JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.149.52.74

89.149.52.74 was found in our database!

This IP was reported 35 times. Confidence of Abuse is 3%: ?

ISP	Binbox Global Services
Usage Type	Fixed Line ISP
ASN	AS3257
Domain Name	binbox.com
Country	🇨🇦 Canada
City	Vancouver, British Columbia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.149.52.74

Whois 89.149.52.74

IP Abuse Reports for 89.149.52.74:

This IP address has been reported a total of 35 times from 27 distinct sources. 89.149.52.74 was first reported on April 1st 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 botreporter	2026-06-18 07:27:53 (1 week ago)	botnet ignoring robots.txt	Bad Web Bot
🇺🇸 xmission.com	2026-01-16 15:53:08 (5 months ago)	Blocked by UFW (TCP on 9050) Source port: 34802 TTL: 121 Packet length: 52 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 9050) Source port: 34802 TTL: 121 Packet length: 52 TOS: 0x08 This report (for 89.149.52.74) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-11-12 11:55:11 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-11-09 01:50:17 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
Anonymous	2025-11-06 01:45:13 (7 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇳🇱 homeshowdomain.nl	2025-10-16 22:01:54 (8 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2025-10-15. show less	Hacking Web App Attack SSH
🇮🇳 Shaik Sai Meera	2025-10-16 20:04:37 (8 months ago)	IM360 WAF: Laravel .env file access - Thu Oct 16 03:08:24 2025	Web App Attack
Anonymous	2025-10-16 06:45:00 (8 months ago)	.env url scan	Web App Attack
🇮🇩 Burayot	2025-10-15 21:20:08 (8 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 89.149.52.74 (CA/Canada/-): 2 in the ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 89.149.52.74 (CA/Canada/-): 2 in the last 3600 secs show less	Web App Attack
🇳🇱 Study Bitcoin 🤗	2025-10-15 21:00:22 (8 months ago)	Port probe to tcp/80 (http) [srv124]	Port Scan Bad Web Bot Web App Attack
🇬🇧 NotCool	2025-10-15 19:29:40 (8 months ago)	(DOTENVPROBE) Sensitive File Probe - .env 89.149.52.74 (CA/Canada/-): 10 in the last 3600 secs	Web App Attack
🇺🇸 TPI-Abuse	2025-10-15 18:29:30 (8 months ago)	(mod_security) mod_security (id:210492) triggered by 89.149.52.74 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.149.52.74 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 15 14:29:22.752195 2025] [security2:error] [pid 27258:tid 27258] [client 89.149.52.74:23591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.lazymanvegan.com"] [uri "/.env"] [unique_id "aO_oAlX32AKNQQsxiNcCAwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇸🇪 peterh	2025-10-15 17:10:00 (8 months ago)	89.149.52.74 - - [15/Oct/2025:17:33:47 +0200] "GET /.env HTTP/1.1"	Phishing Hacking
Anonymous	2025-10-15 16:53:18 (8 months ago)	Infected user bad webscan	Exploited Host
Anonymous	2025-10-15 16:30:30 (8 months ago)	Failed login attempt detected by Fail2Ban in plesk-modsecurity jail	Exploited Host

Showing 1 to 15 of 35 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 193.37.32.214

🇺🇸 193.36.225.236

🇳🇱 185.223.235.13

🇰🇷 119.202.68.51

🇹🇳 102.31.200.100

🇸🇬 101.47.155.9

🇨🇦 85.217.149.31

🇺🇸 66.132.195.102

🇺🇸 50.62.22.47

🇱🇹 45.227.254.170

🇸🇬 43.134.230.165

🇺🇸 209.90.232.71

🇺🇿 195.158.16.60

🇨🇿 193.85.24.214

🇲🇾 186.244.227.161

🇳🇱 176.65.139.56

🇺🇸 173.239.240.116

🇺🇸 172.245.102.2

🇸🇬 167.172.79.90

🇫🇮 147.185.133.134