JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.200.81

64.236.200.81 was found in our database!

This IP was reported 38 times. Confidence of Abuse is 98%: ?

98%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.200.81

Whois 64.236.200.81

IP Abuse Reports for 64.236.200.81:

This IP address has been reported a total of 38 times from 31 distinct sources. 64.236.200.81 was first reported on August 29th 2025, and the most recent report was 21 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 boxed-it	2026-06-04 18:03:37 (21 hours ago)	GET /.git/HEAD (Tarpitted for 1d15h8m28s, wasted 8.06MB)	Web App Attack
🇦🇹 urnilxfgbez	2026-06-03 22:45:00 (1 day ago)	Last 24 Hours suspicious: (DPT=445\|DPT=3389\|DPT=22\|DPT=3306\|DPT=8080\|DPT=23\|DPT=5900\|DPT=1433)	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 06:50:51 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:50:43.632672 2026] [security2:error] [pid 15164:tid 15164] [client 64.236.200.81:37363] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.154"] [uri "/.git/HEAD"] [unique_id "ah_Ow4CGswGX_WsqmUZkEQAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇷 SOC PR	2026-06-03 06:33:10 (2 days ago)	IPS: Web Server Exposed Git Repository Information Disclosure.	Hacking
🇺🇸 TPI-Abuse	2026-06-03 06:32:50 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:32:42.962566 2026] [security2:error] [pid 10653:tid 10653] [client 64.236.200.81:38507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.16"] [uri "/.env.production"] [unique_id "ah_Kiqw5ArWaT7bamdkkhwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Floofie	2026-06-03 03:54:45 (2 days ago)	64.236.200.81 - - [02/Jun/2026:23:54:37 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Win ... show more 64.236.200.81 - - [02/Jun/2026:23:54:37 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" 64.236.200.81 - - [02/Jun/2026:23:54:38 -0400] "GET /.git/HEAD HTTP/1.1" 444 0 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:125.0) Gecko/20100101 Firefox/125.0" 64.236.200.81 - - [02/Jun/2026:23:54:44 -0400] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RAP	2026-06-03 02:27:15 (2 days ago)	2026-06-03 02:27:15 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇺🇸 SketchyDude	2026-06-03 02:02:30 (2 days ago)	Banned by Fail2Ban jail: apache-auth	Brute-Force Web App Attack
🇧🇪 boxed-it	2026-06-03 01:50:01 (2 days ago)	GET /config/database.yml (Tarpitted for 27m24s, wasted 96.45kB)	Web App Attack
🇺🇸 nyt	2026-06-03 01:37:23 (2 days ago)	Sensitive File Probe	Web App Attack
🇺🇸 TPI-Abuse	2026-06-03 01:36:06 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.200.81 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 21:36:00.514472 2026] [security2:error] [pid 6828:tid 6828] [client 64.236.200.81:21507] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.137"] [uri "/.git/HEAD"] [unique_id "ah-FAE6zl2STdKmlTVei6gAAACc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 RogueAutomata	2026-06-03 01:29:26 (2 days ago)	Detected malicious request: GET /.env.local Detections triggered: Environment/config probe Access v ... show more Detected malicious request: GET /.env.local Detections triggered: Environment/config probe Access via IP addr (v4) show less	Web App Attack
🇬🇧 PeravixGroup	2026-06-03 01:25:19 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8443. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇷🇸 Scan	2026-06-03 00:19:33 (2 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇬🇧 PeravixGroup	2026-06-02 22:18:44 (2 days ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot

Showing 1 to 15 of 38 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 223.184.227.104

🇨🇳 223.88.165.80

🇩🇪 213.209.159.228

🇩🇪 213.209.159.227

🇻🇪 201.221.112.170

🇺🇿 188.113.248.191

🇺🇿 185.139.139.215

🇰🇿 178.90.38.122

🇩🇪 176.65.132.22

🇮🇳 171.61.50.34

🇺🇸 162.216.150.23

🇰🇿 149.27.31.238

🇰🇿 145.255.161.198

🇨🇳 124.227.31.34

🇰🇿 92.49.219.98

🇧🇬 91.191.209.198

🇺🇸 65.49.1.196

🇨🇳 59.52.179.100

🇺🇸 47.251.246.14

🇵🇰 39.41.226.176