AbuseIPDB » 49.37.194.64
49.37.194.64 was found in our database!
This IP was reported 8 times. Confidence of
Abuse
is 0% : ?
ISP
Reliance Jio Infocomm Limited
Usage Type
Fixed Line ISP
ASN
AS55836
Domain Name
jio.com
Country
๐ฎ๐ณ
India
City
Ambattur, Tamil Nadu
IP info including ISP, Usage Type, and Location provided
by IPInfo . Updated weekly.
IP Abuse Reports for 49.37.194.64 :
This IP address has been reported a total of
8
times from
7 distinct
sources.
49.37.194.64 was first reported on
December 21st 2022 , and the most recent report was
2 years ago .
Old Reports:
The most recent abuse report for this IP address is from
2 years ago
. It is possible that this IP is no longer involved in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
๐ซ๐ท
ldesaignes_naveco
2023-12-01 15:44:04
(2 years ago)
Searching for ../../../../../../../../etc/passwd{{
Web App Attack
๐ฉ๐ช
Jaime
2023-12-01 09:11:34
(2 years ago)
[30/Nov/2023:12:27:57 +0100] "GET /solr/admin/cores?wt=json " UA "Mozilla/5.0 (Windows NT 6.1) Apple ...
show more
[30/Nov/2023:12:27:57 +0100] "GET /solr/admin/cores?wt=json " UA "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36"
show less
Web App Attack
๐บ๐ธ
TPI-Abuse
2023-12-01 08:17:48
(2 years ago)
(mod_security) mod_security (id:211190) triggered by 49.37.194.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:211190) triggered by 49.37.194.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Dec 01 03:17:41.125214 2023] [security2:error] [pid 3102795] [client 49.37.194.64:45922] [client 49.37.194.64] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt||desertvacationvillas.com|F|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /solr/Home/debug/dump?stream.url=file:///etc/passwd¶m=ContentStream"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desertvacationvillas.com"] [uri "/solr/Home/debug/dump"] [unique_id "ZWmWpcp_q4V-q6I8geRDRQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2023-11-30 16:08:12
(2 years ago)
Exploit attempt detected
Hacking
Brute-Force
Web App Attack
Anonymous
2023-11-30 15:38:44
(2 years ago)
49.37.194.64 - - \[30/Nov/2023:23:38:42 +0800\] \"GET /solr/admin/cores\?wt=json HTTP/1.1\" 404 4927 ...
show more
49.37.194.64 - - \[30/Nov/2023:23:38:42 +0800\] \"GET /solr/admin/cores\?wt=json HTTP/1.1\" 404 49279 \"-\" \"Mozilla/5.0 \(Macintosh\; Intel Mac OS X 10_8_3\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/54.0.2866.71 Safari/537.36\"
show less
Web App Attack
๐บ๐ธ
ANTI SCANNER
2023-11-30 11:22:24
(2 years ago)
Scanner : /solr/admin/cores?wt=json
Web Spam
๐บ๐ธ
TPI-Abuse
2023-11-29 15:42:01
(2 years ago)
(mod_security) mod_security (id:243930) triggered by 49.37.194.64 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:243930) triggered by 49.37.194.64 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Nov 29 10:41:54.538829 2023] [security2:error] [pid 24508:tid 47517955434240] [client 49.37.194.64:60810] [client 49.37.194.64] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?:\\\\w+\\\\/[\\\\w\\\\-\\\\.]+)(?:;(?:charset=[\\\\w\\\\-]{1,18}|boundary=[\\\\w\\\\-]+)?)?$" against "REQUEST_HEADERS:Content-Type" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "6743"] [id "243930"] [rev "2"] [msg "COMODO WAF: Remote code execution in Apache Struts versions 2.3.31 - 2.3.5 and 2.5 - 2.5.10 (CVE-2017-5638)||aafm.us|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "aafm.us"] [uri "/"] [unique_id "ZWdbwozj8j4tif_djpfeEQAAAUw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ช๐ธ
10dencehispahard SL
2022-12-21 10:24:17
(3 years ago)
Unauthorized login attempts [ wordpress-xmlrpc]
Brute-Force
Web App Attack
Showing 1 to
8
of 8 reports
Think this IP has been falsely reported? You may request to have the associated
reports reviewed and removed.
Request Takedown ๐ฉ
Recently Reported IPs: