JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.140.238.64

165.140.238.64 was found in our database!

This IP was reported 66 times. Confidence of Abuse is 63%: ?

63%

ISP	EliteWork LLC
Usage Type	Commercial
ASN	AS397731
Domain Name	elitework.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.140.238.64

Whois 165.140.238.64

IP Abuse Reports for 165.140.238.64:

This IP address has been reported a total of 66 times from 55 distinct sources. 165.140.238.64 was first reported on April 24th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 ICS Labs	2026-06-09 19:18:59 (1 week ago)	ICS Labs identified 165.140.238.64 as a malicious indicator from threat intelligence.	DDoS Attack Hacking Brute-Force Exploited Host
🇫🇮 nNordic	2026-06-09 10:19:14 (1 week ago)	Connection attempt blocked by IDS/IPS from 165.140.238.64/32	Hacking
🇩🇪 SCHAPPY	2026-06-04 21:29:25 (2 weeks ago)	Brute-force attack to identify web exploits	Brute-Force Web App Attack
🇩🇪 langenkamp-media	2026-06-04 21:29:10 (2 weeks ago)	Fail2Ban: Banned from jail nginx-nohome on 3dausdu.de	Web App Attack
🇩🇪 Bedios GmbH	2026-06-04 21:29:01 (2 weeks ago)	Login credentials theft attempt	Hacking
Anonymous	2026-06-04 20:10:14 (2 weeks ago)	automatically banned	Brute-Force Web App Attack
🇩🇪 ut-addicted.com	2026-06-04 20:10:12 (2 weeks ago)	\[Thu Jun 04 22:10:11.128646 2026\] \[:error\] \[pid 1377:tid 139785790252800\] \[client 165.140.238 ... show more \[Thu Jun 04 22:10:11.128646 2026\] \[:error\] \[pid 1377:tid 139785790252800\] \[client 165.140.238.64:40410\] \[client 165.140.238.64\] ModSecurity: Access denied with code 403 \(phase 2\). Operator GE matched 5 at TX:anomaly_score. \[file "/usr/local/apache/modsecurity-owasp-latest/rules/REQUEST-949-BLOCKING-EVALUATION.conf"\] \[line "57"\] \[id "949110"\] \[msg "Inbound Anomaly Score Exceeded \(Total Score: 8\)"\] \[severity "CRITICAL"\] \[tag "application-multi"\] \[tag "language-multi"\] \[tag "platform-multi"\] \[tag "attack-generic"\] \[hostname "78.46.187.162"\] \[uri "/.git/config"\] \[unique_id "aiHbo3q-OTiONKDhQm3AfQAAAQs"\] show less	Brute-Force Web App Attack
🇩🇪 sdos.es	2026-06-04 19:58:56 (2 weeks ago)	"Restricted File Access Attempt - Matched Data: /.git/ found within REQUEST_FILENAME: /.git/config"	Web App Attack
🇧🇪 sid3windr	2026-06-04 19:58:35 (2 weeks ago)	GET /.git/config (Tarpitted for 1m4s, wasted 3.87kB)	Web App Attack
🇩🇪 McClay	2026-06-04 19:56:01 (2 weeks ago)	Illegal access attempt:165.140.238.64 - - [04/Jun/2026:21:56:00 +0200] "GET /.git/config HTTP/1.1" 4 ... show more Illegal access attempt:165.140.238.64 - - [04/Jun/2026:21:56:00 +0200] "GET /.git/config HTTP/1.1" 404 1014 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Hacking Web App Attack
🇺🇸 nyt	2026-05-07 06:41:38 (1 month ago)	Bad Web Bot, Web App Attack, suspicious: Sensitive File Probe, Scanner UA	Bad Web Bot Web App Attack
🇧🇷 Peregrine	2026-05-01 03:12:58 (1 month ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 165.140.238.64 - - [24/Apr/2026:12:31:42 -0300] "GET ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 165.140.238.64 - - [24/Apr/2026:12:31:42 -0300] "GET /.git/config HTTP/1.1" 404 414 show less	Bad Web Bot
🇧🇷 Peregrine	2026-04-30 03:12:55 (1 month ago)	Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 165.140.238.64 - - [24/Apr/2026:12:31:42 -0300] "GET ... show more Fail2Ban S3 Jail: tomcat-honeypot \| Evidence: - 165.140.238.64 - - [24/Apr/2026:12:31:42 -0300] "GET /.git/config HTTP/1.1" 404 414 show less	Bad Web Bot
Anonymous	2026-04-29 18:32:45 (1 month ago)	165.140.238.64 - - [29/Apr/2026:15:32:44 -0300] "GET /.git/config HTTP/1.1" 404 153 "-" "Mozilla/5.0 ... show more 165.140.238.64 - - [29/Apr/2026:15:32:44 -0300] "GET /.git/config HTTP/1.1" 404 153 "-" "Mozilla/5.0 (compatible; Scanner/1.0)" ... show less	Port Scan Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host
🇺🇸 ShadowWhisperer	2026-04-29 17:27:35 (1 month ago)	HTTPS GET /.git/config UA: Mozilla/5.0 (compatible; Scanner/1.0)	Web App Attack

Showing 1 to 15 of 66 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 122.183.57.99

🇨🇳 112.132.158.99

🇧🇷 20.197.238.124

🇺🇸 20.168.121.92

🇯🇵 8.209.231.182

🇧🇷 187.114.138.5

🇸🇪 155.4.244.107

🇷🇴 141.98.83.200

🇨🇳 125.91.33.72

🇵🇰 116.71.136.125

🇨🇳 106.75.184.36

🇺🇸 104.207.40.127

🇺🇸 98.80.181.44

🇱🇧 91.151.238.195

🇳🇱 91.92.40.7

🇩🇪 69.5.169.246

🇺🇸 44.192.103.160

🇮🇩 36.95.221.140

🇺🇸 20.168.124.0

🇲🇿 197.219.210.86