This IP address has been reported a total of
43
times from
28 distinct
sources.
185.24.60.89 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
Requests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/index/ ...
show moreRequests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/index/ ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/144.0.0.0 Safari/537.36')
show less
Requests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/index/ ...
show moreRequests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/index/ ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36 Edg/145.0.0.0')
show less
Coordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 ...
show moreCoordinated application-layer DDoS against git.mills.io (self-hosted Gitea), 2026-06-12 ~20:30-21:10 UTC. Deliberately expensive multi-label Gitea issue-search queries (/issues?type=all&state=closed&sort=...&labels=<multiple IDs>, ~60-113s CPU each) flooded the backend via proxy/hosting networks. ~36,700 source IPs, ~1 request per IP, identical TLS fingerprint (TLS1.3 0x1301) and one spoofed Chrome UA = single automated tool.
show less
Bogus Useragent: 185.24.60.89 - - [08/Jun/2026:14:11:55 +0200] "GET /protocol?id=st_8_98&offset=1650 ...
show moreBogus Useragent: 185.24.60.89 - - [08/Jun/2026:14:11:55 +0200] "GET /protocol?id=st_8_98&offset=1650&seq=1692 HTTP/1.1" 444 0 "-" "Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/5.0)" asn=206206 org="Kurdistan Net Company for Computer and Internet Ltd." country=IQ
...
show less
Requests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/ ua='M ...
show moreRequests denied due to active blacklist hits (tenant=82 method=GET path=/catalogsearch/result/ ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36')
show less
Suspicious WooCommerce query combination detected. Not default available on websites. Matched combi ...
show moreSuspicious WooCommerce query combination detected. Not default available on websites. Matched combi patterns: filter_, add-to-cart=, orderby=, product_count=. Activity is consistent with high-volume request abuse.
show less
Fail2Ban: 185.24.60.89 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 ...
show moreFail2Ban: 185.24.60.89 was banned for Aggressive Bad Bot detected by Nginx/Fail2Ban. UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/145.0.0.0 Safari/537.36
show less
Attack Signature Blocked: /wishlist/index/add/product/12016/form_key/hvG6ydZZzbiXdRPj/ (Magento Site ...
show moreAttack Signature Blocked: /wishlist/index/add/product/12016/form_key/hvG6ydZZzbiXdRPj/ (Magento Site) (Botnet activity attributed to: Angara Technologies Group / mikhail-smirnov-79830322)
show less