JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.176.193

64.236.176.193 was found in our database!

This IP was reported 98 times. Confidence of Abuse is 89%: ?

89%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.176.193

Whois 64.236.176.193

IP Abuse Reports for 64.236.176.193:

This IP address has been reported a total of 98 times from 68 distinct sources. 64.236.176.193 was first reported on November 23rd 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 ersei.net	2026-06-14 20:42:07 (1 day ago)	Brute force multiple 403s	Brute-Force
🇺🇸 TPI-Abuse	2026-06-14 20:38:32 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 16:38:29.304429 2026] [security2:error] [pid 32315:tid 32315] [client 64.236.176.193:22661] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.244"] [uri "/.git/config"] [unique_id "ai8RRcLcttSss8u0Xge7-wAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 Blinker73	2026-06-14 19:25:38 (1 day ago)	2026-06-14T15:25 kernel: OUT= SRC=64.236.176.193 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=14719 DF ... show more 2026-06-14T15:25 kernel: OUT= SRC=64.236.176.193 LEN=60 TOS=0x00 PREC=0x00 TTL=45 ID=14719 DF PROTO=TCP SPT=23883 DPT=2078 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T15:25 kernel: OUT= SRC=64.236.176.193 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=52290 DF PROTO=TCP SPT=23888 DPT=2082 WINDOW=64240 RES=0x00 SYN URGP=0 2026-06-14T15:25 kernel: OUT= SRC=64.236.176.193 LEN=60 TOS=0x00 PREC=0x00 TTL=47 ID=25714 DF PROTO=TCP SPT=23885 DPT=2083 WINDOW=64240 RES=0x00 SYN URGP= show less	Port Scan
🇺🇸 lime	2026-06-14 17:33:29 (2 days ago)	64.236.176.193 - - [14/Jun/2026:17:33:28 +0000] "GET /.env.production HTTP/1.1" 302 548 "-" "Mozilla ... show more 64.236.176.193 - - [14/Jun/2026:17:33:28 +0000] "GET /.env.production HTTP/1.1" 302 548 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 15:59:45 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 11:59:39.404806 2026] [security2:error] [pid 19314:tid 19314] [client 64.236.176.193:22671] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.151.12"] [uri "/.git/HEAD"] [unique_id "ai7P65021tEepRkrCyzIRgAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Axel	2026-06-14 15:43:09 (2 days ago)	Blocked by UFW on MVI [2082/tcp] \| SPT: 24267 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github. ... show more Blocked by UFW on MVI [2082/tcp] \| SPT: 24267 \| TTL: 46 \| LEN: 60 \| TOS: 0x00 • Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
🇫🇷 Lunix	2026-06-14 15:27:07 (2 days ago)		Brute-Force Web App Attack
🇬🇧 Apache	2026-06-14 13:26:08 (2 days ago)	(mod_security) mod_security (id:920350) triggered by 64.236.176.193 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:920350) triggered by 64.236.176.193 (US/United States/-): 5 in the last 300 secs (CF_ENABLE) show less	Brute-Force Web App Attack
🇺🇸 MPL	2026-06-14 11:47:29 (2 days ago)	tcp port scan (10 or more attempts)	Port Scan
🇺🇸 TPI-Abuse	2026-06-10 06:02:25 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.236.176.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:02:18.644077 2026] [security2:error] [pid 5606:tid 5606] [client 64.236.176.193:22703] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.224"] [uri "/.git/HEAD"] [unique_id "aij96sHnxmG7XzC_fs41GgAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-06-10 05:59:31 (6 days ago)	Sensitive File Probe	Web App Attack
🇺🇸 RAP	2026-06-10 04:28:42 (6 days ago)	2026-06-10 04:28:42 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇫🇮 Yachiyo Runami	2026-06-10 03:41:26 (6 days ago)	Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 49 \| ... show more Port Scan on Honeypot \| Ports: 8080/HTTP-proxy, 80/HTTP \| Proto: TCP(2) \| Flags: all SYN \| TTL: 49 \| Len: 60B(2x) \| Win: 64240(2) \| F2B/ufw-honeypot@2026-06-10T03:41:26Z show less	Port Scan Hacking
🇺🇸 masterguru	2026-06-10 00:59:54 (6 days ago)	Host header is a numeric IP address. Pattern match "^ (920350-205)	Hacking Bad Web Bot
🇮🇪 AutosOnShow	2026-06-10 00:54:05 (6 days ago)	blocked for webapp attack \| path requested: /.git/config \| seen at 2026-06-10 00:53:06.988 \|	Web App Attack

Showing 1 to 15 of 98 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 222.93.147.233

🇧🇷 177.7.30.146

🇫🇮 147.185.133.132

🇨🇳 120.48.53.174

🇯🇵 103.147.14.125

🇧🇬 79.124.59.78

🇩🇪 69.5.169.44

🇺🇸 66.132.172.228

🇩🇪 54.93.118.121

🇳🇱 45.142.193.169

🇺🇸 45.77.187.54

🇮🇳 20.44.58.80

🇺🇸 20.25.151.124

🇩🇪 5.45.98.53

🇺🇸 192.220.48.198

🇺🇸 192.210.206.103

🇮🇳 182.95.231.82

🇺🇸 157.245.253.169

🇨🇳 123.160.223.72

🇨🇳 112.103.128.56