JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.89.161.85

64.89.161.85 was found in our database!

This IP was reported 163 times. Confidence of Abuse is 100%: ?

100%

ISP	Ghosty Networks LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS205759
Domain Name	ghostynetworks.com
Country	🇱🇺 Luxembourg
City	Luxembourg, Luxembourg

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.89.161.85

Whois 64.89.161.85

IP Abuse Reports for 64.89.161.85:

This IP address has been reported a total of 163 times from 128 distinct sources. 64.89.161.85 was first reported on May 15th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 CryptoYakari	2026-06-29 15:37:14 (1 hour ago)	64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /config.js HTTP/1.0" 404 7081 "-" "Mozilla/5.0 (W ... show more 64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /config.js HTTP/1.0" 404 7081 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" 64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /js/config.js HTTP/1.0" 404 3515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" 64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /config.js HTTP/1.0" 404 6995 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" 64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /js/config.js HTTP/1.0" 404 3515 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" 64.89.161.85 - - [29/Jun/2026:18:37:07 +0300] "GET /api/env HTTP/1.0" 404 7081 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" ... show less	Web Spam Blog Spam Web App Attack Bad Web Bot
🇩🇪 XICTRON	2026-06-29 13:00:07 (4 hours ago)	ModSecurity rule violation detected by Fail2Ban	Web App Attack
🇫🇷 largo-it.net	2026-06-29 11:03:51 (6 hours ago)	Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46094 [29/Jun/2026:13:03:50.824] www_fro ... show more Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46094 [29/Jun/2026:13:03:50.824] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/46/57 404 3151 - - ---- 75/17/1/1/0 0/0 "GET /config.js HTTP/1.1" Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46100 [29/Jun/2026:13:03:50.825] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/74/85 404 3151 - - ---- 74/16/1/1/0 0/0 "GET /js/config.js HTTP/1.1" Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46116 [29/Jun/2026:13:03:50.891] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/40/51 404 3151 - - ---- 74/16/1/1/0 0/0 "GET /config.js HTTP/1.1" Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46156 [29/Jun/2026:13:03:50.914] www_frontend~ finance_cluster/finance1_test1_https 0/0/11/40/51 404 3151 - - ---- 74/16/1/1/0 0/0 "GET /js/config.js HTTP/1.1" Jun 29 13:03:50 vps-9f3cdc33 haproxy[1009799]: 64.89.161.85:46100 [29/Jun/2026:13:03:50.945] www_frontend~ finance_cluster/fin ... show less	Hacking Bad Web Bot Web App Attack
🇺🇸 interbiznw.com	2026-06-29 10:21:08 (6 hours ago)	malicious-web-requests-vulnerability-scanning	Hacking Brute-Force Exploited Host Web App Attack
🇺🇸 dtorrer	2026-06-29 09:47:57 (7 hours ago)	General vulnerability scan.	Port Scan
Anonymous	2026-06-29 08:09:02 (9 hours ago)	Excessive 404 errors - web scanning/probing	Bad Web Bot
🇫🇮 indev.fi	2026-06-29 08:08:56 (9 hours ago)	pasilanvisio.peltopiri.com 64.89.161.85 - - [29/Jun/2026:11:07:55 +0300] "GET /.env HTTP/1.1" 444 0 ... show more pasilanvisio.peltopiri.com 64.89.161.85 - - [29/Jun/2026:11:07:55 +0300] "GET /.env HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" pasilanvisio.peltopiri.com 64.89.161.85 - - [29/Jun/2026:11:07:55 +0300] "GET /.env.production HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" pasilanvisio.peltopiri.com 64.89.161.85 - - [29/Jun/2026:11:07:55 +0300] "GET /.env.local HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" ... show less	Port Scan Hacking Bad Web Bot Web App Attack
🇳🇴 Bots.go.to.hell	2026-06-29 07:20:41 (9 hours ago)	This IP was detected by CrowdSec triggering LePresidente/http-generic-401-bf	Web App Attack Brute-Force
🇩🇪 LRob.fr	2026-06-29 06:45:12 (10 hours ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇮🇩 hermawan	2026-06-29 02:24:56 (14 hours ago)	1782699890.427473 64.89.161.85 103.166.156.58 64620_2-4-8-1-3_1436_7 2026-06-29 09:24:50 WIB ...	Email Spam Hacking
🇳🇱 BlueWire Hosting	2026-06-28 23:55:34 (17 hours ago)	Probing websites for vulnerabilities	Web App Attack
🇦🇩 bakunin1848	2026-06-28 21:09:06 (20 hours ago)	Firewall IPS Detection on 28-06-2026 at 23:09:06	Port Scan Exploited Host
🇫🇮 Ba-Yu	2026-06-28 20:51:36 (20 hours ago)	General hacking/exploits/scanning	Port Scan Exploited Host Web App Attack
🇺🇸 Victor López	2026-06-28 20:50:18 (20 hours ago)	desdeotramirada.com 64.89.161.85 - - [28/Jun/2026:15:50:17 -0500] "GET /.env HTTP/1.1" 404 26289 "-" ... show more desdeotramirada.com 64.89.161.85 - - [28/Jun/2026:15:50:17 -0500] "GET /.env HTTP/1.1" 404 26289 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" desdeotramirada.com 64.89.161.85 - - [28/Jun/2026:15:50:17 -0500] "GET /.env.local HTTP/1.1" 404 26289 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" desdeotramirada.com 64.89.161.85 - - [28/Jun/2026:15:50:17 -0500] "GET /.env.production HTTP/1.1" 404 26289 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/148.0.0.0 Safari/537.36" ... show less	Hacking Web App Attack
🇩🇪 MBombeck	2026-06-28 19:13:19 (22 hours ago)	Fail2Ban/traefik-botsearch on apps-01: banned after 5 failures	Web App Attack

Showing 1 to 15 of 163 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 162.216.150.88

🇺🇸 100.29.192.1

🇫🇷 91.231.89.131

🇧🇪 35.195.47.36

🇪🇸 196.196.150.124

🇫🇮 147.185.133.200

🇺🇸 66.132.224.17

🇨🇳 39.104.86.159

🇰🇬 217.29.30.135

🇬🇧 165.220.169.113

🇺🇸 157.230.8.193

🇺🇸 144.202.92.17

🇧🇩 103.156.214.8

🇹🇷 85.106.114.34

🇫🇷 51.68.107.139

🇮🇩 2406:da19:776:6e00:c558:3b53:5b6c:748a

🇹🇭 2405:9800:b652:706a:20ee:15c0:ad54:76ad

🇲🇰 213.135.168.228

🇮🇩 163.7.9.84

🇨🇳 113.142.138.147