JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.49.38.87

64.49.38.87 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 9%: ?

ISP	Hostaly LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	hostaly.io
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.49.38.87

Whois 64.49.38.87

IP Abuse Reports for 64.49.38.87:

This IP address has been reported a total of 9 times from 6 distinct sources. 64.49.38.87 was first reported on October 26th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-16 22:26:55 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 64.49.38.87 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 64.49.38.87 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 18:26:45.724833 2026] [security2:error] [pid 8701:tid 8701] [client 64.49.38.87:20497] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Dalton II/Thumbs.db"] [unique_id "agjvJZUYdBCUV2qRj5h9vgAAABU"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Dalton%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-04-16 14:03:25 (1 month ago)	block ruleset 798ECF92F12ADC636D3520C2890AF17ADEFDE3BE	Bad Web Bot
🇨🇭 backslash	2026-02-08 14:25:04 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 Psycho Solutions LLC	2026-01-27 17:42:43 (4 months ago)	Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User A ... show more Detected Wordpress Scanning. - Request Method: GET - Target: {PC} wp-json/wp/v2/users - User Agent: N/A - Timestamp: 1/27/2026 5:42 pm (UTC-6) show less	Web Spam Hacking Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-01-01 12:56:10 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.49.38.87 (US/United States/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 64.49.38.87 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇱🇻 garmtech.com	2025-12-27 12:58:45 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-12-20 14:56:39 (5 months ago)	(mod_security) mod_security (id:220150) triggered by 64.49.38.87 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:220150) triggered by 64.49.38.87 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Dec 20 09:56:05.930693 2025] [security2:error] [pid 12493:tid 12493] [client 64.49.38.87:29955] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:union(?:\\\\/\\\\.\\\\\\\\/)?select)" at ARGS:repoID. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5671"] [id "220150"] [rev "4"] [msg "COMODO WAF: SQL injection vulnerability in Ginkgo CMS 5.0 (CVE-2013-5318)\|\|www.kountz.org\|F\|2"] [data "r1//)//or//row(2018,1386)>(select//count(),concat(0x61436d53,(select//(elt(2836=2836,1))),0x78444250,floor(rand(0)2))x//from//(select//2027//union//select//8505//union//select//7491//union//select//4808)a//group//by//x)--//-"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.kountz.org"] [uri "/showrepo.php"] [unique_id "aUa5BfLR78zp2lCk2zV_9wAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-12 16:31:25 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.12 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.12.12 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2025-10-26 20:41:43 (7 months ago)	IM360 WAF: Attempt to upload malware	Hacking

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇾 202.165.29.123

🇬🇧 188.240.59.17

🇮🇳 142.93.215.41

🇨🇳 116.233.83.8

🇨🇦 85.217.149.0

🇺🇸 50.116.72.133

🇬🇧 213.166.84.50

🇺🇸 195.184.76.132

🇺🇸 192.3.206.66

🇫🇮 147.185.133.103

🇨🇦 85.217.149.43

🇨🇦 85.217.149.39

🇨🇦 85.217.149.32

🇨🇦 85.217.149.8

🇺🇸 65.49.1.182

🇺🇸 65.49.1.173

🇨🇳 61.155.106.101

🇰🇷 49.247.37.22

🇳🇱 45.142.193.53

🇬🇧 31.14.254.30