JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 86.38.98.69

86.38.98.69 was found in our database!

This IP was reported 66 times. Confidence of Abuse is 33%: ?

33%

ISP	UAB Bite Lietuva
Usage Type	Data Center/Web Hosting/Transit
ASN	AS209854
Domain Name	bi.lt
Country	🇩🇪 Germany
City	Berlin, State of Berlin

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 86.38.98.69

Whois 86.38.98.69

IP Abuse Reports for 86.38.98.69:

This IP address has been reported a total of 66 times from 24 distinct sources. 86.38.98.69 was first reported on August 5th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇮 tjs	2026-05-17 21:45:00 (2 weeks ago)	web attack, SQL injection attempt	Hacking SQL Injection Web App Attack
🇩🇪 Oakley	2026-05-17 15:24:06 (2 weeks ago)	(mod_security) mod_security (id:900209) triggered by 86.38.98.69 (DE/Germany/-): 5 in the last 900 s ... show more (mod_security) mod_security (id:900209) triggered by 86.38.98.69 (DE/Germany/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇮🇩 hermawan	2026-05-17 15:23:07 (2 weeks ago)	[Sun May 17 22:21:34.959108 2026] [security2:error] [pid 7349:tid 140453391353536] [client 86.38.98. ... show more [Sun May 17 22:21:34.959108 2026] [security2:error] [pid 7349:tid 140453391353536] [client 86.38.98.69:49884] ModSecurity: Access denied with code 403 (phase 1). Match of "pm matomo.staklim-malang.info " against "SERVER_NAME" required. [file "/etc/modsecurity/coreruleset-4.26.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "230"] [id "440235"] [msg "BAD REQUEST Bro"] [data " Matched Data ARGS charset: - Matched Data TX.1: found within Content-Type multipart form Matched Data: %20AND%201 found within SERVER_NAME: staklim-jatim.bmkg.go.id request_line = GET /index.php?option=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&view=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&id=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&catid=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), HTTP/1.1 Request URI RAW = /index.php?option=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiK..."] [hostname "staklim-jatim.bmkg.go.id"] [uri "/index.php"] [unique_id "agnc_oj8G2bs6fn7Ael19wAAA4o"] [st ... show less	Email Spam Hacking
Anonymous	2026-05-17 14:58:18 (2 weeks ago)	86.38.98.69 - - [17/May/2026:14:58:18 +0000] "GET /bothole/stinkwell.php?f=%27nvOpzp;%20AND%201=1%20 ... show more 86.38.98.69 - - [17/May/2026:14:58:18 +0000] "GET /bothole/stinkwell.php?f=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&start=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)), HTTP/1.1" 307 933 "https://www.atari-forum.com/viewtopic.php?f=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&t=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO)),&start=%27nvOpzp;%20AND%201=1%20OR%20(%3C%27%22%3EiKO))," "-" ... show less	SQL Injection
🇩🇪 raph	2026-05-17 14:51:17 (2 weeks ago)	[SQL INJECTION] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(%20AND%20\|%2 ... show more [SQL INJECTION] f2b match %{+Q}r for ^.haproxy\[[0-9]+\]: <HOST>:. (GET \|POST ).\?.(%20AND%20\|%20and%20\|%20OR%20\|%20or%20).* HTTP/1.1$ show less	SQL Injection
🇩🇪 Lino Project	2026-05-05 21:18:35 (1 month ago)	CrowdSec abuse IP report (host SRV-2) Scenario: LePresidente/http-generic-403-bf	Hacking
🇧🇪 cmbplf	2026-04-10 00:36:49 (1 month ago)	210 requests with url.path /.well-known/acme-challenge/.php	Brute-Force Bad Web Bot
🇳🇿 Antinson	2026-04-09 07:47:36 (1 month ago)	Scraping with a high error ratio and request rate	Bad Web Bot
🇲🇾 Rizzy	2026-04-09 02:28:17 (1 month ago)	Multiple WAF Violations	Brute-Force Web App Attack
Anonymous	2026-04-09 02:26:46 (1 month ago)	Multiple web server 400 error codes from same source ip	Web App Attack
🇺🇸 TPI-Abuse	2026-04-08 08:56:42 (1 month ago)	(mod_security) mod_security (id:240000) triggered by 86.38.98.69 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:240000) triggered by 86.38.98.69 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 08 04:56:37.418648 2026] [security2:error] [pid 3743148:tid 3743148] [client 86.38.98.69:60808] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder\|\|mountainchristmascards.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "mountainchristmascards.com"] [uri "/images/stories/themes.php"] [unique_id "adYYRWB3iD4kPYojSfwAyQAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 maxxsense	2026-04-07 13:43:45 (1 month ago)	86.38.98.69 (DE/Germany/-), 12 distributed imapd attacks on account [redacted]	Brute-Force
Anonymous	2026-04-07 05:07:02 (2 months ago)	Blocked: Reason='Vulnerability probing — PHP scan detected (84/60 min)'; Requests=84	Port Scan
🇨🇭 TOCE	2026-04-06 17:39:04 (2 months ago)	12 hits seen on 2026-04-06, ports 5901 (VNC) on a honeypot from www.toce.ch	Brute-Force
🇫🇷 dynamix	2026-04-06 11:01:00 (2 months ago)	Multiple WAF Violations	Web App Attack

Showing 1 to 15 of 66 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.143

🇯🇵 207.56.225.202

🇨🇳 180.184.134.158

🇰🇷 175.229.76.210

🇺🇸 135.119.96.127

🇹🇭 110.78.165.192

🇺🇸 107.172.95.94

🇫🇷 85.217.140.46

🇮🇪 52.30.90.61

🇮🇪 52.30.57.230

🇮🇪 34.245.45.178

🇺🇸 34.11.151.181

🇹🇷 31.141.216.143

🇺🇸 198.74.50.114

🇫🇷 194.5.53.153

🇺🇸 159.65.69.149

🇺🇸 147.185.132.215

🇺🇸 147.185.132.161

🇨🇳 116.140.73.73

🇮🇪 108.129.129.97