JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.143.32

64.236.143.32 was found in our database!

This IP was reported 36 times. Confidence of Abuse is 68%: ?

68%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.143.32

Whois 64.236.143.32

IP Abuse Reports for 64.236.143.32:

This IP address has been reported a total of 36 times from 29 distinct sources. 64.236.143.32 was first reported on September 21st 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 SOC PR	2026-06-11 08:55:42 (1 day ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇺🇸 MPL	2026-06-11 08:38:46 (1 day ago)	tcp port scan (16 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-11 08:02:10 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 64.236.143.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.143.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 04:02:07.201131 2026] [security2:error] [pid 1466:tid 1466] [client 64.236.143.32:28241] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.194"] [uri "/.git/HEAD"] [unique_id "aiprf2aZl1cnnlqpNj5LsQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 obiahmar	2026-06-11 06:56:56 (1 day ago)	This IP was detected triggering crowdsecurity/appsec-vpatch	Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-11 04:34:19 (1 day ago)	Scanning for web/db/file exploits on tpc-024.mach3builders.nl	SQL Injection Bad Web Bot Web App Attack
Anonymous	2026-06-07 08:34:06 (5 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇧🇪 sid3windr	2026-06-06 20:27:38 (5 days ago)	GET /.DS_Store (Tarpitted for 8h36m39s, wasted 1.77MB)	Web App Attack
Anonymous	2026-06-06 14:03:41 (5 days ago)	PORT & IP Scan.	Port Scan Brute-Force
🇺🇸 MPL	2026-06-06 13:27:33 (5 days ago)	tcp port scan (16 or more attempts)	Port Scan
🇺🇸 Gabriel Camargo	2026-06-06 12:45:53 (5 days ago)	64.236.143.32 - - [06/Jun/2026:07:45:45 -0500] "GET /.git/HEAD HTTP/1.1" 404 197 "-" "Mozilla/5.0 (W ... show more 64.236.143.32 - - [06/Jun/2026:07:45:45 -0500] "GET /.git/HEAD HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36 Edg/124.0.0.0" 64.236.143.32 - - [06/Jun/2026:07:45:49 -0500] "GET /.git/config HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 64.236.143.32 - - [06/Jun/2026:07:45:51 -0500] "GET /.env HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ... show less	Brute-Force SSH
🇳🇱 tpjg	2026-06-06 11:35:52 (5 days ago)	Automated: 15 requests with error status in 120s window from 64.236.143.32. Evidence: /backup.sql:30 ... show more Automated: 15 requests with error status in 120s window from 64.236.143.32. Evidence: /backup.sql:301,/.htpasswd:301,/config.php:301,/.DS_Store:301,/actuator/env:301,/server-status:301,/phpinfo.php:301,/wp-config.php.bak:301,/wp-config.php:301,/.env.save:301,/.env.backup:301,/.env.production:301,/.env:301,/.git/config:301,/.git/HEAD:301 show less	Web App Attack
🇹🇷 Threat.live	2026-06-06 10:20:02 (6 days ago)	Suspicious Connection Attempts	Brute-Force
🇺🇸 Mainpine	2026-06-06 09:11:57 (6 days ago)	probing for vulnerable web apps	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 08:45:16 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.143.32 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.143.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 04:45:13.638941 2026] [security2:error] [pid 13740:tid 13740] [client 64.236.143.32:62468] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.28"] [uri "/.git/HEAD"] [unique_id "aiPeGQNjmF3MqICzG84BBAAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 homeshowdomain.nl	2026-04-07 21:59:20 (2 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-06. show less	Web App Attack SSH Hacking

Showing 1 to 15 of 36 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 2400:8901::f03c:92ff:fe4c:4ec8

🇨🇳 101.206.107.245

🇵🇰 39.56.121.193

🇮🇳 223.233.85.110

🇸🇦 176.45.76.83

🇺🇸 162.141.167.39

🇹🇭 118.27.146.111

🇸🇦 85.195.134.10

🇪🇸 85.53.53.156

🇸🇪 79.138.90.195

🇩🇪 77.91.66.1

🇺🇸 74.235.84.135

🇧🇴 38.246.59.18

🇰🇭 36.37.228.57

🇮🇹 217.202.28.94

🇺🇸 207.241.173.41

🇷🇺 193.232.104.233

🇪🇨 186.121.165.101

🇧🇷 177.126.26.233

🇨🇳 171.36.7.175