JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.49.38.108

64.49.38.108 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 2%: ?

ISP	Hostaly LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	hostaly.io
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.49.38.108

Whois 64.49.38.108

IP Abuse Reports for 64.49.38.108:

This IP address has been reported a total of 7 times from 6 distinct sources. 64.49.38.108 was first reported on April 27th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-26 11:20:44 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 64.49.38.108 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 64.49.38.108 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 07:20:38.722615 2026] [security2:error] [pid 24483:tid 24511] [client 64.49.38.108:19697] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|adultbaja.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "adultbaja.com"] [uri "/2024.db"] [unique_id "ahWCBozLRVJ0M_P1JgZ2fgAAAQM"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 OnTheEdge	2025-11-28 13:46:14 (6 months ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇨🇭 backslash	2025-11-19 19:01:16 (6 months ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-16 05:44:23 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 64.49.38.108 (64-49-38-108.cloudairone.com): 1 ... show more (mod_security) mod_security (id:210350) triggered by 64.49.38.108 (64-49-38-108.cloudairone.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Oct 16 01:44:16.220015 2025] [security2:error] [pid 24797:tid 24797] [client 64.49.38.108:25081] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|form-a-tool.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "form-a-tool.com"] [uri "/"] [unique_id "aPCGMBv8QGGFmVw793swaAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-13 16:38:02 (9 months ago)	(WPLOGIN) WP Login Attack 64.49.38.108 (US/United States/64-49-38-108.cloudairone.com): 10 in the la ... show more (WPLOGIN) WP Login Attack 64.49.38.108 (US/United States/64-49-38-108.cloudairone.com): 10 in the last 3600 secs; Ports: *; Direction: 1 show less	Brute-Force SSH
🇺🇸 nowyouknow	2025-05-03 05:56:40 (1 year ago)	(From [email protected]) Engage with 100M web forms immediately. Just as you received ... show more (From [email protected]) Engage with 100M web forms immediately. Just as you received this message and are perusing it currently, numerous website owners/managers will receive your message. ++ Check out: https://contactformleads.com now Innovative Targeted marketing in bulk for low cost. - Connect with businesses at scale - Generate sales, prospects, contracts - Get into the inbox of millions from $22 Catapult your company immediately! ++ Check out: https://contactformleads.com now Whenever you wish to stop getting any more communications from our side, please visit this link: bit. ly/plsremovefrom Donk 58, Kessel, CA, USA, 5995 Pm show less	Phishing Web Spam
🇺🇸 oncord	2025-04-27 08:36:26 (1 year ago)	Form spam	Web Spam

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.192

🇧🇷 205.210.31.167

🇳🇱 176.65.139.130

🇺🇸 66.45.144.201

🇮🇳 59.145.170.227

🇲🇾 49.124.153.17

🇫🇷 151.80.133.171

🇵🇱 146.59.127.80

🇷🇺 94.29.124.154

🇷🇴 92.118.39.62

🇺🇸 205.210.31.108

🇹🇼 198.235.24.96

🇹🇼 198.235.24.88

🇺🇸 159.223.149.107

🇮🇳 103.25.47.94

🇹🇼 101.13.1.58

🇩🇪 54.37.200.211

🇩🇪 46.101.127.96

🇴🇲 45.94.57.132

🇻🇳 36.50.135.229