JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.64.99.5

64.64.99.5 was found in our database!

This IP was reported 30 times. Confidence of Abuse is 26%: ?

26%

ISP	LogicWeb Inc.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS137409
Domain Name	logicweb.com
Country	🇺🇸 United States of America
City	Miami, Florida

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.64.99.5

Whois 64.64.99.5

IP Abuse Reports for 64.64.99.5:

This IP address has been reported a total of 30 times from 16 distinct sources. 64.64.99.5 was first reported on December 8th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-12 07:22:33 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 03:22:29.817968 2026] [security2:error] [pid 27810:tid 27810] [client 64.64.99.5:42120] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|byles.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "byles.net"] [uri "/license.txt"] [unique_id "aiuztUgTAqPXRS0cG84vkAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:56:15 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:56:08.781118 2026] [security2:error] [pid 6271:tid 6271] [client 64.64.99.5:27419] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|jeffj.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "jeffj.net"] [uri "/license.txt"] [unique_id "aiutiPEJKi9hP693RfShCAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-12 06:27:19 (1 week ago)	(mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210801) triggered by 64.64.99.5 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 12 02:27:13.582634 2026] [security2:error] [pid 19190:tid 19190] [client 64.64.99.5:1383] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "paros" at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "17"] [id "210801"] [rev "2"] [msg "COMODO WAF: Request Indicates a Security Scanner Scanned the Site\|\|abakada.net\|F\|2"] [data "mozilla/5.0 (windows nt 5.1; rv:22.0) gecko/20100101 firefox/22.0 paros/3.2.13"] [severity "CRITICAL"] [tag "CWAF"] [tag "Agents"] [hostname "abakada.net"] [uri "/license.txt"] [unique_id "aiumweFDYPxsBEqN0dXk0gAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 punctualsuspension968	2026-06-07 08:57:34 (1 week ago)	blocked by ufw on TCP 6881	Port Scan
🇷🇺 punctualsuspension968	2026-06-05 21:23:13 (1 week ago)	blocked by ufw on TCP 11834	Port Scan
Anonymous	2026-06-05 15:27:48 (2 weeks ago)	tls scan	Port Scan
🇷🇺 punctualsuspension968	2026-06-04 05:13:54 (2 weeks ago)	blocked by ufw on TCP 48177	Port Scan
🇷🇺 punctualsuspension968	2026-06-03 02:31:34 (2 weeks ago)	blocked by ufw on TCP 48177	Port Scan
Anonymous	2026-05-22 18:20:28 (4 weeks ago)	LH-Watcher: FAKE_ID [Fake Googlebot]	Bad Web Bot
🇬🇧 consul.to	2026-05-17 11:31:24 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 consul.to	2026-05-09 04:30:41 (1 month ago)	Web attack/malicious scanning detected	Web App Attack
Anonymous	2026-05-06 14:45:27 (1 month ago)	tls scan	Port Scan
🇧🇷 hostseries	2025-11-27 18:57:22 (6 months ago)	Trigger: LF_IMAPD	Brute-Force
🇺🇸 Starburst SysOp Team	2025-09-08 03:44:17 (9 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-stl2-18)	Hacking Bad Web Bot
🇺🇸 Jason Howell	2025-08-18 00:47:03 (10 months ago)	64.64.99.5 - - [17/Aug/2025:19:26:45 -0500] "GET /wp-login.php HTTP/1.1" 200 4720 "-" "Mozilla/5.0 ( ... show more 64.64.99.5 - - [17/Aug/2025:19:26:45 -0500] "GET /wp-login.php HTTP/1.1" 200 4720 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 64.64.99.5 - - [17/Aug/2025:19:26:47 -0500] "POST /wp-login.php HTTP/1.1" 200 2499 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 64.64.99.5 - - [17/Aug/2025:19:26:52 -0500] "GET /wp-login.php?redirect_to=https://blog.tatpl-traffic.com/wp-admin/&reauth=1 HTTP/1.1" 200 6890 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 64.64.99.5 - - [17/Aug/2025:19:47:02 -0500] "GET /wp-login.php HTTP/1.1" 200 4720 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" 64.64.99.5 - - [17/Aug/2025:19:47:03 -0500] "POST /wp-login.php HTTP/1.1" 200 2499 "-" "Mozilla/5.0 (X11; Linux x86_64; rv:128.0) Gecko/20100101 Firefox/128.0" ... show less	Web App Attack

Showing 1 to 15 of 30 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇩 202.71.181.130

🇸🇪 171.25.158.68

🇻🇳 113.190.213.180

🇰🇷 112.171.133.147

🇰🇷 110.44.240.198

🇸🇬 103.189.234.244

🇫🇷 88.124.253.129

🇳🇱 45.156.87.127

🇮🇹 4.232.80.255

🇺🇸 2601:586:c987:f830:2d:61f5:e040:86a9

🇨🇳 2400:7fc0:8f0d:e500:8cc1:4ace:4374:8b4

🇧🇷 191.242.195.89

🇮🇳 163.61.39.89

🇧🇬 79.124.40.130

🇺🇸 69.164.215.134

🇺🇸 13.222.117.55

🇵🇱 2a02:2a40:a8fa:2c00:9d77:fe03:82ed:3c68

🇸🇬 216.67.230.82

🇧🇪 198.235.24.236

🇳🇵 113.199.139.212