JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.140.181

64.236.140.181 was found in our database!

This IP was reported 46 times. Confidence of Abuse is 100%: ?

100%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.140.181

Whois 64.236.140.181

IP Abuse Reports for 64.236.140.181:

This IP address has been reported a total of 46 times from 35 distinct sources. 64.236.140.181 was first reported on January 2nd 2026, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-02 12:14:58 (2 days ago)	Unauthorized access (tcp/8080 - Scan for open web proxy)	Port Scan
🇫🇮 ngonghillsbikers	2026-06-02 12:00:06 (2 days ago)	Date: Jun 02 14:44:17 2026 EAT \| Reported IP: 64.236.140.181 mod_security \| id: 920350 930130 949110 ... show more Date: Jun 02 14:44:17 2026 EAT \| Reported IP: 64.236.140.181 mod_security \| id: 920350 930130 949110 920440 \| US/my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header is a numeric IP address; Host header is a numeric IP address; Restricted File Access Attempt; Inbound Anomaly Score Exceeded (Total Score: 8); Host header i show less	SQL Injection Brute-Force Bad Web Bot
🇺🇸 MPL	2026-06-02 11:54:45 (2 days ago)	tcp port scan (8 or more attempts)	Port Scan
Anonymous	2026-06-02 11:39:31 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 Mark--	2026-06-02 11:22:40 (2 days ago)	Unauthorized connection attempt detected port 8080	Hacking
🇩🇪 nyt	2026-06-02 10:54:54 (2 days ago)	Sensitive File Probe	Web App Attack
Anonymous	2026-06-02 10:12:19 (2 days ago)	Hit honeypot r.	Port Scan Hacking Exploited Host
🇩🇪 MBombeck	2026-06-02 10:08:43 (2 days ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack
🇺🇸 TPI-Abuse	2026-06-02 10:02:24 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.140.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.140.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 06:02:19.452240 2026] [security2:error] [pid 5560:tid 5560] [client 64.236.140.181:12425] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.69"] [uri "/.git/HEAD"] [unique_id "ah6qK7bNBVdxNTzmtkZ8nQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 tpjg	2026-06-02 09:58:30 (2 days ago)	Automated: 15 requests with error status in 120s window from 64.236.140.181. Evidence: /___proxy_sub ... show more Automated: 15 requests with error status in 120s window from 64.236.140.181. Evidence: /___proxy_subdomain_whm/login/:404,/backup.sql:301,/app/config/parameters.yml:301,/config.php:301,/.DS_Store:301,/actuator/env:301,/server-status:301,/phpinfo.php:301,/config/database.yml:301,/wp-config.php.bak:301,/wp-config.php:301,/.env.save:301,/.env.backup:301,/.env:301,/.git/config:301 show less	Web App Attack
🇺🇸 RAP	2026-06-02 09:35:58 (2 days ago)	2026-06-02 09:35:58 UTC Unauthorized activity to TCP port 8443. Web App	Port Scan Web App Attack
🇳🇱 BIV	2026-06-02 09:34:13 (2 days ago)	Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2082,2083,2086,2087,44 ... show more Honeypot multi-source hit. Sources: dshield:fw,tpot:P0f,tpot:Suricata. Ports: 2082,2083,2086,2087,443,80,8080,8443. Automated tiered (T-Pot+DShield). show less	Port Scan Hacking Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-02 09:32:05 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.140.181 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.140.181 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 02 05:31:58.625005 2026] [security2:error] [pid 20839:tid 20861] [client 64.236.140.181:15741] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.85"] [uri "/.git/HEAD"] [unique_id "ah6jDnZS8Dv6pKBYgPFnvwAAANQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 PeravixGroup	2026-06-02 09:30:30 (2 days ago)	Honeypot detection: Web admin panel / CMS brute-force probe on port 8080. Severity: HIGH. Aaran.clou ... show more Honeypot detection: Web admin panel / CMS brute-force probe on port 8080. Severity: HIGH. Aaran.cloud show less	Web App Attack
🇩🇪 mondor.ro	2026-06-02 09:14:31 (2 days ago)	Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 64.236.140.181, Reason ... show more Cluster member 148.251.176.225 (DE/Germany/antares.webyouridea.ro) said, DENY 64.236.140.181, Reason:[(mod_security) mod_security (id:210492) triggered by 64.236.140.181 (US/United States/-): 3 in the last 3600 secs]; Ports: *; Direction: inout; Trigger: LF_CLUSTER; Logs: show less	Port Scan

Showing 16 to 30 of 46 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇺 202.123.26.150

🇪🇸 188.114.111.43

🇧🇷 181.214.221.109

🇸🇬 140.245.32.185

🇺🇸 104.164.126.160

🇪🇸 90.170.47.115

🇷🇴 89.37.116.208

🇷🇴 80.94.92.165

🇨🇦 70.81.127.119

🇬🇭 41.139.37.148

🇮🇶 37.239.213.6

🇷🇺 178.178.194.151

🇬🇧 178.128.32.203

🇧🇷 177.152.69.54

🇳🇱 176.65.139.151

🇺🇸 147.185.132.29

🇨🇳 122.224.205.42

🇮🇳 106.215.160.219

🇨🇳 106.75.49.194

🇨🇳 106.75.36.195