JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.105.88.34

64.105.88.34 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 30%: ?

30%

ISP	GTT Americas, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	h-64-105-88-34.snva.ca.globalcapacity.com
Domain Name	gtt.net
Country	🇳🇿 New Zealand
City	Auckland, Auckland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.105.88.34

Whois 64.105.88.34

IP Abuse Reports for 64.105.88.34:

This IP address has been reported a total of 11 times from 4 distinct sources. 64.105.88.34 was first reported on June 25th 2026, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-27 03:28:42 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 23:28:36.645399 2026] [security2:error] [pid 3843:tid 3843] [client 64.105.88.34:17870] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cucciniello.com"] [uri "/sftp-config.json"] [unique_id "aj9DZJWv38mRh2I2KNJvPwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-27 02:51:20 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 22:51:13.330369 2026] [security2:error] [pid 15193:tid 15193] [client 64.105.88.34:16548] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.cubbylure.com"] [uri "/sftp-config.json"] [unique_id "aj86ocdn66Ds_FUP4hBSZQAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 23:04:23 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 19:04:18.028729 2026] [security2:error] [pid 2027:tid 2051] [client 64.105.88.34:25560] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cspmedia.com"] [uri "/sftp-config.json"] [unique_id "aj8FcgNpbWWJAl0sgbrlCQAAANA"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇺 bcsaba	2026-06-26 21:00:57 (1 day ago)	Suricata: Alert - ET SCAN SFTP/FTP Password Exposure via sftp-config.json	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 20:10:29 (1 day ago)	(mod_security) mod_security (id:210580) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210580) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:10:26.560376 2026] [security2:error] [pid 15903:tid 15903] [client 64.105.88.34:15230] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "sftp-config.json" at REQUEST_COOKIES:handl_url. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "57"] [id "210580"] [rev "2"] [msg "COMODO WAF: OS File Access Attempt\|\|crystaljohns.com\|F\|2"] [data "Matched Data: sftp-config.json found within REQUEST_COOKIES:handl_url: https:/cryptobuzzers.com/sftp-config.json"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "crystaljohns.com"] [uri "/.vscode/sftp.json"] [unique_id "aj7csiewxyN79sH0DsNuGgAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-26 08:06:05 (2 days ago)	Trying to access config files	Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 06:52:14 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 02:52:10.075416 2026] [security2:error] [pid 26199:tid 26199] [client 64.105.88.34:13066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creektech.com"] [uri "/sftp-config.json"] [unique_id "aj4hmsbzE3UGMLD6KHZ0yAAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 05:44:29 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 01:44:26.306626 2026] [security2:error] [pid 20570:tid 20581] [client 64.105.88.34:2344] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "credit-card-cap.com"] [uri "/sftp-config.json"] [unique_id "aj4Rulm3v_KKsuIbQeEsGwAAAIg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-26 04:01:33 (2 days ago)	(mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:210492) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 00:01:30.116518 2026] [security2:error] [pid 27095:tid 27095] [client 64.105.88.34:20182] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/sftp-config.json" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "creativeinteriors.co.com"] [uri "/sftp-config.json"] [unique_id "aj35mjXSw7GrmCsIX9uJWgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-06-25 18:21:57 (2 days ago)	[ThuJun2520:21:55.6018402026][security2:error][pid1542835:tid1543015][client64.105.88.34:0]ModSecuri ... show more [ThuJun2520:21:55.6018402026][security2:error][pid1542835:tid1543015][client64.105.88.34:0]ModSecurity:Accessdeniedwithcode403\(phase2\).OperatorGEmatched5atTX:anomaly_score.[file\"/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf\"][line\"94\"][id\"949110\"][msg\"InboundAnomalyScoreExceeded\(TotalScore:5\)\"][severity\"CRITICAL\"][ver\"OWASP_CRS/3.3.9\"][tag\"application-multi\"][tag\"language-multi\"][tag\"platform-multi\"][tag\"attack-generic\"][hostname\"cpfacilityservices.ch\"][uri\"/sftp-config.json\"][unique_id\"aj1xw8HYvZKs6lmPYf6ydwAAAQ8\"] show less	Port Scan Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 18:17:27 (2 days ago)	(mod_security) mod_security (id:949110) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapa ... show more (mod_security) mod_security (id:949110) triggered by 64.105.88.34 (h-64-105-88-34.snva.ca.globalcapacity.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 14:17:20.027419 2026] [security2:error] [pid 31129:tid 31129] [client 64.105.88.34:53452] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "cpectec.com"] [uri "/sftp-config.json"] [unique_id "aj1wsMURumQ6-_MypxZp7QAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:4002:c0f::12c

🇲🇽 189.178.86.243

🇮🇳 182.95.119.30

🇧🇷 177.11.185.21

🇧🇷 45.205.1.42

🇰🇿 45.8.119.168

🇺🇸 40.67.161.178

🇺🇸 20.106.49.209

🇪🇸 196.196.150.4

🇧🇷 177.11.185.208

🇧🇷 177.11.185.207

🇹🇭 165.154.120.223

🇳🇱 91.92.40.11

🇫🇷 51.77.158.34

🇸🇬 47.84.202.108

🇺🇸 3.93.148.188

🇺🇸 216.73.160.46

🇻🇳 180.93.249.92

🇧🇷 177.11.185.205

🇧🇷 177.11.185.204