JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.140.238.202

165.140.238.202 was found in our database!

This IP was reported 53 times. Confidence of Abuse is 82%: ?

82%

ISP	EliteWork LLC
Usage Type	Commercial
ASN	AS397731
Domain Name	elitework.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.140.238.202

Whois 165.140.238.202

IP Abuse Reports for 165.140.238.202:

This IP address has been reported a total of 53 times from 19 distinct sources. 165.140.238.202 was first reported on June 6th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇳 PrivateLiu	2026-06-26 21:22:02 (9 hours ago)	[AbuseIPDB auto-report] Rules: Rule5. Region: non-CN. Known vulnerability path probing: targeting CM ... show more [AbuseIPDB auto-report] Rules: Rule5. Region: non-CN. Known vulnerability path probing: targeting CMS (WordPress/Drupal), phpMyAdmin, actuator endpoints, or other known vulnerable paths. Sample paths: /.git/config. Statuses: 301, 404. Methods: GET. UA: N/A show less	Web App Attack
🇫🇷 dynamix	2026-06-26 12:41:14 (18 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 cwytech	2026-06-26 12:21:50 (18 hours ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-http-sensitive-files.	Bad Web Bot Web App Attack
🇩🇪 ghostwarriors	2026-06-26 11:50:10 (19 hours ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇧🇬 HighWay	2026-06-26 11:22:05 (19 hours ago)	165.140.238.202 - - [26/Jun/2026:11:22:03 +0000] "GET /.git/config HTTP/1.1" 403 457 "-" "Mozilla/5. ... show more 165.140.238.202 - - [26/Jun/2026:11:22:03 +0000] "GET /.git/config HTTP/1.1" 403 457 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" 165.140.238.202 - - [26/Jun/2026:11:22:04 +0000] "GET /.git/config HTTP/1.1" 403 5940 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Web App Attack Bad Web Bot
🇩🇪 WinnieHoneypots	2026-06-26 10:59:46 (20 hours ago)	Probe hitting /.git/config detected. Whatcha lookin for in there?!	Brute-Force Bad Web Bot Web App Attack
🇷🇴 abuse_IP_reporter	2026-06-26 10:45:05 (20 hours ago)	Jun 26 12:46:12 server UFW BLOCK SRC=165.140.238.202 DF PROTO=TCP SPT=40518	Port Scan
🇮🇪 AutosOnShow	2026-06-25 06:46:05 (2 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-25 06:45:16.771 \|	Web App Attack
🇫🇷 dynamix	2026-06-23 22:33:26 (3 days ago)	Multiple WAF Violations	Web App Attack
🇺🇸 cwytech	2026-06-23 22:14:02 (3 days ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/tpot-web-crit.	Bad Web Bot Web App Attack
🇩🇪 WinnieHoneypots	2026-06-23 20:52:00 (3 days ago)	Probe hitting /.git/config detected. Whatcha lookin for in there?!	Brute-Force Bad Web Bot Web App Attack
🇫🇷 bellovacorp	2026-06-23 00:57:26 (4 days ago)	[CrowdSec/Noliae] noliae-threat-intel	Hacking
🇮🇪 AutosOnShow	2026-06-22 16:48:06 (4 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-22 16:47:14.474 \|	Web App Attack
🇨🇳 PrivateLiu	2026-06-21 10:44:11 (5 days ago)	[AbuseIPDB auto-report] Rules: Rule5. Region: non-CN. Known vulnerability path probing: targeting CM ... show more [AbuseIPDB auto-report] Rules: Rule5. Region: non-CN. Known vulnerability path probing: targeting CMS (WordPress/Drupal), phpMyAdmin, actuator endpoints, or other known vulnerable paths. Sample paths: /.git/config. Statuses: 404. Methods: GET. UA: N/A show less	Web App Attack
🇫🇷 dynamix	2026-06-21 08:37:29 (5 days ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 53 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 169.211.238.196

🇩🇪 139.19.117.131

🇺🇸 195.184.76.217

🇮🇳 103.168.240.21

🇧🇬 79.124.60.146

🇺🇸 57.151.128.136

🇧🇷 45.183.154.246

🇺🇸 45.56.83.247

🇧🇪 34.156.16.197

🇺🇸 32.196.134.15

🇳🇱 5.187.35.26

🇫🇷 193.70.122.120

🇺🇸 166.62.89.133

🇭🇰 123.58.213.20

🇫🇷 80.65.211.49

🇺🇸 71.6.239.130

🇺🇸 64.236.161.34

🇸🇬 45.78.202.217

🇧🇪 34.77.66.150

🇮🇳 1.39.26.166