JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.125.2.193

89.125.2.193 was found in our database!

This IP was reported 8 times. Confidence of Abuse is 35%: ?

35%

ISP	Snowd Security OU
Usage Type	Data Center/Web Hosting/Transit
ASN	AS57043
Domain Name	snowd.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.125.2.193

Whois 89.125.2.193

IP Abuse Reports for 89.125.2.193:

This IP address has been reported a total of 8 times from 5 distinct sources. 89.125.2.193 was first reported on June 25th 2026, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-26 22:03:06 (2 days ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-25. show less	Web App Attack SSH Hacking
🇳🇱 homeshowdomain.nl	2026-06-25 22:00:46 (3 days ago)	Auto-ban: >3000 req/min op 2026-06-25	Web App Attack SSH Hacking
🇺🇸 mnsf	2026-06-25 21:28:33 (3 days ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇳🇴 jad-abuse	2026-06-25 16:53:24 (3 days ago)	ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe ... show more ActiveDefense automated detection: malicious HTTP scanning / exploit attempts. Signatures: env_probe. Observed by 1 sensor(s); 1 hits. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 15:44:13 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 11:44:09.886235 2026] [security2:error] [pid 23106:tid 23106] [client 89.125.2.193:39706] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ags-ga.com"] [uri "/.env"] [unique_id "aj1MyeR9ISir3TlYxjqYdgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 08:25:29 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 04:25:19.923111 2026] [security2:error] [pid 28098:tid 28098] [client 89.125.2.193:44438] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.vespaitaliancafe.com"] [uri "/.envrc"] [unique_id "ajzl79TRq2xOAzVWcBlLBgAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-25 08:08:37 (4 days ago)	Try to access /.env	Web App Attack
🇺🇸 TPI-Abuse	2026-06-25 04:32:12 (4 days ago)	(mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.125.2.193 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 25 00:32:07.545569 2026] [security2:error] [pid 5389:tid 5389] [client 89.125.2.193:35950] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.jims-bbs.com"] [uri "/.env.production"] [unique_id "ajyvR_EHD1P0nbJPDNDFPAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 8 of 8 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.197.253.7

🇨🇳 221.0.11.212

🇩🇪 194.88.98.85

🇦🇷 186.158.183.66

🇩🇪 185.30.32.214

🇺🇸 66.132.186.212

🇨🇳 220.250.11.53

🇨🇳 220.205.253.188

🇮🇳 160.187.54.143

🇰🇷 119.192.219.77

🇰🇷 110.14.190.221

🇺🇸 104.237.243.123

🇫🇷 85.217.140.30

🇨🇳 220.177.9.167

🇨🇳 220.167.189.103

🇬🇧 193.163.125.37

🇲🇽 177.229.197.38

🇺🇸 152.32.206.38

🇨🇳 120.240.95.27

🇮🇩 103.253.244.145