JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.153.165

64.236.153.165 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 55%: ?

55%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.153.165

Whois 64.236.153.165

IP Abuse Reports for 64.236.153.165:

This IP address has been reported a total of 13 times from 11 distinct sources. 64.236.153.165 was first reported on April 9th 2026, and the most recent report was 17 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-14 00:54:43 (17 hours ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇫🇮 mnazibo	2026-06-13 22:00:08 (19 hours ago)	Date: Jun 14 00:51:44 2026 EAT \| Reported IP: 64.236.153.165 mod_security \| id: 920350 \| US/username ... show more Date: Jun 14 00:51:44 2026 EAT \| Reported IP: 64.236.153.165 mod_security \| id: 920350 \| US/usernameab.my_domain/- \| Connections: 1 \| Blocked: Permanent Block: [LF_MODSEC] \| Logs: ; Host header is a numeric IP address; Host header is a numeric IP address show less	SQL Injection Brute-Force Bad Web Bot
🇺🇸 Axel	2026-06-13 20:14:34 (21 hours ago)	Blocked by UFW on MVI [2083/tcp] \| SPT: 47746 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2083/tcp] \| SPT: 47746 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2026-06-13 19:44:32 (22 hours ago)	Drop from IP address 64.236.153.165 to tcp-port 2083	Port Scan
🇺🇸 TPI-Abuse	2026-06-13 18:18:04 (23 hours ago)	(mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 14:17:57.910030 2026] [security2:error] [pid 30778:tid 30778] [client 64.236.153.165:47599] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.227"] [uri "/.git/HEAD"] [unique_id "ai2e1Ztj0AIcK0hlHPblNAAAABE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 CBJ	2026-06-13 18:06:47 (23 hours ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇬🇧 PeravixGroup	2026-06-01 17:35:51 (1 week ago)	Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. A ... show more Honeypot detection: Web application scanning / reconnaissance attempt on port 8080. Severity: LOW. Aaran.cloud show less	Port Scan Bad Web Bot
🇺🇸 RAP	2026-06-01 13:18:04 (1 week ago)	2026-06-01 13:18:04 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇺🇸 mutebot.net	2026-05-07 02:44:37 (1 month ago)	SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2053 SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=208 ... show more SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2053 SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2083 SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2087 SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2096 SRC=64.236.153.165, PROTO=TCP, SPT=58368, DPT=2053 show less	Port Scan
🇯🇵 demonsword	2026-04-30 10:06:36 (1 month ago)	Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was ... show more Detected by SentinelX honeypot: sent HTTP CONNECT request probing for an open proxy. Connection was hijacked and held in a tarpit to slow down the scan. Probed target: speed.cloudflare.com:443 show less	Open Proxy Port Scan
🇺🇸 Rayulcifer	2026-04-13 23:59:11 (2 months ago)	64.236.153.165 - - [13/Apr/2026:18:59:06 -0500] "\x16\x03\x01\x05\xd4\x01" 400 392 "-" "-" 64.236.15 ... show more 64.236.153.165 - - [13/Apr/2026:18:59:06 -0500] "\x16\x03\x01\x05\xd4\x01" 400 392 "-" "-" 64.236.153.165 - - [13/Apr/2026:18:59:06 -0500] "\x16\x03\x01\x05\xd4\x01" 400 392 "-" "-" ... show less	Open Proxy Port Scan Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-04-10 01:06:14 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 21:06:07.502098 2026] [security2:error] [pid 3770205:tid 3770205] [client 64.236.153.165:48320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "correeo.gisur.com"] [uri "/@fs/app/.git/config"] [unique_id "adhM_8GLb4LEYxrTssgVzgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-09 23:54:05 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.153.165 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 19:54:01.156086 2026] [security2:error] [pid 1240979:tid 1240979] [client 64.236.153.165:48320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "carboncreekwood.com"] [uri "/@fs/app/.git/config"] [unique_id "adg8GQe1hbYihf4weja3OwAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 223.109.252.252

🇭🇰 152.32.171.184

🇳🇬 102.90.100.206

🇮🇷 85.133.193.72

🇺🇸 64.62.156.149

🇺🇸 50.116.49.221

🇺🇸 45.33.12.122

🇺🇸 34.58.124.191

🇻🇳 14.171.89.86

🇸🇬 8.222.210.33

🇬🇧 2a06:4880:2000::3e

🇮🇳 2400:d321:2215:8536::1

🇨🇦 209.209.8.82

🇺🇸 172.253.8.157

🇺🇸 154.83.197.70

🇺🇸 135.237.125.78

🇨🇳 117.62.22.127

🇮🇳 103.192.198.173

🇩🇪 69.5.169.117

🇩🇴 45.172.153.100