JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 165.245.238.98

165.245.238.98 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 71%: ?

71%

ISP	DigitalOcean, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS14061
Domain Name	digitalocean.com
Country	🇨🇦 Canada
City	Toronto, Ontario

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 165.245.238.98

Whois 165.245.238.98

IP Abuse Reports for 165.245.238.98:

This IP address has been reported a total of 17 times from 13 distinct sources. 165.245.238.98 was first reported on June 17th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 EnthecSolutions	2026-06-17 14:00:45 (5 days ago)	Detected by Enthec Solutions. \| Attempts: 68 in 24h \| Target port: 2077	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-17 12:11:50 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 08:11:43.719067 2026] [security2:error] [pid 6386:tid 6386] [client 165.245.238.98:35974] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.219"] [uri "/.git/refs/heads/master"] [unique_id "ajKO_742CGzwjVWCIfr8QQAAABI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 MPL	2026-06-17 11:27:20 (6 days ago)	tcp port scan (22 or more attempts)	Port Scan
🇩🇪 dispaisyenterprises	2026-06-17 11:09:50 (6 days ago)	Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2083 [1], 2082 [1], 2086 [1], 2078 ... show more Honeypot [fra-de-honeypot]: Empty payload (likely service probe); 2083 [1], 2082 [1], 2086 [1], 2078 [1], 2077 [1], 2095 [1] TCP Reported by DisPaisy Enterprises (dispaisy.systems) using: https://github.com/sefinek/T-Pot-To-AbuseIPDB show less	Port Scan
🇺🇸 TPI-Abuse	2026-06-17 09:26:29 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 05:26:21.232448 2026] [security2:error] [pid 10054:tid 10054] [client 165.245.238.98:42686] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.174"] [uri "/.git/HEAD"] [unique_id "ajJoPZ4kXO83qRUbESAjogAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-17 06:56:30 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 17 02:56:22.999128 2026] [security2:error] [pid 13101:tid 13101] [client 165.245.238.98:33274] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.118"] [uri "/.git/HEAD"] [unique_id "ajJFFinqCTp4UfJjFLDAmwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-06-17 06:54:48 (6 days ago)	Blocked by UFW (TCP on 2078) Source port: 44220 TTL: 50 Packet length: 60 TOS: 0x08 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 44220 TTL: 50 Packet length: 60 TOS: 0x08 This report (for 165.245.238.98) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇯🇵 S.O.B.A. Dev.	2026-06-17 05:53:16 (6 days ago)	Persistent port scanning or vulnerability scanning	Port Scan
🇺🇸 Starburst SysOp Team	2026-06-17 04:22:43 (6 days ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-mnz6-5)	Hacking Bad Web Bot
🇺🇸 MPL	2026-06-17 04:14:55 (6 days ago)	tcp port scan (10 or more attempts)	Port Scan
🇧🇷 SOC PR	2026-06-17 03:13:37 (6 days ago)	IPS: Web Server Enforcement Violation.	Hacking
🇩🇪 David Ferneding	2026-06-17 02:01:27 (6 days ago)	Blocked by UFW (TCP on 2078) Source port: 34360 TTL: 54 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 2078) Source port: 34360 TTL: 54 Packet length: 60 TOS: 0x00 This report (for 165.245.238.98) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇺🇸 Axel	2026-06-17 01:13:47 (6 days ago)	Blocked by UFW on MVI [2078/tcp] \| SPT: 47478 \| TTL: 50 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2078/tcp] \| SPT: 47478 \| TTL: 50 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇷🇸 Scan	2026-06-17 01:13:18 (6 days ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-17 00:48:11 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 165.245.238.98 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 20:48:03.429647 2026] [security2:error] [pid 27387:tid 27387] [client 165.245.238.98:58772] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.93"] [uri "/.git/HEAD"] [unique_id "ajHuw40McOxddBM2xdsa7gAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 111.198.221.98

🇮🇹 45.91.20.116

🇺🇸 34.133.246.1

🇨🇳 223.112.68.166

🇺🇸 162.216.149.180

🇸🇦 144.24.209.174

🇮🇹 93.95.216.100

🇳🇱 89.21.67.169

🇧🇷 45.162.8.14

🇧🇷 45.140.193.156

🇺🇸 2607:f8b0:4023:1004::12d

🇰🇿 185.239.146.241

🇺🇸 136.118.155.1

🇻🇳 103.176.24.57

🇺🇸 195.184.76.66

🇨🇳 180.165.38.170

🇳🇱 172.94.9.60

🇮🇶 95.170.206.42

🇵🇱 94.152.206.19

🇺🇸 91.230.168.137