JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.117.7.130

89.117.7.130 was found in our database!

This IP was reported 32 times. Confidence of Abuse is 100%: ?

100%

ISP	IPXO
Usage Type	Data Center/Web Hosting/Transit
ASN	AS47583
Domain Name	telecentras.lt
Country	🇧🇷 Brazil
City	Sao Paulo, Sao Paulo

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.117.7.130

Whois 89.117.7.130

IP Abuse Reports for 89.117.7.130:

This IP address has been reported a total of 32 times from 23 distinct sources. 89.117.7.130 was first reported on June 6th 2026, and the most recent report was 3 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 andypiper	2026-06-08 01:00:53 (3 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 23:33:16 (5 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 19:33:10.105074 2026] [security2:error] [pid 27688:tid 27695] [client 89.117.7.130:27914] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "minutosrobados.com"] [uri "/backend/.env"] [unique_id "aiX_thb9k4q4dp2Y5ACFpAAAAQU"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-07 22:29:50 (6 hours ago)		Brute-Force Web App Attack
Anonymous	2026-06-07 20:12:03 (8 hours ago)	Bot / scanning and/or hacking attempts: GET /member/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /dev/ ... show more Bot / scanning and/or hacking attempts: GET /member/.env HTTP/1.1, GET /app/.env HTTP/1.1, GET /dev/.env HTTP/1.1, GET /.env HTTP/1.1, GET /laravel/.env HTTP/1.1, GET /backend/.env HTTP/1.1, GET /core/.env HTTP/1.1 show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 15:24:22 (13 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 11:24:14.580433 2026] [security2:error] [pid 10436:tid 10436] [client 89.117.7.130:40134] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "scrappy.us"] [uri "/app/.env"] [unique_id "aiWNHnCWNaTTpMd_ImtpfgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-07 14:16:04 (14 hours ago)	89.117.7.130 patrz.eu - [07/Jun/2026:16:16:00 +0200] "GET /.env HTTP/1.1" 418 1810 "-" "Mozilla/5.0 ... show more 89.117.7.130 patrz.eu - [07/Jun/2026:16:16:00 +0200] "GET /.env HTTP/1.1" 418 1810 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" ... show less	Hacking Web App Attack
🇨🇭 TheCoon	2026-06-07 12:15:01 (16 hours ago)	Automated: Credential theft attempt - JSON bomb served	Web App Attack Hacking
🇳🇱 wlt-blocker	2026-06-07 11:28:48 (17 hours ago)	Unauthorized access to webpage admin	Web App Attack
🇳🇱 e.fierstra	2026-06-07 10:28:02 (18 hours ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇩🇪 macrob	2026-06-07 08:45:04 (19 hours ago)	2026/06/07 08:45:00 [error] 1311802#1311802: 286776088 access forbidden by rule, client: 89.117.7.1 ... show more 2026/06/07 08:45:00 [error] 1311802#1311802: 286776088 access forbidden by rule, client: 89.117.7.130, server: binixo.co, request: "GET /core/.env HTTP/1.1", host: "binixo.co" 2026/06/07 08:45:00 [error] 1311802#1311802: 286776089 access forbidden by rule, client: 89.117.7.130, server: binixo.co, request: "GET /api/.env HTTP/1.1", host: "binixo.co" 2026/06/07 08:45:00 [error] 1311806#1311806: 286776091 access forbidden by rule, client: 89.117.7.130, server: binixo.co, request: "GET /app/.env HTTP/1.1", host: "binixo.co" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-07 06:50:06 (21 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.117.7.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 07 02:49:57.865612 2026] [security2:error] [pid 22902:tid 22902] [client 89.117.7.130:35218] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "siczewicz.com"] [uri "/api/.env"] [unique_id "aiUUla8lbhdudKoHo3vX7AAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2026-06-07 06:46:16 (21 hours ago)	Scanning for exploits - /backend/.env	Web App Attack
Anonymous	2026-06-07 06:34:55 (21 hours ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 nyt	2026-06-07 05:09:04 (23 hours ago)	Sensitive File Probe	Web App Attack
🇳🇱 Savvii	2026-06-07 04:51:48 (23 hours ago)	20 attempts against mh-misbehave-ban on redirect	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 32 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.180.246.7

🇨🇭 176.65.144.48

🇺🇸 165.22.176.30

🇺🇸 142.93.251.117

🇺🇸 134.195.45.191

🇨🇳 117.140.51.219

🇺🇸 65.49.20.90

🇺🇸 185.150.191.236

🇭🇰 165.154.70.162

🇺🇸 129.146.243.24

🇨🇳 124.70.97.100

🇮🇳 103.172.48.98

🇺🇸 91.230.168.114

🇷🇴 80.94.92.187

🇺🇸 66.132.224.24

🇺🇸 52.180.158.248

🇪🇪 31.59.160.12

🇮🇳 124.253.153.229

🇫🇷 98.66.233.228

🇪🇸 46.253.45.10