JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.188.120.97

64.188.120.97 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 0%: ?

ISP	Ace Data Centers II, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS32613
Domain Name	acedatacenter.com
Country	🇨🇦 Canada
City	Montreal, Quebec

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.188.120.97

Whois 64.188.120.97

IP Abuse Reports for 64.188.120.97:

This IP address has been reported a total of 5 times from 2 distinct sources. 64.188.120.97 was first reported on July 3rd 2025, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-27 03:18:31 (4 months ago)	(mod_security) mod_security (id:211190) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211190) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jan 26 22:18:28.173981 2026] [security2:error] [pid 23296:tid 23322] [client 64.188.120.97:49175] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|mail.kettlehill.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /images/index.html?id=%24%7B%40print_r%28%40system%28%22cat+/etc/passwd%22%29%29%7D"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.kettlehill.com"] [uri "/images/index.html"] [unique_id "aXguhEnBpq4P6Y3u9V4KMgAAANY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-18 00:50:42 (5 months ago)	(mod_security) mod_security (id:210492) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 17 19:50:38.812032 2026] [security2:error] [pid 5309:tid 5309] [client 64.188.120.97:55625] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcalendars.nbcnewsradio.com"] [uri "/content../.git/config"] [unique_id "aWwuXt8wk9uswuxaaZsdtgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-11-13 09:45:05 (7 months ago)	(mod_security) mod_security (id:210492) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Nov 13 04:44:56.360771 2025] [security2:error] [pid 23022:tid 23022] [client 64.188.120.97:43361] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.nbcnewsradio.com"] [uri "/.env.nbcnewsradio"] [unique_id "aRWomKklbBaR9OsAr6bR3QAAAB0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-07-03 19:50:04 (11 months ago)	\| A web attack returned code 200 (success).	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-07-03 13:49:59 (11 months ago)	(mod_security) mod_security (id:221260) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:221260) triggered by 64.188.120.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 03 09:49:05.147475 2025] [security2:error] [pid 20624:tid 20646] [client 64.188.120.97:49315] ModSecurity: Access denied with code 403 (phase 1). Pattern match "^(?:\\\\'\\\\w+?=)?\\\\(\\\\)\\\\s{" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "77"] [id "221260"] [rev "3"] [msg "COMODO WAF: Shellshock Command Injection Vulnerabilities in GNU Bash through 4.3 bash43-026 (CVE-2014-7187, CVE-2014-7186, CVE-2014-7169, CVE-2014-6278, CVE-2014-6277, CVE-2014-6271)\|\|cpcontacts.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpcontacts.kettlehill.com"] [uri "/"] [unique_id "aGaKUdVUSGmXdzhzbswMNwAAABQ"], referer: () { ignored; }; echo Content-Type: text/html; echo ; /bin/cat /etc/passwd show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.163.125.241

🇺🇸 100.33.140.195

🇫🇷 2001:41d0:33a:a00::40a

🇨🇳 180.76.226.129

🇨🇳 116.171.162.109

🇺🇸 66.132.195.58

🇵🇪 45.236.44.109

🇺🇸 43.153.70.250

🇳🇱 204.76.203.219

🇧🇷 177.69.176.217

🇺🇸 167.99.5.1

🇰🇷 106.246.224.218

🇩🇪 46.225.189.44

🇳🇱 45.148.10.141

🇳🇱 45.142.193.24

🇫🇮 37.27.197.191

🇳🇱 5.61.209.224

🇳🇱 5.61.209.92

🇯🇴 2a01:9700:4f0d:1000:d49f:ab69:df20:44b5

🇺🇸 216.45.75.104