JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.137.89.130

64.137.89.130 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 0%: ?

ISP	FASTPLANET LTD
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	fastplanet.com
Country	🇪🇸 Spain
City	Madrid, Madrid

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.137.89.130

Whois 64.137.89.130

IP Abuse Reports for 64.137.89.130:

This IP address has been reported a total of 35 times from 15 distinct sources. 64.137.89.130 was first reported on June 5th 2024, and the most recent report was 11 months ago.

Old Reports: The most recent abuse report for this IP address is from 11 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2025-07-12 19:11:03 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jul 12 15:11:00.008328 2025] [security2:error] [pid 26285:tid 26285] [client 64.137.89.130:39413] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kingstoneproperties.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kingstoneproperties.com"] [uri "/[email protected]"] [unique_id "aHKzRG-9VwKFsms4dBkIMAAAAAA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-11 14:07:49 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-08-09 07:59:58 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 09 03:59:54.053156 2024] [security2:error] [pid 26967:tid 26967] [client 64.137.89.130:57805] [client 64.137.89.130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 64.137.89.130 (+1 hits since last alert)\|www.nekstlevel.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.nekstlevel.com"] [uri "/xmlrpc.php"] [unique_id "ZrXMeudY-yvMd3PYlRxEJgAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 maxxsense	2024-08-07 13:33:36 (1 year ago)	(wordpress) Failed wordpress login from 64.137.89.130 (-)	Brute-Force
🇺🇸 TPI-Abuse	2024-08-03 00:20:48 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 02 20:20:43.585857 2024] [security2:error] [pid 996990:tid 997009] [client 64.137.89.130:32771] [client 64.137.89.130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 64.137.89.130 (+1 hits since last alert)\|www.rpiusa.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.rpiusa.net"] [uri "/xmlrpc.php"] [unique_id "Zq132-j49WzH_HLN_BqfbgAAAVE"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-07-24 19:04:38 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 Linuxmalwarehuntingnl	2024-07-02 07:00:02 (1 year ago)	Unauthorized connection attempt	Brute-Force
🇺🇸 octageeks.com	2024-06-30 04:07:01 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 TPI-Abuse	2024-06-29 22:10:09 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 29 18:10:05.566239 2024] [security2:error] [pid 23414] [client 64.137.89.130:58363] [client 64.137.89.130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 64.137.89.130 (+1 hits since last alert)\|edgecomix.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "edgecomix.com"] [uri "/xmlrpc.php"] [unique_id "ZoCGPZL6q09CAW3GKqXU7gAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 eminovic.ba	2024-06-29 17:04:59 (1 year ago)	Wordpress attack ...	Hacking Brute-Force Web App Attack
Anonymous	2024-06-29 13:41:53 (1 year ago)	notenschluessel-fulda.de 64.137.89.130 [29/Jun/2024:15:41:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 ... show more notenschluessel-fulda.de 64.137.89.130 [29/Jun/2024:15:41:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4349 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" notenschluessel-fulda.de 64.137.89.130 [29/Jun/2024:15:41:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4349 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.6422.60 Safari/537.36" show less	Web App Attack
🇺🇸 octageeks.com	2024-06-29 04:06:59 (1 year ago)	Wordpress malicious attack:[octawp]	Web App Attack
🇺🇸 TPI-Abuse	2024-06-28 09:34:07 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 28 05:34:00.459575 2024] [security2:error] [pid 26440] [client 64.137.89.130:59115] [client 64.137.89.130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 64.137.89.130 (+1 hits since last alert)\|www.ornbaum.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "www.ornbaum.com"] [uri "/xmlrpc.php"] [unique_id "Zn6DiOn7uapZlCYAfbdWJwAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2024-06-28 00:12:16 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2024-06-27 15:54:14 (1 year ago)	(mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:240335) triggered by 64.137.89.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 27 11:54:06.127358 2024] [security2:error] [pid 4407] [client 64.137.89.130:35165] [client 64.137.89.130] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)\|Source 64.137.89.130 (+1 hits since last alert)\|societasprivata.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "societasprivata.com"] [uri "/xmlrpc.php"] [unique_id "Zn2LHt9xuYqIt708iH401gAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 190.181.120.142

🇵🇭 165.154.58.251

🇺🇸 162.216.150.189

🇩🇪 155.117.127.214

🇺🇸 147.185.132.200

🇺🇸 71.27.86.44

🇺🇸 47.252.118.185

🇰🇷 39.115.195.164

🇺🇸 20.245.71.147

🇯🇵 216.25.125.2

🇺🇸 216.25.89.144

🇭🇰 199.45.155.110

🇲🇽 187.170.61.138

🇨🇦 184.151.88.27

🇨🇳 183.212.239.130

🇷🇺 178.178.222.59

🇺🇸 162.216.150.74

🇺🇸 162.158.89.144

🇧🇷 132.255.170.180

🇨🇳 120.48.11.36