IP info including ISP, Usage Type, and Location provided
by IPInfo. Updated weekly.
Important Note: 172.64.223.198 is an IP address from within
our whitelist belonging to the subnet
172.64.0.0/13,
which we identify as: "Cloudflare Reverse Proxy".
Whitelisted netblocks are typically owned by trusted entities, such as Google
or Microsoft who may use them for search engine spiders. However, these same entities
sometimes also provide cloud servers and mail services which are easily abused. Pay special
attention when trusting or distrusting these IPs.
This IP address has been reported a total of
48
times from
15 distinct
sources.
172.64.223.198 was first reported on
, and the most recent report was
.
Old Reports:
The most recent abuse report for this IP address is from
. It is possible that this IP is no longer involved in abusive activities.
(mod_security) mod_security (id:210492) triggered by 172.64.223.198 (-): 1 in the last 300 secs; Por ...
show more(mod_security) mod_security (id:210492) triggered by 172.64.223.198 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 23:25:09.054246 2026] [security2:error] [pid 9579:tid 9602] [client 172.64.223.198:11291] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "halescreations.com"] [uri "/.git/config"] [unique_id "ag57FUo-26Xkh2aXe9XpEAAAABE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
(PERMBLOCK) 172.64.223.198 (FI/Finland/-) has had more than 4 temp blocks in the last 86400 secs; Po ...
show more(PERMBLOCK) 172.64.223.198 (FI/Finland/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
Anonymous
(caddyscan) Scanner path probe from 172.64.223.198 (FI/Finland/-): 5 in the last 3600 secs; Ports: * ...
show more(caddyscan) Scanner path probe from 172.64.223.198 (FI/Finland/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 172.64.223.198 - - [21/May/2026:00:08:30 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.64.223.198 - - [21/May/2026:00:20:43 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.64.223.198 - - [21/May/2026:00:20:54 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.64.223.198 - - [21/May/2026:00:21:01 +0000] "GET /.git/config HTTP/1.1"
[REDACTED] 200 2627 172.64.223.198 - - [21/May/2026:00:21:01 +0000] "GET /.git/config HTTP/1.1"
show less
Port Scan
Showing 1 to
15
of 48 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ