JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.89.162.161

64.89.162.161 was found in our database!

This IP was reported 159 times. Confidence of Abuse is 100%: ?

100%

ISP	PIO-Hosting GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS198584
Domain Name	pio.hosting
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.89.162.161

Whois 64.89.162.161

IP Abuse Reports for 64.89.162.161:

This IP address has been reported a total of 159 times from 90 distinct sources. 64.89.162.161 was first reported on June 7th 2026, and the most recent report was 9 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 zam	2026-06-17 03:12:38 (9 minutes ago)	64.89.162.161 - - [17/Jun/2026:03:12:35 +0000] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 2 ... show more 64.89.162.161 - - [17/Jun/2026:03:12:35 +0000] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 301 295 show less	Web App Attack
🇫🇷 Lunix	2026-06-17 01:02:04 (2 hours ago)		Brute-Force Web App Attack
🇺🇸 Mundo Bueno	2026-06-17 00:06:08 (3 hours ago)	[ISILIA Protection v2.1] Tentative d'accès: /alfa_data/alfacgiapi/perl.alfa \| Pays: NL \| UA: Mozlila ... show more [ISILIA Protection v2.1] Tentative d'accès: /alfa_data/alfacgiapi/perl.alfa \| Pays: NL \| UA: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) V show less	Hacking Web App Attack
Anonymous	2026-06-16 23:49:00 (3 hours ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇫🇷 dynamix	2026-06-16 23:19:25 (4 hours ago)	Multiple WAF Violations	Web App Attack
🇦🇺 paulshipley.com.au	2026-06-16 21:23:07 (5 hours ago)	[Wed Jun 17 07:23:05.891213 2026] [security2:error] [pid 307449] [client 64.89.162.161:59329] [clien ... show more [Wed Jun 17 07:23:05.891213 2026] [security2:error] [pid 307449] [client 64.89.162.161:59329] [client 64.89.162.161] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/wp-plain.php"] [unique_id "ajG-uc2z-QyTK_vCAVNdfgAAAAU"], referer: www.google.com ... show less	Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-16 17:40:49 (9 hours ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇲🇾 Rizzy	2026-06-16 14:01:53 (13 hours ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇫🇷 Version Net	2026-06-16 13:05:15 (14 hours ago)	IPS Detection: ALFA.TEaM.Web.Shell	Hacking
🇦🇺 2000cn.com.au	2026-06-16 10:43:53 (16 hours ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-bad-user-agent	Web App Attack Bad Web Bot
🇩🇪 Viveronese	2026-06-16 03:39:39 (23 hours ago)	HTTP vulnerability scanning	Web App Attack
🇫🇷 pm33	2026-06-16 02:50:36 (1 day ago)	Unauthorized connections HTTP 403	Web App Attack
🇧🇷 dominioz	2026-06-16 02:29:54 (1 day ago)	2026-06-16 02:28:41 POST /ALFA_DATA/alfacgiapi/perl.alfa - - 64.89.162.161 HTTP/1.1 Mozlila/5.0+(Lin ... show more 2026-06-16 02:28:41 POST /ALFA_DATA/alfacgiapi/perl.alfa - - 64.89.162.161 HTTP/1.1 Mozlila/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 40923 2026-06-16 02:28:41 GET /wp-content/themes/seotheme/db.php u - 64.89.162.161 HTTP/1.1 Mozlila/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 40868 2026-06-16 02:28:41 GET /wp-content/plugins/fix/up.php - - 64.89.162.161 HTTP/1.1 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/85.0.4183.102+Safari/537.36 - 404 40868 2026-06-16 02:28:41 POST /wp-plain.php - - 64.89.162.161 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Bulid/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Moblie+Safari/537.36 www.google.com 404 40923 ... show less	Web App Attack
🇩🇪 LRob.fr	2026-06-16 01:45:08 (1 day ago)	Repeated 404 errors, blocked by Fail2ban in custom-404 jail	Bad Web Bot
🇬🇷 setupgr	2026-06-15 23:38:06 (1 day ago)	(mod_security) mod_security (id:1000001) triggered by 64.89.162.161: 1 in the last 86400 secs; Ports ... show more (mod_security) mod_security (id:1000001) triggered by 64.89.162.161: 1 in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: [Tue Jun 16 02:38:03.259677 2026] [security2:error] [pid 1965768:tid 1965807] [client 64.89.162.161:63553] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/db.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "92"] [id "1000001"] [msg "Bad file blocked: /wp-content/themes/seotheme/db.php"] [severity "CRITICAL"] [tag "security"] [hostname "www.setworldup.com"] [uri "/wp-content/themes/seotheme/db.php"] [unique_id "ajCM25hSggell5vQAURndQAAAUw"], referer: www.google.com show less	Port Scan

Showing 1 to 15 of 159 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 218.71.59.70

🇬🇧 195.206.182.200

🇭🇰 161.81.58.72

🇺🇸 135.237.126.202

🇨🇳 125.77.175.2

🇮🇩 103.159.196.21

🇺🇸 100.52.14.225

🇺🇸 74.48.189.151

🇧🇩 43.246.201.34

🇻🇪 38.74.237.218

🇨🇦 35.182.177.130

🇮🇷 31.7.66.163

🇺🇸 216.146.49.202

🇺🇿 213.230.88.83

🇰🇿 212.96.81.114

🇷🇺 212.46.18.124

🇮🇶 185.166.25.150

🇺🇸 152.32.205.206

🇩🇪 138.201.38.133

🇺🇸 135.237.126.225