JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 64.89.163.196

64.89.163.196 was found in our database!

This IP was reported 39 times. Confidence of Abuse is 100%: ?

100%

ISP	Meowcore Softworks LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS401626
Domain Name	geofeed.space
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 64.89.163.196

Whois 64.89.163.196

IP Abuse Reports for 64.89.163.196:

This IP address has been reported a total of 39 times from 28 distinct sources. 64.89.163.196 was first reported on April 28th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 Artelis	2026-06-27 09:09:23 (2 days ago)	64.89.163.196 - - [27/Jun/2026:09:09:22 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Window ... show more 64.89.163.196 - - [27/Jun/2026:09:09:22 +0000] "GET /.env HTTP/1.1" 404 548 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" ... show less	Web App Attack
Anonymous	2026-06-27 07:23:46 (2 days ago)	Sensitive file access attempt	Hacking
Anonymous	2026-06-27 07:23:45 (2 days ago)	64.89.163.196 - - [27/Jun/2026:09:23:45 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Window ... show more 64.89.163.196 - - [27/Jun/2026:09:23:45 +0200] "GET /.env HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" show less	Web App Attack
Anonymous	2026-06-27 05:49:00 (2 days ago)	64.89.163.196 - - [27/Jun/2026:07:48:59 +0200] "GET /.env HTTP/1.1" 402 3420 "-" "Mozilla/5.0 (Windo ... show more 64.89.163.196 - - [27/Jun/2026:07:48:59 +0200] "GET /.env HTTP/1.1" 402 3420 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36" ... show less	Web App Attack
🇺🇸 www.winos.me	2026-06-27 05:46:06 (2 days ago)	Shield: Layer4 Port 9 Trap	Port Scan Hacking
🇩🇪 Enno	2026-06-26 17:00:53 (3 days ago)	P04::Fail2Ban: automated bot scanning / credential probing detected.	Web App Attack Bad Web Bot
🇮🇩 soc-yk	2026-06-26 12:46:19 (3 days ago)	Type: suspicious_network_activity Risk: 93 Events: 156 Evidence: - Persistent suspicious network ac ... show more Type: suspicious_network_activity Risk: 93 Events: 156 Evidence: - Persistent suspicious network activity detected - Repeated hostile operational behavior observed - Multi-event operational persistence identified - Threat escalation behavior observed show less	Port Scan Hacking
🇦🇺 2000cn.com.au	2026-06-26 12:22:59 (3 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files	Web App Attack Hacking
🇮🇩 Burayot	2026-06-26 12:21:55 (3 days ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 64.89.163.196 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 64.89.163.196 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇩🇪 Interceptor_HQ	2026-06-24 12:42:45 (5 days ago)	request_uri: /.env -- automatic report --	Brute-Force Hacking
🇫🇷 bazter.pro	2026-06-24 11:14:33 (5 days ago)	Fail2Ban: plesk-bot-aggressive - 15 failures	Port Scan Bad Web Bot Web App Attack
🇨🇭 zynex	2026-06-24 09:53:31 (5 days ago)	URL Probing: /.env	Web App Attack
🇧🇪 voormedia	2026-06-24 08:09:28 (5 days ago)	Accessed trap at '/.env'	Web App Attack
🇩🇪 on-com	2026-06-24 05:31:58 (5 days ago)	URL scan	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-23 23:47:20 (6 days ago)	(mod_security) mod_security (id:210492) triggered by 64.89.163.196 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 64.89.163.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 23 19:47:16.091514 2026] [security2:error] [pid 3856:tid 3856] [client 64.89.163.196:0] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cloudex.click"] [uri "/.env"] [unique_id "ajsbBJclNJ2-atqVT3yR-QAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 39 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a03:2880:18ff:71::

🇺🇸 2604:a880:800:10::904:4001

🇧🇷 201.76.120.30

🇺🇸 195.184.76.134

🇬🇧 193.163.125.44

🇧🇷 186.219.107.92

🇫🇮 185.148.1.18

🇨🇳 182.244.0.150

🇭🇰 101.36.111.155

🇨🇳 58.212.237.60

🇺🇸 20.102.108.84

🇺🇸 2a03:2880:18ff:70::

🇷🇺 212.34.101.187

🇲🇾 202.188.12.78

🇲🇽 187.161.119.73

🇰🇼 178.61.86.206

🇯🇵 172.104.120.101

🇵🇰 110.93.224.226

🇧🇩 103.229.84.30

🇮🇷 85.133.185.28