JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.236.177.97

64.236.177.97 was found in our database!

This IP was reported 26 times. Confidence of Abuse is 91%: ?

91%

ISP	Microsoft Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇺🇸 United States of America
City	Chicago, Illinois

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.236.177.97

Whois 64.236.177.97

IP Abuse Reports for 64.236.177.97:

This IP address has been reported a total of 26 times from 23 distinct sources. 64.236.177.97 was first reported on September 10th 2025, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 xmission.com	2026-06-10 05:30:00 (14 hours ago)	Blocked by UFW (TCP on 8080) Source port: 64645 TTL: 49 Packet length: 60 TOS: 0x00 This report (fo ... show more Blocked by UFW (TCP on 8080) Source port: 64645 TTL: 49 Packet length: 60 TOS: 0x00 This report (for 64.236.177.97) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan Web App Attack
🇺🇸 mc4bbs	2026-06-10 04:28:39 (15 hours ago)	Automated Apache detection on Windows host. 5 suspicious HTTP requests within 300 seconds. Examples: ... show more Automated Apache detection on Windows host. 5 suspicious HTTP requests within 300 seconds. Examples: GET /.env -> 404 UA=""; GET /.env.save -> 404 UA=""; GET /wp-config.php -> 404 UA=""; GET /wp-config.php.bak -> 404 UA=""; GET /server-status -> 404 UA="" show less	Web App Attack Hacking
🇯🇵 VXG-NET	2026-06-10 04:07:10 (15 hours ago)	port=80, indicator_type=info-leak	Hacking
🇧🇾 lns.bz	2026-06-10 03:31:07 (16 hours ago)	Too many 404 requests [BY]	Web App Attack
🇹🇼 kk_it_man	2026-06-10 02:50:12 (17 hours ago)		Port Scan
🇹🇭 Sawasdee	2026-06-10 02:39:11 (17 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇺🇸 MPL	2026-06-10 02:24:01 (17 hours ago)	tcp port scan (8 or more attempts)	Port Scan
🇫🇷 geeek	2026-06-10 01:00:44 (19 hours ago)	Port scanning: 8080 TCP Blocked	Port Scan
🇷🇸 Scan	2026-06-10 00:51:02 (19 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 Matthew Ping	2026-06-10 00:45:03 (19 hours ago)	ModSecurity rule 949110 triggered on clearedge3d. Web application attack blocked by CSF/LFD.	Web App Attack Hacking
🇩🇪 bescared	2026-06-10 00:37:42 (19 hours ago)	F2B - Malicious activity detected. Excessive port scans. -c23856ef-	Port Scan
🇺🇸 kelliwic.net	2026-06-10 00:22:36 (19 hours ago)	Port scan detected (F2B)	Port Scan
🇯🇵 jay hung	2026-06-09 05:12:47 (1 day ago)	2026-06-09T05:12:45.823748+00:00 quarktech kernel: [816807.827094] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ... show more 2026-06-09T05:12:45.823748+00:00 quarktech kernel: [816807.827094] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=64.236.177.97 DST=172.237.20.248 LEN=40 TOS=0x00 PREC=0x00 TTL=230 ID=52143 PROTO=TCP SPT=2048 DPT=7848 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇺🇸 TPI-Abuse	2026-05-20 15:23:38 (3 weeks ago)	(mod_security) mod_security (id:210492) triggered by 64.236.177.97 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.236.177.97 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 11:23:33.377802 2026] [security2:error] [pid 5004:tid 5004] [client 64.236.177.97:63832] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chikusa.net"] [uri "/.env"] [unique_id "ag3R9TywcL77h0ETmu8Y1gAAABo"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2026-05-20 13:45:03 (3 weeks ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 15 of 26 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 183.198.140.197

🇨🇳 180.76.179.77

🇧🇪 198.235.24.237

🇹🇼 198.235.24.96

🇺🇸 153.66.28.132

🇺🇸 147.185.132.129

🇺🇸 147.185.132.111

🇨🇳 125.76.228.194

🇯🇵 103.163.220.85

🇺🇸 63.135.161.4

🇺🇸 47.251.124.86

🇭🇰 43.132.227.251

🇺🇸 20.98.136.63

🇺🇸 147.185.132.239

🇺🇸 48.214.53.177

🇩🇪 46.224.239.112

🇺🇸 3.141.167.212

🇺🇸 138.197.208.106

🇨🇳 125.114.224.60

🇨🇳 123.163.215.248