JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.201.66

135.232.201.66 was found in our database!

This IP was reported 42 times. Confidence of Abuse is 37%: ?

37%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.201.66

Whois 135.232.201.66

IP Abuse Reports for 135.232.201.66:

This IP address has been reported a total of 42 times from 29 distinct sources. 135.232.201.66 was first reported on August 22nd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 06:47:33 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:47:27.915136 2026] [security2:error] [pid 32082:tid 32082] [client 135.232.201.66:5143] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.20"] [uri "/.git/config"] [unique_id "ah_N_72Hont1jiR6C3ul_gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 BellFix	2026-06-03 06:44:30 (1 week ago)	Fail2ban reported 135.232.201.66 for npm-docker	Web App Attack
🇬🇧 PeravixGroup	2026-06-03 06:27:55 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇭🇰 Harold Wong	2026-05-24 21:10:51 (2 weeks ago)	$f2bV_matches	Brute-Force
🇺🇸 TPI-Abuse	2026-05-24 20:40:49 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.66 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.66 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 16:40:45.563579 2026] [security2:error] [pid 29965:tid 29965] [client 135.232.201.66:26780] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "computerdoc-rx.com"] [uri "/.env"] [unique_id "ahNiTXnK58_sr-XKYAhNmQAAABU"], referer: https://news.ycombinator.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 6kilowatti	2026-05-24 19:23:50 (2 weeks ago)	135.232.201.66 - - [24/May/2026:22:23:49 +0300] "GET /.env HTTP/1.1" 404 12994 "-" "Mozilla/5.0 (iPa ... show more 135.232.201.66 - - [24/May/2026:22:23:49 +0300] "GET /.env HTTP/1.1" 404 12994 "-" "Mozilla/5.0 (iPad; CPU OS 17_2_1 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.2 Mobile/15E148 Safari/604.1" ... show less	Web App Attack
🇮🇹 VHosting	2026-05-24 19:00:04 (2 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack
🇳🇱 debestelapp	2026-05-24 16:17:45 (3 weeks ago)		Web App Attack
🇨🇳 ThreatBook.io	2026-04-27 00:50:23 (1 month ago)	ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/135.232.201.66 2026-04-26 15:5 ... show more ThreatBook Intelligence: Spam more details on http://threatbook.io/ip/135.232.201.66 2026-04-26 15:51:02 ["uname -a 2>/dev/null \|\| echo unknown"] show less	Brute-Force
🇺🇸 brandon.125	2026-03-22 06:09:43 (2 months ago)	SSH brute force attempt (fail2ban rejected)	Brute-Force SSH
🇹🇷 rtbh.com.tr	2026-03-09 20:11:58 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇹🇷 rtbh.com.tr	2026-03-08 20:11:59 (3 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇺🇸 chrisj	2026-03-08 07:27:28 (3 months ago)	2026-03-08T07:20:31.842033+00:00 aws sshd[1272941]: Failed password for invalid user root from 135.2 ... show more 2026-03-08T07:20:31.842033+00:00 aws sshd[1272941]: Failed password for invalid user root from 135.232.201.66 port 31744 ssh2 2026-03-08T07:27:26.526521+00:00 aws sshd[1273264]: User root from 135.232.201.66 not allowed because not listed in AllowUsers 2026-03-08T07:27:26.553501+00:00 aws sshd[1273264]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=135.232.201.66 user=root 2026-03-08T07:27:28.605006+00:00 aws sshd[1273264]: Failed password for invalid user root from 135.232.201.66 port 31744 ssh2 ... show less	Brute-Force SSH
🇨🇭 TOCE	2026-03-08 07:26:03 (3 months ago)	27 hits seen on 2026-03-08, ports 22 (SSH) on a honeypot from www.toce.ch	SSH
🇺🇸 drewf.ink	2026-03-08 07:03:59 (3 months ago)	[07:03] Attempted SSH login on port 22 with credentials root:1secret?	Brute-Force SSH

Showing 1 to 15 of 42 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 223.197.248.209

🇩🇪 213.209.159.56

🇨🇭 104.244.74.201

🇮🇪 54.246.32.193

🇮🇷 2.180.128.138

🇨🇳 221.234.36.123

🇻🇪 206.0.160.61

🇮🇳 182.95.119.30

🇺🇸 142.11.214.31

🇮🇳 122.162.146.24

🇨🇦 85.217.149.27

🇺🇸 66.132.224.86

🇨🇳 61.240.17.66

🇬🇧 45.82.76.122

🇮🇳 206.189.140.151

🇮🇳 182.79.127.86

🇺🇸 104.23.178.232

🇮🇹 87.12.25.228

🇧🇷 43.164.193.198

🇺🇸 20.127.220.21