JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.245.238.98

165.245.238.98 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 68%: ?

68%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.245.238.98

Whois 165.245.238.98

IP Abuse Reports for 165.245.238.98:

This IP address has been reported a total of 17 times from 13 distinct sources. 165.245.238.98 was first reported on June 17th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 EnthecSolutions	2026-06-17 14:00:45 (1 week ago)	Detected by Enthec Solutions. \| Attempts: 68 in 24h \| Target port: 2077	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-17 12:11:50 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 08:11:43.719067 2026] [security2:error] [pid 6386:tid 6386] [client 165.245.238.98:35974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.219"] [uri "/.git/refs/heads/master"] [unique_id "ajKO_742CGzwjVWCIfr8QQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-17 11:27:20 (1 week ago)	tcp port scan (22 or more attempts)	Port Scan
🇩🇪 dispaisyenterprises	2026-06-17 11:09:50 (1 week ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2083 [1], 2082 [1], 2086 [1], 2078 ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2083 [1], 2082 [1], 2086 [1], 2078 [1], 2077 [1], 2095 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-17 09:26:29 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:26:21.232448 2026] [security2:error] [pid 10054:tid 10054] [client 165.245.238.98:42686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.174"] [uri "/.git/HEAD"] [unique_id "ajJoPZ4kXO83qRUbESAjogAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:56:30 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:56:22.999128 2026] [security2:error] [pid 13101:tid 13101] [client 165.245.238.98:33274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.118"] [uri "/.git/HEAD"] [unique_id "ajJFFinqCTp4UfJjFLDAmwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-17 06:54:48 (1 week ago)	Blocked by UFW (TCP on 2078) Source port: 44220 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 44220 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 165.245.238.98) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 S.O.B.A. Dev.	2026-06-17 05:53:16 (1 week ago)	Persistent port scanning or vulnerability scanning	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-17 04:22:43 (1 week ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-5)	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-17 04:14:55 (1 week ago)	tcp port scan (10 or more attempts)	Port Scan
🇧🇷 SOC PR	2026-06-17 03:13:37 (1 week ago)	IPS: Web Server Enforcement Violation.	Hacking
🇩🇪 David Ferneding	2026-06-17 02:01:27 (1 week ago)	Blocked by UFW (TCP on 2078) Source port: 34360 TTL: 54 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 34360 TTL: 54 Packet length: 60 TOS: 0x00 This report (for 165.245.238.98) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-17 01:13:47 (1 week ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 47478 \| TTL: 50 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 47478 \| TTL: 50 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-17 01:13:18 (1 week ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-17 00:48:11 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:48:03.429647 2026] [security2:error] [pid 27387:tid 27387] [client 165.245.238.98:58772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.93"] [uri "/.git/HEAD"] [unique_id "ajHuw40McOxddBM2xdsa7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 193.46.255.86

🇬🇧 87.236.176.36

🇬🇧 35.203.210.183

🇭🇰 220.246.47.169

🇬🇧 213.166.84.49

🇩🇪 212.132.120.41

🇧🇷 205.210.31.234

🇮🇩 203.175.125.185

🇬🇧 195.96.139.106

🇬🇧 193.32.209.254

🇭🇰 118.26.36.195

🇨🇳 111.225.148.135

🇹🇼 111.70.23.222

🇳🇱 104.233.61.110

🇬🇧 81.19.219.233

🇺🇸 65.49.1.162

🇺🇸 47.251.61.27

🇮🇳 42.108.115.21

🇬🇧 35.203.210.40

🇨🇳 14.103.55.226