JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.161.23

64.236.161.23 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 13%: ?

13%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.161.23

Whois 64.236.161.23

IP Abuse Reports for 64.236.161.23:

This IP address has been reported a total of 26 times from 22 distinct sources. 64.236.161.23 was first reported on September 24th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-12 18:54:26 (3 weeks ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
Anonymous	2026-05-12 18:15:14 (3 weeks ago)	2026-05-12 18:15:14 warning[2333025]: host unknown[64.236.161.23]: unauthorized access att ... show more 2026-05-12 18:15:14 warning[2333025]: host unknown[64.236.161.23]: unauthorized access attempted: tcp/8080 show less	Port Scan Brute-Force
🇳🇱 homeshowdomain.nl	2026-04-08 22:00:46 (1 month ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-04-07. show less	Web App Attack SSH Hacking
🇺🇸 octageeks.com	2026-04-07 04:08:50 (2 months ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇩🇪 dklueh79	2026-04-07 04:05:31 (2 months ago)	Probe for vulnerabilities. Path attempted: /.git/config	Web App Attack
🇩🇪 Blexyel	2026-04-07 04:00:36 (2 months ago)	64.236.161.23 - - [07/Apr/2026:06:00:35 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 ... show more 64.236.161.23 - - [07/Apr/2026:06:00:35 +0200] "GET /.git/config HTTP/1.1" 200 265 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36" "pingusmc.org" ... show less	Brute-Force Web App Attack
🇩🇪 Ba-Yu	2026-04-07 03:41:51 (2 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 marcel-knorr.de	2026-04-07 03:13:59 (2 months ago)	[MK-Root1] Blocked by UFW	Brute-Force Port Scan
🇮🇩 Burayot	2026-04-07 02:30:25 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.236.161.23 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.236.161.23 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇯🇵 S.O.B.A. Dev.	2026-04-07 02:22:37 (2 months ago)	Web vulnerability scanning	Brute-Force Web Spam Web App Attack
🇩🇪 FeG Deutschland	2026-04-07 01:35:15 (2 months ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 12	Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-04-07 01:32:33 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.161.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.161.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 21:32:27.659182 2026] [security2:error] [pid 1286165:tid 1286165] [client 64.236.161.23:32619] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arkansasbest.com"] [uri "/.git/config"] [unique_id "adReq-DXUISuPH0Ls1bNwAAAABQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 sincler	2026-04-07 01:32:00 (2 months ago)	64.236.161.23 forged agent trying exploits	Web App Attack Hacking
🇧🇪 cmbplf	2026-04-07 01:31:50 (2 months ago)	358 requests with url.path */.git/config	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-04-07 00:50:47 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 64.236.161.23 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.161.23 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 20:50:42.109325 2026] [security2:error] [pid 716626:tid 716626] [client 64.236.161.23:31950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "maths-teacher-in-phnom-penh.com.globalvillagecambodia.org"] [uri "/.git/config"] [unique_id "adRU4uXxFsB6KMkBaMA5bQAAABA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇿🇦 105.209.146.185

🇨🇳 101.96.193.131

🇺🇸 73.227.164.131

🇳🇱 31.42.176.142

🇰🇷 106.246.89.72

🇮🇩 103.187.165.26

🇮🇳 103.105.176.69

🇬🇧 92.27.157.252

🇮🇷 85.204.76.139

🇿🇦 66.8.6.149

🇺🇸 64.31.25.250

🇷🇺 2a09:bac5:51ee:2496::3a5:15

🇨🇳 222.134.162.140

🇰🇷 220.118.129.2

🇪🇨 200.69.184.154

🇵🇱 188.212.135.52

🇱🇰 124.43.80.221

🇨🇳 111.59.205.48

🇦🇺 103.197.66.56

🇮🇳 103.49.131.239