JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.49.38.246

64.49.38.246 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 16%: ?

16%

ISP	Hostaly LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	hostaly.io
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.49.38.246

Whois 64.49.38.246

IP Abuse Reports for 64.49.38.246:

This IP address has been reported a total of 7 times from 7 distinct sources. 64.49.38.246 was first reported on June 25th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Oakley	2026-06-04 18:41:56 (2 weeks ago)	(mod_security) mod_security (id:900177) triggered by 64.49.38.246 (US/United States/-): 5 in the las ... show more (mod_security) mod_security (id:900177) triggered by 64.49.38.246 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-06-03 05:18:02 (2 weeks ago)	(mod_security) mod_security (id:211190) triggered by 64.49.38.246 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211190) triggered by 64.49.38.246 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 01:17:52.846084 2026] [security2:error] [pid 29507:tid 29507] [client 64.49.38.246:23329] ModSecurity: Access denied with code 403 (phase 2). Match of "contains cpanel" against "REQUEST_URI" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "55"] [id "211190"] [rev "9"] [msg "COMODO WAF: Remote File Access Attempt\|\|twilighthackers.com\|F\|2"] [data "Matched Data: /etc/ found within REQUEST_URI: /matchportal.php?__waf_test__=%27+OR+%271%27%3D%271%27+UNION+SELECT+NULL%2C%27%3Cscript%3Ealert%281%29%3C%2Fscript%3E%27%2Ctable_name+FROM+information_schema.tables+WHERE+2%3E1--%2F%2A%2A%2F%3B+EXEC+xp_cmdshell%28%27cat+%2Fetc%2Fpasswd%27%29%23&pair=%2A"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "twilighthackers.com"] [uri "/matchportal.php"] [unique_id "ah-5ANzRiF-vMCS9PgUnGQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇮 JimArchon72	2026-05-25 18:40:03 (3 weeks ago)	2026/05/25 18:39:11 "GET /wp-login.php?action=register HTTP/1.1"	Web App Attack
🇫🇷 masterguru	2025-12-23 11:18:09 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 64.49.38.246 (US/United States/-): 1 in the la ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 64.49.38.246 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
Anonymous	2025-12-09 00:42:26 (6 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.09 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.09 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-10-23 16:34:55 (7 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇭 backslash	2025-06-25 05:45:05 (11 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 2a06:4880:6000::75

🇷🇺 155.212.192.0

🇺🇸 136.144.33.214

🇳🇱 85.137.95.79

🇸🇬 47.84.16.218

🇬🇧 31.14.254.77

🇮🇩 165.154.151.176

🇺🇸 162.216.150.0

🇯🇵 156.227.235.87

🇺🇸 147.185.132.0

🇸🇬 119.28.106.227

🇮🇳 106.51.92.114

🇵🇱 83.168.95.29

🇺🇸 20.163.38.129

🇩🇪 2a04:4540:1600:5c00:347b:b6d4:e9d5:e359

🇨🇳 223.223.199.221

🇺🇸 205.210.31.6

🇳🇱 176.65.139.204

🇨🇳 121.40.169.125

🇺🇸 20.65.193.207