JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.21.85.28

89.21.85.28 was found in our database!

This IP was reported 385 times. Confidence of Abuse is 100%: ?

100%

ISP	PT. INDUSTRI KREATIF DIGITAL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS141892
Domain Name	abuseradar.com
Country	🇮🇩 Indonesia
City	Jakarta, Jakarta

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.21.85.28

Whois 89.21.85.28

IP Abuse Reports for 89.21.85.28:

This IP address has been reported a total of 385 times from 143 distinct sources. 89.21.85.28 was first reported on March 7th 2025, and the most recent report was 8 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇷 opastorello	2026-06-16 04:12:14 (8 hours ago)	T-Pot honeypot: 8 hits in 15min on port(s) 30907,1092 (Suricata). Port scan / unsolicited connection ... show more T-Pot honeypot: 8 hits in 15min on port(s) 30907,1092 (Suricata). Port scan / unsolicited connection. Automated report. show less	Port Scan
🇧🇷 opastorello	2026-06-15 04:11:17 (1 day ago)	T-Pot honeypot: 16 hits in 15min on port(s) 30907,1081,1082 (Suricata). Port scan / unsolicited conn ... show more T-Pot honeypot: 16 hits in 15min on port(s) 30907,1081,1082 (Suricata). Port scan / unsolicited connection. Automated report. show less	Port Scan
🇧🇷 dominioz	2026-06-13 08:25:52 (3 days ago)	2026-06-13 08:25:01 GET /wp-content/plugins/pwnd/pwnd.php - - 89.21.85.28 HTTP/1.1 Mozilla/5.0+(Linu ... show more 2026-06-13 08:25:01 GET /wp-content/plugins/pwnd/pwnd.php - - 89.21.85.28 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Build/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Mobile+Safari/537.36 - 404 1440 2026-06-13 08:25:01 GET /wp-content/plugins/pwnd-1/pwnd.php - - 89.21.85.28 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Build/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Mobile+Safari/537.36 - 404 1440 2026-06-13 08:25:03 GET /wp-content/plugins/pwnd-2/pwnd.php - - 89.21.85.28 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Build/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Mobile+Safari/537.36 - 404 1440 2026-06-13 08:25:03 GET /wp-content/plugins/fix/up.php - - 89.21.85.28 HTTP/1.1 Mozilla/5.0+(Linux;+Android+7.0;+SM-G892A+Build/NRD90M;+wv)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Version/4.0+Chrome/60.0.3112.107+Mobile+Safari/537.36 - 404 1440 ... show less	Web App Attack
🇩🇪 FeG Deutschland	2026-06-13 08:19:07 (3 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
Anonymous	2026-06-13 08:17:11 (3 days ago)	89.21.85.28 - - [13/Jun/2026:10:17:05 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 12 ... show more 89.21.85.28 - - [13/Jun/2026:10:17:05 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 123525 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [13/Jun/2026:10:17:07 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 22962 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [13/Jun/2026:10:17:08 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 123543 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [13/Jun/2026:10:17:09 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 22963 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Geck ... show less	Brute-Force Web App Attack
🇩🇪 EGP Abuse Dept	2026-06-13 01:33:44 (3 days ago)	Scanning for web/db/file exploits on brederaad-010.nl	SQL Injection Bad Web Bot Web App Attack
🇧🇷 opastorello	2026-06-13 01:32:21 (3 days ago)	T-Pot honeypot: 93 hits in 15min on port(s) 1048,30907,1043,1041,1042 (P0f/Suricata/Honeytrap). Port ... show more T-Pot honeypot: 93 hits in 15min on port(s) 1048,30907,1043,1041,1042 (P0f/Suricata/Honeytrap). Port scan / unsolicited connection. Automated report. show less	Port Scan
🇮🇩 Burayot	2026-06-12 16:02:10 (3 days ago)	LF_CPANEL: (cpanel) Failed cPanel login from 89.21.85.28 (ID/Indonesia/-): 1 in the last 3600 secs	Brute-Force
🇺🇸 kosada.com	2026-06-12 07:39:17 (4 days ago)	Web vulnerability probing: /wp-content/plugins/fix/up.php	Web App Attack
🇩🇪 FeG Deutschland	2026-06-12 06:23:18 (4 days ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 24	Exploited Host Web App Attack
Anonymous	2026-06-12 06:19:17 (4 days ago)	89.21.85.28 - - [12/Jun/2026:08:19:12 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 62 ... show more 89.21.85.28 - - [12/Jun/2026:08:19:12 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 62056 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [12/Jun/2026:08:19:13 +0200] "GET /wp-content/plugins/pwnd/pwnd.php HTTP/1.1" 404 14486 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [12/Jun/2026:08:19:14 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 62056 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36" 89.21.85.28 - - [12/Jun/2026:08:19:15 +0200] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 14486 "-" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) ... show less	Brute-Force Web App Attack
🇫🇷 solution.it	2026-06-12 06:06:18 (4 days ago)	[Fri Jun 12 08:06:17.638718 2026] [php7:error] [pid 3051709:tid 3051709] [client 89.21.85.28:54314] ... show more [Fri Jun 12 08:06:17.638718 2026] [php7:error] [pid 3051709:tid 3051709] [client 89.21.85.28:54314] script '/var/www/html/blog.solution.it/wp-login.php' not found or unable to stat show less	Web App Attack
🇫🇷 ELYAZ	2026-06-12 05:36:29 (4 days ago)	(y3) Failed access -byebye- from 89.21.85.28 (UA/Ukraine/-): (CF_ENABLE)	Hacking
🇺🇸 CBJ	2026-06-10 16:25:36 (5 days ago)	fail2ban: apache-filepath-recon ...	Web App Attack
🇮🇩 soc-yk	2026-06-10 03:54:15 (6 days ago)	Type: web_scanning Risk: 57 Events: 28910 Evidence: - Automated hostile web probing detected - Repe ... show more Type: web_scanning Risk: 57 Events: 28910 Evidence: - Automated hostile web probing detected - Repeated web scanning activity observed - Multi-event operational persistence identified show less	Web App Attack

Showing 1 to 15 of 385 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2607:f8b0:400e:c05::127

🇺🇸 153.66.87.243

🇺🇸 149.34.251.245

🇳🇱 62.194.229.17

🇰🇿 45.130.7.48

🇸🇬 212.73.148.21

🇨🇴 190.25.34.106

🇲🇽 187.191.48.6

🇨🇷 179.48.248.245

🇺🇸 172.113.99.239

🇫🇷 143.244.57.92

🇸🇦 128.234.120.151

🇭🇰 122.10.115.18

🇳🇱 89.248.172.118

🇳🇱 77.83.39.14

🇩🇪 69.5.169.41

🇸🇻 190.87.165.16

🇨🇱 190.12.168.137

🇲🇰 146.255.75.99

🇮🇳 125.19.138.74