 day ago)	[Fri Jun 05 10:56:54.244240 2026] [php:error] [pid 2208668:tid 2208668] [client 135.232.232.66:24587 ... show more [Fri Jun 05 10:56:54.244240 2026] [php:error] [pid 2208668:tid 2208668] [client 135.232.232.66:24587] script '/var/www/html/wp-config.php' not found or unable to stat [Fri Jun 05 10:56:59.020861 2026] [php:error] [pid 2220094:tid 2220094] [client 135.232.232.66:24849] script '/var/www/html/phpinfo.php' not found or unable to stat [Fri Jun 05 10:57:02.871653 2026] [php:error] [pid 2203981:tid 2203981] [client 135.232.232.66:25090] script '/var/www/html/config.php' not found or unable to stat ... show less	Brute-Force
Anonymous	2026-06-05 08:35:43 (1 day ago)	SIEM ALERT AUTO REPORT	Email Spam
🇫🇷 Petre 21_ip	2026-06-05 08:06:32 (1 day ago)	2026-06-05T10:06:30.725831+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c ... show more 2026-06-05T10:06:30.725831+02:00 vmi2775508 kernel: [UFW BLOCK] IN=eth0 OUT= MAC=00:50:56:5c:a7:cf:c0:69:11:b3:85:db:08:00 SRC=135.232.232.66 DST=155.133.26.57 LEN=60 TOS=0x00 PREC=0x00 TTL=53 ID=23144 DF PROTO=TCP SPT=25598 DPT=2087 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 xmission.com	2026-06-02 11:06:39 (4 days ago)	Blocked by UFW (TCP on 80) Source port: 56321 TTL: 52 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 80) Source port: 56321 TTL: 52 Packet length: 60 TOS: 0x00 This report (for 135.232.232.66) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
Anonymous	2026-06-02 10:20:35 (4 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 RAP	2026-06-02 10:07:26 (4 days ago)	2026-06-02 10:07:26 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇹🇼 kk_it_man	2026-06-02 08:20:12 (4 days ago)		Port Scan

Showing 1 to 15 of 133 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.128

🇮🇶 185.166.25.150

🇱🇹 141.98.11.117

🇺🇸 107.174.79.238

🇧🇬 81.177.213.165

🇬🇧 81.19.219.252

🇩🇪 78.111.67.247

🇯🇴 46.185.211.214

🇨🇳 182.54.23.192

🇻🇳 180.93.43.225

🇨🇳 180.76.183.185

🇬🇧 178.62.71.22

🇨🇳 171.118.66.198

🇯🇵 165.154.231.236

🇳🇱 129.121.88.64

🇩🇪 128.1.34.69

🇭🇰 103.115.56.3

🇨🇳 101.96.202.144

🇱🇹 81.30.98.144

🇷🇴 80.94.92.184