JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 4.246.135.64

4.246.135.64 was found in our database!

This IP was reported 227 times. Confidence of Abuse is 82%: ?

82%

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Washington, Virginia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 4.246.135.64

Whois 4.246.135.64

IP Abuse Reports for 4.246.135.64:

This IP address has been reported a total of 227 times from 94 distinct sources. 4.246.135.64 was first reported on August 6th 2025, and the most recent report was 5 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-08 01:34:06 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 4.246.135.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.135.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 21:34:01.406383 2026] [security2:error] [pid 30606:tid 30606] [client 4.246.135.64:49478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.192"] [uri "/.git/HEAD"] [unique_id "aiYcCUEY0T6lHiEZjr4WIQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 drewf.ink	2026-06-08 00:41:31 (6 hours ago)	[00:41] Port scanning. Port(s) scanned: TCP/2086, TCP/2087	Port Scan
🇷🇸 Scan	2026-06-08 00:06:09 (7 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-07 23:35:25 (7 hours ago)	(mod_security) mod_security (id:210492) triggered by 4.246.135.64 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 4.246.135.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:35:20.080757 2026] [security2:error] [pid 20932:tid 20932] [client 4.246.135.64:48462] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.198"] [uri "/.git/HEAD"] [unique_id "aiYAOFihYMH9ocVRTDzsqQAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 KitsuneTech	2026-06-07 21:40:35 (9 hours ago)	4.246.135.64 - - [07/Jun/2026:16:40:34 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 ... show more 4.246.135.64 - - [07/Jun/2026:16:40:34 -0500] "GET /wp-config.php HTTP/1.1" 301 244 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" ... show less	Web App Attack
🇹🇼 kk_it_man	2026-06-07 21:23:01 (9 hours ago)	ET INFO Request to Hidden Environment File - Inbound ET WEB_SERVER WEB-PHP phpinfo access GPL WE ... show more ET INFO Request to Hidden Environment File - Inbound ET WEB_SERVER WEB-PHP phpinfo access GPL WEB_SERVER .htpasswd access show less	Port Scan
🇷🇴 gtheo99	2026-06-07 20:21:34 (10 hours ago)	(cpanel) Failed cPanel login from 4.246.135.64 (US/United States/-): 2 in the last 900 secs	Brute-Force Web App Attack
Anonymous	2026-06-03 03:38:09 (5 days ago)	Honeypot hit: Empty payload (likely service probe); 2086 [1], 2087 [1], 2082 [1] TCP Reported by: ht ... show more Honeypot hit: Empty payload (likely service probe); 2086 [1], 2087 [1], 2082 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇫🇮 6kilowatti	2026-06-03 03:03:37 (5 days ago)	2026-06-03T06:03:37.151180+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00: ... show more 2026-06-03T06:03:37.151180+03:00 mummo kernel: [UFW BLOCK] IN=enp0s25 OUT= MAC=6c:62:6d:d6:a5:bc:00:00:5e:00:01:58:08:00 SRC=4.246.135.64 DST=83.148.240.21 LEN=60 TOS=0x00 PREC=0x00 TTL=49 ID=28371 DF PROTO=TCP SPT=3072 DPT=8080 WINDOW=64240 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇵🇱 nfsec.pl	2026-06-03 03:01:01 (5 days ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇬🇧 PeravixGroup	2026-06-03 03:00:45 (5 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇷🇸 Scan	2026-06-03 01:46:08 (5 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 RAP	2026-06-03 01:05:59 (5 days ago)	2026-06-03 01:05:59 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 MPL	2026-06-03 00:20:30 (5 days ago)	tcp port scan (5 or more attempts)	Port Scan
🇺🇸 MPL	2026-06-02 23:31:23 (5 days ago)	tcp ports: 2087,2086 (2 or more attempts)	Port Scan

Showing 1 to 15 of 227 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇹🇱 180.189.174.146

🇨🇳 180.153.236.155

🇳🇱 193.176.31.228

🇧🇷 190.89.137.43

🇫🇷 155.117.233.15

🇳🇬 152.32.141.86

🇨🇳 150.139.201.247

🇸🇪 146.247.233.62

🇺🇸 107.174.90.23

🇳🇱 77.83.39.53

🇳🇱 45.198.224.5

🇬🇧 45.82.76.103

🇺🇸 24.155.24.121

🇺🇸 18.221.119.78

🇺🇸 3.137.151.93

🇺🇸 192.210.194.2

🇩🇪 188.68.52.231

🇹🇷 185.223.77.200

🇮🇶 185.166.25.150

🇨🇳 106.124.137.21