JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.134.211

64.236.134.211 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.134.211

Whois 64.236.134.211

IP Abuse Reports for 64.236.134.211:

This IP address has been reported a total of 37 times from 30 distinct sources. 64.236.134.211 was first reported on August 31st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-03 07:18:50 (1 day ago)	Brute force	Brute-Force
🇬🇧 PeravixGroup	2026-06-03 00:44:32 (1 day ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇷🇴 INTEQ	2026-06-03 00:19:58 (1 day ago)	Web attack from 64.236.134.211	Web App Attack
🇩🇪 et-a_network	2026-06-03 00:08:55 (1 day ago)	64.236.134.211 - - [03/Jun/2026:00:08:44 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 ( ... show more 64.236.134.211 - - [03/Jun/2026:00:08:44 +0000] "GET /.git/HEAD HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" host=87.106.176.162 64.236.134.211 - - [03/Jun/2026:00:08:45 +0000] "GET /.git/config HTTP/1.1" 301 162 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" host=87.106.176.162 64.236.134.211 - - [03/Jun/2026:00:08:47 +0000] "GET /.env HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" host=87.106.176.162 64.236.134.211 - - [03/Jun/2026:00:08:52 +0000] "GET /.env.backup HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" host=87.106.176.162 64.236.134.211 - - [03/Jun/2026:00:08:55 +0000] "GET /.env.save HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHT ... show less	Bad Web Bot Web App Attack
🇫🇷 Faeeth	2026-06-02 23:24:15 (1 day ago)	Multiple hits on Honeypot UID:PTRW50NM46 Port:Http (80)	Brute-Force
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (2 days ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇫🇷 SpaceHost-Server	2026-06-02 22:35:33 (2 days ago)		Brute-Force Web App Attack
Anonymous	2026-06-02 22:35:01 (2 days ago)	suspicious request in access.log	Web App Attack
🇦🇺 2000cn.com.au	2026-06-02 21:52:41 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇺🇸 xmission.com	2026-06-02 20:50:57 (2 days ago)	Blocked by UFW (TCP on 2087) Source port: 7617 TTL: 51 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 2087) Source port: 7617 TTL: 51 Packet length: 60 TOS: 0x00 This report (for 64.236.134.211) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇨🇭 SOC [GOLINE SA]	2026-06-02 20:48:14 (2 days ago)	IDS Alert: GPL WEB_SERVER 403 Forbidden === ATTACK === Signature: GPL WEB_SERVER 403 Forbidden \| SID ... show more IDS Alert: GPL WEB_SERVER 403 Forbidden === ATTACK === Signature: GPL WEB_SERVER 403 Forbidden \| SID: 2101201 \| Severity: 2 \| Category: Attempted Information Leak === SOURCE === IP: 64.236.134.211 (IPv4) \| Port: 80 \| Country: United States \| ISP: RIPE \| rDNS: None === TARGET === Host: nextcloud.goline.ch \| IP: 64.236.134.211 \| Port: 57837 \| Protocol: TCP \| App: http === RESPONSE === Time: 2026-06-02 20:48:14 \| Action: Blocked show less	Port Scan Hacking Bad Web Bot
🇮🇪 AutosOnShow	2026-06-02 20:17:05 (2 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-02 20:16:13.000 \|	Web App Attack
🇺🇸 RAP	2026-06-02 20:13:21 (2 days ago)	2026-06-02 20:13:21 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 20:02:43 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.134.211 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.134.211 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 16:02:37.168081 2026] [security2:error] [pid 22719:tid 22719] [client 64.236.134.211:58456] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.32"] [uri "/.git/HEAD"] [unique_id "ah823ZJi8xdD744hNbe2LwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-02 19:41:28 (2 days ago)	Shorewall log file match.	Port Scan

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a09:bac1:76a0:460::2b6:51

🇷🇼 197.243.14.52

🇨🇳 120.69.102.221

🇨🇳 115.190.153.156

🇲🇦 105.154.9.217

🇺🇸 74.7.227.183

🇸🇦 51.39.126.127

🇺🇸 47.251.181.19

🇨🇳 106.117.109.169

🇶🇦 89.211.139.203

🇳🇱 45.156.87.166

🇹🇿 41.59.151.214

🇫🇷 37.67.74.183

🇺🇸 20.38.5.218

🇧🇷 179.49.183.180

🇫🇷 172.71.232.29

🇧🇷 131.161.249.165

🇨🇳 120.53.2.123

🇵🇰 117.102.4.171

🇷🇴 80.94.95.242