JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 135.232.201.84

135.232.201.84 was found in our database!

This IP was reported 177 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 135.232.201.84

Whois 135.232.201.84

IP Abuse Reports for 135.232.201.84:

This IP address has been reported a total of 177 times from 73 distinct sources. 135.232.201.84 was first reported on September 29th 2025, and the most recent report was 58 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇵🇱 sefinek.net	2026-06-14 16:06:37 (58 minutes ago)	Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [2], 2095 [1], 2077 [1], 2078 [1] ... show more Honeypot hit: Empty payload (likely service probe); 2086 [3], 2087 [2], 2095 [1], 2077 [1], 2078 [1], 2083 [1] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 Hary74656	2026-06-14 14:30:06 (2 hours ago)	[Sun Jun 14 16:29:43.296193 2026] [security2:error] [pid 325539:tid 325621] [client 135.232.201.84:4 ... show more [Sun Jun 14 16:29:43.296193 2026] [security2:error] [pid 325539:tid 325621] [client 135.232.201.84:49472] [client 135.232.201.84] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.git/" at REQUEST_FILENAME. [file "/usr/share/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "125"] [id "930130"] [msg "Restricted File Access Attempt"] [data "Matched Data: /.git/ found within REQUEST_FILENAME: /.git/head"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/255/153/126"] [tag "PCI/6.5.4"] [hostname "78.46.107.184"] [uri "/.git/HEAD"] [unique_id "ai661m2ZupNPBFITFo9KLQAAAsA"] [Sun Jun 14 16:29:45.578806 2026] [security2:error] [pid 325452:tid 325517] [client 135.232.201.84:49480] [client 135.232.201.84] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/.env" at REQUEST_FILENAME. [file "/us ... show less	Web App Attack
🇺🇸 jkhorvath.com	2026-06-14 14:23:26 (2 hours ago)	Request for URL /.git/HEAD	Phishing Brute-Force Web App Attack
🇩🇪 gadix	2026-06-14 13:43:51 (3 hours ago)	[14/Jun/2026:15:43:43.359328 +0200] ai6wD9ni7RB6WhyktN-T6QAAAB4 135.232.201.84 45788 127.0.0.1 7080 ... show more [14/Jun/2026:15:43:43.359328 +0200] ai6wD9ni7RB6WhyktN-T6QAAAB4 135.232.201.84 45788 127.0.0.1 7080 [14/Jun/2026:15:43:46.830347 +0200] ai6wErVIWbty6uubU4h9UwAAAAE 135.232.201.84 45796 127.0.0.1 7080 [14/Jun/2026:15:43:48.469842 +0200] ai6wFGj1KAtGdsnYuslAAQAAAAI 135.232.201.84 58498 127.0.0.1 7080 ... show less	Web App Attack
Anonymous	2026-06-14 13:32:12 (3 hours ago)	[Sun Jun 14 16:32:01.934883 2026] [authz_core:error] [pid 7013] [client 135.232.201.84:49601] AH0163 ... show more [Sun Jun 14 16:32:01.934883 2026] [authz_core:error] [pid 7013] [client 135.232.201.84:49601] AH01630: client denied by server configuration: /var/www/html/.git [Sun Jun 14 16:32:05.371932 2026] [authz_core:error] [pid 7014] [client 135.232.201.84:49614] AH01630: client denied by server configuration: /var/www/html/.git [Sun Jun 14 16:32:11.676747 2026] [authz_core:error] [pid 8527] [client 135.232.201.84:49628] AH01630: client denied by server configuration: /var/www/html/.env.local show less	Bad Web Bot
🇹🇷 Threat.live	2026-06-14 13:30:03 (3 hours ago)	Suspicious Connection Attempts	Brute-Force
🇩🇪 check-the-sum.fr	2026-06-14 13:16:50 (3 hours ago)	Port Scanning	Port Scan
Anonymous	2026-06-14 12:27:35 (4 hours ago)	Honeypot wireguard: source IP triggered 3+ blocked attempts in 24h (ports: 443/tcp (HTTPS))	Port Scan
🇫🇷 TheHoneyPotter	2026-06-14 11:27:03 (5 hours ago)	Honeypot [fc-honeypot]: Empty payload (likely service probe); 2078 [13] TCP Reported by: https://git ... show more Honeypot [fc-honeypot]: Empty payload (likely service probe); 2078 [13] TCP Reported by: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇩🇪 ManagedStack	2026-06-14 11:15:02 (5 hours ago)	Probing access to unauthorized locations	Hacking Exploited Host Web App Attack
🇭🇰 pengpeng	2026-06-09 05:29:48 (5 days ago)	monitor: on ser162528253480 \| port: 8848 \| ttl: 239 script: github.com/sefinek/UFW-AbuseIPDB-Report ... show more monitor: on ser162528253480 \| port: 8848 \| ttl: 239 script: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-03 06:28:38 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 135.232.201.84 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 135.232.201.84 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 02:28:32.983873 2026] [security2:error] [pid 9581:tid 9600] [client 135.232.201.84:42640] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.131"] [uri "/.git/HEAD"] [unique_id "ah_JkD1nS_v9xa5oTyAozwAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-03 05:54:29 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇩🇪 Zydzy	2026-06-03 05:32:58 (1 week ago)	Automated attack detected. Server: 95.140.154.181. Jail: nginx-exploit.	Web App Attack
🇧🇷 SOC PR	2026-06-03 04:53:05 (1 week ago)	IPS: Sensitive Configuration File Disclosure.	Hacking

Showing 1 to 15 of 177 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.85.34

🇦🇷 186.12.204.47

🇹🇷 176.236.210.178

🇰🇷 222.110.147.58

🇬🇧 209.35.68.78

🇮🇳 117.254.226.97

🇺🇸 65.49.1.37

🇲🇾 47.254.244.249

🇳🇱 158.94.211.16

🇮🇳 125.19.163.58

🇮🇳 106.219.150.217

🇿🇦 105.8.6.154

🇺🇸 66.132.195.97

🇺🇸 66.132.172.143

🇺🇸 64.62.156.200

🇳🇱 45.148.10.147

🇧🇷 20.226.10.188

🇪🇨 201.183.67.44

🇨🇴 186.118.223.61

🇺🇸 172.190.51.254