JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.137.124.118

64.137.124.118 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 3%: ?

ISP	FASTPLANET LTD
Usage Type	Commercial
ASN	AS133944
Domain Name	fastplanet.com
Country	🇨🇭 Switzerland
City	Zurich, Zurich

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.137.124.118

Whois 64.137.124.118

IP Abuse Reports for 64.137.124.118:

This IP address has been reported a total of 13 times from 9 distinct sources. 64.137.124.118 was first reported on August 13th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-18 00:51:18 (1 week ago)	(mod_security) mod_security (id:900178) triggered by 64.137.124.118 (CH/Switzerland/-): 5 in the las ... show more (mod_security) mod_security (id:900178) triggered by 64.137.124.118 (CH/Switzerland/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-01-17 11:24:32 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 06:24:24.827422 2026] [security2:error] [pid 10257:tid 10257] [client 64.137.124.118:48943] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/.wp-config.php.swp"] [unique_id "aWtxaJo49389fpNvhRcLEgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-29 20:59:19 (5 months ago)	(mod_security) mod_security (id:221260) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 15:58:10.667839 2025] [security2:error] [pid 21770:tid 21792] [client 64.137.124.118:53425] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcalendars.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.kettlehill.com"] [uri "/cgi-bin/test-cgi"] [unique_id "aVLrYu1IUNfWG5lsn0G23QAAAZM"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:33:19 (7 months ago)	(mod_security) mod_security (id:211190) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:33:11.700253 2025] [security2:error] [pid 12198:tid 12198] [client 64.137.124.118:37157] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|ftp.nbcnewsradio.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_dwgraphs&controller=../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/index.php"] [unique_id "aRWl10sL0RX8zB2r_omWGgAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 dayda.net	2025-10-13 03:22:31 (8 months ago)	query: option=com_rsfiles&task=files.display&path=../../../../../../../../../etc/passwd	Bad Web Bot
🇸🇪 Johan Finn	2025-08-15 21:11:30 (10 months ago)	malicious activity, botnet	Web App Attack
🇺🇸 TPI-Abuse	2025-07-27 01:10:10 (11 months ago)	(mod_security) mod_security (id:211190) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:211190) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 26 21:10:03.642148 2025] [security2:error] [pid 404369:tid 404475] [client 64.137.124.118:58731] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|kettlehill.net\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /index.php?option=com_janews&controller=../../../../../../../../../../etc/passwd%00"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kettlehill.net"] [uri "/index.php"] [unique_id "aIV8a41ApCwrT9-Kn8W18QAAAIY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-29 19:19:19 (1 year ago)	(mod_security) mod_security (id:221260) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:221260) triggered by 64.137.124.118 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 29 15:19:01.836265 2025] [security2:error] [pid 3285370:tid 3285370] [client 64.137.124.118:51575] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|whm.farmers123.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "whm.farmers123.com"] [uri "/cgi-bin/status"] [unique_id "aDizJQSwJe7qJFVObHLlegAAAAg"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Vincent Helmus	2025-05-16 17:40:20 (1 year ago)	ALL	DNS Compromise DNS Poisoning Fraud Orders DDoS Attack FTP Brute-Force Ping of Death Phishing Fraud VoIP Open Proxy Web Spam Email Spam Blog Spam VPN IP Port Scan Hacking SQL Injection Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
Anonymous	2025-05-06 07:20:28 (1 year ago)		Web App Attack
Anonymous	2025-01-24 18:50:13 (1 year ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇩🇪 David Ferneding	2025-01-04 22:14:51 (1 year ago)	Part of large-scale ddos-attack, 91279 requests from this ip	DDoS Attack
🇨🇭 backslash	2024-08-13 03:59:28 (1 year ago)		Web Spam

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇦 82.167.60.116

🇨🇳 27.8.44.168

🇬🇧 2a06:4880:6000::6e

🇦🇪 217.165.186.130

🇧🇷 179.48.110.34

🇦🇿 172.68.30.148

🇺🇸 172.64.217.207

🇹🇷 159.146.88.249

🇫🇷 159.26.105.150

🇭🇰 152.32.215.224

🇨🇳 117.34.85.169

🇺🇸 74.125.191.17

🇹🇼 61.228.164.119

🇺🇸 45.55.137.212

🇸🇦 37.104.130.85

🇨🇳 1.83.125.118

🇺🇸 2607:f8b0:4023:100f::12c

🇧🇷 205.210.31.140

🇯🇵 203.25.124.103

🇮🇹 194.183.24.66