This IP address has been reported a total of
99
times from
69 distinct
sources.
143.198.85.89 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Reporter
IoA Timestamp (UTC)
Comment
Categories
Anonymous
(caddyscan) Scanner path probe from 143.198.85.89 (SG/Singapore/-): 5 in the last 3600 secs; Ports: ...
show more(caddyscan) Scanner path probe from 143.198.85.89 (SG/Singapore/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 143.198.85.89 - - [02/Jul/2026:07:22:37 +0000] "GET /.env.local HTTP/1.1"
[REDACTED] 200 2627 143.198.85.89 - - [02/Jul/2026:07:22:38 +0000] "GET /.env.production HTTP/1.1"
[REDACTED] 200 2627 143.198.85.89 - - [02/Jul/2026:07:22:38 +0000] "GET /.env.development HTTP/1.1"
[REDACTED] 200 2627 143.198.85.89 - - [02/Jul/2026:07:22:38 +0000] "GET /.env.dev HTTP/1.1"
[REDACTED] 200 2627 143.198.85.89 - - [02/Jul/2026:07:22:39 +0000] "GET /.env.prod HTTP/1.1"
show less
Automated ban via infra-monitor: suspicious-probe, crowdsecurity/http-probing, crowdsecurity/http-se ...
show moreAutomated ban via infra-monitor: suspicious-probe, crowdsecurity/http-probing, crowdsecurity/http-sensitive-files
show less
Web app attack: scanning for secrets/exploits (.env/.git/PHPUnit CVE). Captured by NullBlue67 honeyp ...
show moreWeb app attack: scanning for secrets/exploits (.env/.git/PHPUnit CVE). Captured by NullBlue67 honeypot.
show less