JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.135.115

64.236.135.115 was found in our database!

This IP was reported 28 times. Confidence of Abuse is 66%: ?

66%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.135.115

Whois 64.236.135.115

IP Abuse Reports for 64.236.135.115:

This IP address has been reported a total of 28 times from 21 distinct sources. 64.236.135.115 was first reported on September 2nd 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 Savvii	2026-06-15 08:25:11 (2 days ago)	20 attempts against mh-misbehave-ban on takeover-test	Brute-Force Bad Web Bot Web App Attack
🇺🇸 cwytech	2026-06-15 07:18:24 (2 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/http-honeypath-sniper-crit.	Bad Web Bot Web App Attack
Anonymous	2026-06-15 04:30:48 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 xmission.com	2026-06-14 20:22:27 (2 days ago)	Blocked by UFW (TCP on 2078) Source port: 7502 TTL: 49 Packet length: 60 TOS: 0x00 This report (for ... show more Blocked by UFW (TCP on 2078) Source port: 7502 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 64.236.135.115) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-14 19:35:35 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 15:35:29.391537 2026] [security2:error] [pid 22172:tid 22172] [client 64.236.135.115:7326] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.196"] [uri "/.env"] [unique_id "ai8CgSVJv80MQQ4JWDafNwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 18:58:01 (3 days ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 Axel	2026-06-14 18:39:36 (3 days ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 7687 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.c ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 7687 \| TTL: 47 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇹🇷 SeczarSecureOps	2026-06-14 18:15:21 (3 days ago)	Seczar SecureOps — Port Scan Detection (8 events) — quarantined 43200m on optimumofis	Port Scan
🇬🇧 blueskysystems	2026-06-14 18:00:04 (3 days ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host
🇺🇸 TPI-Abuse	2026-06-14 17:07:42 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 13:07:38.533220 2026] [security2:error] [pid 22807:tid 22807] [client 64.236.135.115:7257] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.87"] [uri "/.git/HEAD"] [unique_id "ai7f2ssy4S2Xp71_q03KlgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 16:00:36 (3 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 12:00:30.257179 2026] [security2:error] [pid 4553:tid 4565] [client 64.236.135.115:7235] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.85"] [uri "/.git/HEAD"] [unique_id "ai7QHqpd5IHcXcFCIYwTXgAAAEg"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 diego	2026-06-14 15:50:20 (3 days ago)	[probe-44-49] 2026-06-14 15:30:35, Client: 64.236.135.115, Protocol: 6, Unauthorized activity to HTT ... show more [probe-44-49] 2026-06-14 15:30:35, Client: 64.236.135.115, Protocol: 6, Unauthorized activity to HTTP: POST /___proxy_subdomain_whm/login/ show less	Web App Attack
🇦🇺 FEWA	2026-04-20 13:40:07 (1 month ago)	Fail2Ban Ban Triggered	Hacking Bad Web Bot Web App Attack
🇬🇧 OptimusGO	2026-03-24 05:53:33 (2 months ago)	Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Time ... show more Malicious activity detected: web_attack Server: commstackbc (185.127.18.66) Attack: web_attack Timestamp: 2026-03-24 05:53:33 UTC Log evidence: 03/24/2026-05:53:33.018737 [wDrop] [] [1:1000002:1] SECURITY SSH Port Scanner Blocked [] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 64.236.135.115:4100 -> 185.127.18.66:22 03/24/2026-05:53:33.018737 [wDrop] [] [1:7000501:1] FINSERV CRITICAL: Critical Service Scan [] [Classification: Attempted Information Leak] [Priority: 2] {TCP} 64.236.135.115:4100 -> 185.127.18.66:22 show less	Port Scan Brute-Force
🇩🇪 kranem	2026-02-27 18:03:08 (3 months ago)	Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Micro ... show more Triggered Cloudflare WAF from US. Action taken: BLOCK ASN: 8075 (MICROSOFT-CORP-MSN-AS-BLOCK - Microsoft Corporation) Protocol: HTTP/1.1 (GET method) Endpoint: / Timestamp: 2026-02-27T15:27:51Z User-Agent: Python/3.9 aiohttp/3.10.6 show less	Bad Web Bot

Showing 1 to 15 of 28 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇹 196.188.225.30

🇰🇿 188.124.246.45

🇫🇷 176.191.43.176

🇰🇪 154.77.253.82

🇺🇸 135.237.126.103

🇨🇳 111.42.60.41

🇨🇳 101.206.107.245

🇧🇬 94.236.214.240

🇳🇱 88.210.63.69

🇧🇬 78.128.112.30

🇱🇹 62.60.130.251

🇲🇾 49.124.150.253

🇫🇷 158.220.125.127

🇨🇦 146.190.242.161

🇨🇳 120.228.34.70

🇨🇳 111.46.77.2

🇲🇦 105.72.240.36

🇲🇾 49.124.150.252

🇧🇷 45.165.14.197

🇺🇸 45.132.227.230