JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.135.21

64.236.135.21 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 45%: ?

45%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.135.21

Whois 64.236.135.21

IP Abuse Reports for 64.236.135.21:

This IP address has been reported a total of 14 times from 14 distinct sources. 64.236.135.21 was first reported on October 13th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇹 urnilxfgbez	2026-06-02 22:45:00 (1 week ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇳🇱 BIV	2026-06-02 21:53:04 (1 week ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 2082,20 ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:Honeytrap,tpot:P0f,tpot:Suricata. Ports: 2082,2083,2086,2087,443,80,8080,8443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 MPL	2026-06-02 20:55:42 (1 week ago)	tcp port scan (8 or more attempts)	Port Scan
🇬🇧 PeravixGroup	2026-06-02 20:31:31 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 Moby	2026-06-02 19:59:49 (1 week ago)	64.236.135.21 - - [02/Jun/2026:14:59:43 -0500] "GET /.git/HEAD HTTP/1.1" 404 985 "-" "Mozilla/5.0 (W ... show more 64.236.135.21 - - [02/Jun/2026:14:59:43 -0500] "GET /.git/HEAD HTTP/1.1" 404 985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "98.194.227.56" "98.194.227.56" 64.236.135.21 - - [02/Jun/2026:14:59:45 -0500] "GET /.git/config HTTP/1.1" 404 985 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" "98.194.227.56" "98.194.227.56" 64.236.135.21 - - [02/Jun/2026:14:59:47 -0500] "GET /.env.local HTTP/1.1" 404 985 "-" "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "98.194.227.56" "98.194.227.56" ... show less	Web App Attack
🇩🇪 Admins@FBN	2026-06-02 19:54:28 (1 week ago)	FW-PortScan: Traffic Blocked srcport=19661 dstport=2083	Port Scan
🇳🇱 tpjg	2026-06-02 17:28:50 (1 week ago)	Automated: 15 requests with error status in 120s window from 64.236.135.21. Evidence: /dump.sql:301, ... show more Automated: 15 requests with error status in 120s window from 64.236.135.21. Evidence: /dump.sql:301,/backup.sql:404,/.htpasswd:404,/actuator/env:301,/server-status:301,/phpinfo.php:404,/config/database.yml:404,/.aws/credentials:404,/wp-config.php.bak:404,/wp-config.php:301,/.env.save:404,/.env.local:404,/.env:404,/.git/config:404,/.git/HEAD:404 show less	Web App Attack
🇳🇱 homeshowdomain.nl	2026-05-29 22:05:40 (2 weeks ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-05-28. show less	Web App Attack SSH Hacking
🇺🇸 Rayulcifer	2026-04-25 22:13:39 (1 month ago)	64.236.135.21 - - [25/Apr/2026:17:13:37 -0500] "GET http://clients2.google.com/time/1/current?cup2ke ... show more 64.236.135.21 - - [25/Apr/2026:17:13:37 -0500] "GET http://clients2.google.com/time/1/current?cup2key=9:X3-jS2FAeJNyFVaWoW8oC4lk8eOXTZDsxm44DY0bKkI&cup2hreq=e3b0c44298fc1c149afbf4c8996fb92427ae41e4649b934ca495991b7852b855 HTTP/1.1" 200 855 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" 64.236.135.21 - - [25/Apr/2026:17:13:37 -0500] "CONNECT accounts.google.com:443 HTTP/1.1" 502 488 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇹🇷 rtbh.com.tr	2026-03-19 20:12:09 (2 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 ghostwarriors	2026-03-18 12:50:46 (2 months ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇬🇧 2048	2026-02-14 18:44:31 (3 months ago)	2026-02-14T19:44:28.628625+01:00 machodeer kernel: [275689.775919] [UFW BLOCK] IN=ens3 OUT= MAC=REDA ... show more 2026-02-14T19:44:28.628625+01:00 machodeer kernel: [275689.775919] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.21 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=54102 DF PROTO=TCP SPT=57475 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-02-14T19:44:29.640519+01:00 machodeer kernel: [275690.787606] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.21 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=54103 DF PROTO=TCP SPT=57475 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 2026-02-14T19:44:30.665200+01:00 machodeer kernel: [275691.812016] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=64.236.135.21 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=54104 DF PROTO=TCP SPT=57475 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0 show less	Port Scan
🇺🇸 TPI-Abuse	2026-01-31 09:47:25 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.135.21 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.135.21 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 04:47:21.824146 2026] [security2:error] [pid 2674:tid 2674] [client 64.236.135.21:55321] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.52"] [uri "/.env"] [unique_id "aX3PqcWQG2SXBxubhJ6kmwAAAAU"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-13 02:45:07 (8 months ago)	Excessive crawling/scraping	Hacking Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 193.121.177.159

🇺🇸 173.91.46.151

🇺🇸 172.70.127.169

🇵🇭 139.135.241.116

🇨🇳 118.196.86.5

🇺🇸 71.6.134.204

🇺🇸 44.255.115.127

🇰🇪 41.90.233.159

🇮🇳 27.58.97.231

🇮🇳 223.188.51.103

🇲🇾 219.92.9.48

🇺🇸 198.98.56.205

🇦🇷 190.220.147.188

🇳🇱 188.166.20.164

🇺🇦 176.105.165.31

🇺🇸 172.253.221.156

🇮🇳 152.52.15.213

🇸🇦 141.164.244.225

🇺🇸 109.105.210.80

🇺🇸 109.105.210.79