JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.135.17

64.236.135.17 was found in our database!

This IP was reported 64 times. Confidence of Abuse is 10%: ?

10%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.135.17

Whois 64.236.135.17

IP Abuse Reports for 64.236.135.17:

This IP address has been reported a total of 64 times from 31 distinct sources. 64.236.135.17 was first reported on January 5th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 tomkolp	2026-06-16 19:13:46 (4 days ago)	CrowdSec - Scenario: crowdsecurity/http-probing. Duration: 4h.	Port Scan Web App Attack
🇩🇪 2048	2026-05-16 04:33:31 (1 month ago)	2026-05-16T06:33:28.197322+02:00 machodeer kernel: [1613924.860707] [UFW BLOCK] IN=ens3 OUT= MAC=RED ... show more 2026-05-16T06:33:28.197322+02:00 machodeer kernel: [1613924.860707] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27562 DF PROTO=TCP SPT=46985 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-16T06:33:29.245298+02:00 machodeer kernel: [1613925.908262] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27563 DF PROTO=TCP SPT=46985 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-16T06:33:30.269053+02:00 machodeer kernel: [1613926.932247] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27564 DF PROTO=TCP SPT=46985 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇩🇪 2048	2026-05-01 03:55:33 (1 month ago)	2026-05-01T05:55:31.102705+02:00 machodeer kernel: [315645.991381] [UFW BLOCK] IN=ens3 OUT= MAC=REDA ... show more 2026-05-01T05:55:31.102705+02:00 machodeer kernel: [315645.991381] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27511 DF PROTO=TCP SPT=26500 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-01T05:55:32.122251+02:00 machodeer kernel: [315647.010906] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27512 DF PROTO=TCP SPT=26500 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-05-01T05:55:33.147050+02:00 machodeer kernel: [315648.035008] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.17 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=27513 DF PROTO=TCP SPT=26500 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇳🇱 jjnxpct	2026-04-13 03:47:33 (2 months ago)	Automated security incident from hosting server. ModSecurity blocked suspicious request targeting UR ... show more Automated security incident from hosting server. ModSecurity blocked suspicious request targeting URI: /.git/config (Rule ID: 930130) - Restricted File Access Attempt [Suspicious: .git/ found within REQUEST_FILENAME: /.git/config] show less	Web App Attack Hacking
🇪🇸 tutaim.com	2026-04-12 22:00:23 (2 months ago)	⛔ [13/04/26] This IP has been detected performing multiple attacks on websites (3 attempts blocked). ... show more ⛔ [13/04/26] This IP has been detected performing multiple attacks on websites (3 attempts blocked). Potential malicious activity. show less	Brute-Force SSH Web App Attack FTP Brute-Force
🇩🇪 SCHAPPY	2026-04-12 12:14:43 (2 months ago)	Probing for non-installed web apps or current vulnerabilities.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 11:48:33 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 07:48:29.062165 2026] [security2:error] [pid 2767156:tid 2767156] [client 64.236.135.17:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webdisk.kimbrothersusa.com"] [uri "/.git/config"] [unique_id "aduGjRd_RMMpTV9mhnrLEQAAAAs"], referer: https://outlook.live.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-04-12 11:46:19 (2 months ago)	[SunApr1213:46:14.4962922026][security2:error][pid1223138:tid1223163][client64.236.135.17:0]ModSecur ... show more [SunApr1213:46:14.4962922026][security2:error][pid1223138:tid1223163][client64.236.135.17:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\".git\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"342\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"new.fondazionemontgrand.ch\"][uri\"/.git/config\"][unique_id\"aduGBnWk8OesShvEP7dTKAAAANc\"] show less	Hacking Web App Attack
🇺🇸 Major Hostility	2026-04-12 11:11:07 (2 months ago)	"GET /.git/config HTTP/1.1" 404 "GET /.git/config HTTP/1.1" 404	Web App Attack
🇳🇱 ipoac.nl	2026-04-12 09:53:50 (2 months ago)	-:443 64.236.135.17 - - [12/Apr/2026:11:53:49 +0200] - "GET /.git/config HTTP/2.0" 404 2702 "-" "Moz ... show more -:443 64.236.135.17 - - [12/Apr/2026:11:53:49 +0200] - "GET /.git/config HTTP/2.0" 404 2702 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0" show less	Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-12 09:36:28 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 05:36:23.592297 2026] [security2:error] [pid 2146773:tid 2146791] [client 64.236.135.17:16397] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aafm.us"] [uri "/.git/config"] [unique_id "adtnlwcWEbeX7Fmmj35iogAAAIo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 08:46:04 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.17 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 12 04:46:00.520325 2026] [security2:error] [pid 2774786:tid 2774786] [client 64.236.135.17:16570] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "socialstudiesforkids.com"] [uri "/.git/config"] [unique_id "adtbyN5Ru4Yt4Vc68E5ZnwAAAAw"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-12 08:25:02 (2 months ago)	suspicious request in access.log	Web App Attack
🇮🇩 Burayot	2026-04-12 08:05:50 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.236.135.17 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.236.135.17 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇪🇸 tutaim.com	2026-04-12 08:00:19 (2 months ago)	⛔ [12/04/26] This IP has been detected performing multiple attacks on websites (3 attempts blocked). ... show more ⛔ [12/04/26] This IP has been detected performing multiple attacks on websites (3 attempts blocked). Potential malicious activity. show less	Brute-Force SSH Web App Attack FTP Brute-Force

Showing 1 to 15 of 64 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.181.210.98

🇧🇷 170.231.96.203

🇺🇸 150.107.38.240

🇺🇸 144.172.106.24

🇨🇳 112.86.225.111

🇻🇳 103.186.101.237

🇸🇬 47.84.137.225

🇳🇿 2404:4408:639c:f801:b89d:f9ff:fed5:c731

🇬🇧 195.206.182.213

🇧🇬 194.146.233.152

🇺🇸 165.227.92.111

🇺🇸 152.32.206.83

🇫🇮 147.185.133.6

🇺🇸 135.233.97.43

🇰🇷 108.181.51.91

🇨🇳 101.200.52.133

🇫🇷 92.205.57.72

🇬🇧 89.37.172.140

🇱🇹 45.227.254.170

🇬🇧 5.226.140.83