JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.222.112.30

89.222.112.30 was found in our database!

This IP was reported 55 times. Confidence of Abuse is 73%: ?

73%

ISP	Datacamp Limited
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Hostname(s)	unn-89-222-112-30.datapacket.com
Domain Name	datacamp.co.uk
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.222.112.30

Whois 89.222.112.30

IP Abuse Reports for 89.222.112.30:

This IP address has been reported a total of 55 times from 38 distinct sources. 89.222.112.30 was first reported on October 7th 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 homeshowdomain.nl	2026-06-06 22:01:06 (1 week ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-06-05. show less	Web App Attack SSH Hacking
Anonymous	2026-06-05 13:04:51 (1 week ago)	Fail2Ban - Nginx Bot Probes	Web App Attack
🇪🇸 el-brujo	2026-06-05 12:53:42 (1 week ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozlila/5.0 (L ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 Action: block Source: firewallManaged ASN Description: Datacamp Limited Country: NL Method: GET Timestamp: 2026-06-05T12:53:42Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-06-05 12:43:00 (1 week ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozlila/5.0 (L ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 Action: block Source: firewallManaged ASN Description: Datacamp Limited Country: NL Method: GET Timestamp: 2026-06-05T12:43:00Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇵🇱 nfsec.pl	2026-06-05 12:34:29 (1 week ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇩🇪 Bedios GmbH	2026-06-05 12:16:45 (1 week ago)	Login credentials theft attempt	Hacking
🇺🇸 mnsf	2026-06-05 12:05:19 (1 week ago)	Abuse Detected (1)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 12:03:36 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 08:03:30.225129 2026] [security2:error] [pid 16298:tid 16298] [client 89.222.112.30:50019] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.25"] [uri "/.env"] [unique_id "aiK7El2dW9BdR4gdzx_e7AAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-06-05 10:57:31 (1 week ago)	Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (M ... show more Cloudflare WAF: Request Path: /.env Request Query: Host: ns2.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:77.0) Gecko/20100101 Firefox/77.0 Action: block Source: firewallManaged ASN Description: Datacamp Limited Country: NL Method: GET Timestamp: 2026-06-05T10:57:31Z ruleId: 23548ee2b36547a1be09bb2c0550c529. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 10:26:28 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 06:26:25.221365 2026] [security2:error] [pid 18979:tid 18979] [client 89.222.112.30:54018] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.99"] [uri "/.env:80"] [unique_id "aiKkUaOCUYJ1ULmuAV8_kAAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-05 09:56:42 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com ... show more (mod_security) mod_security (id:210492) triggered by 89.222.112.30 (unn-89-222-112-30.datapacket.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 05:56:35.648177 2026] [security2:error] [pid 28409:tid 28409] [client 89.222.112.30:56693] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.136"] [uri "/.env:80"] [unique_id "aiKdU7cUr5zwYt7pHxfVYQAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇭🇰 ycwong	2026-06-04 01:27:00 (1 week ago)	TCP Flood	DDoS Attack
🇫🇷 zulzeen	2026-06-03 05:11:49 (1 week ago)	[incypit-web] Blocked by SysWarden Firewall [BLOCK] (Web Attack)	Hacking Web App Attack
🇫🇷 geeek	2026-06-03 05:11:13 (1 week ago)	Port scanning: 8080 TCP Blocked	Port Scan
Anonymous	2026-06-03 01:30:03 (1 week ago)	Unauthorized access (tcp/80/http)	Port Scan Web App Attack

Showing 1 to 15 of 55 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 195.184.76.239

🇺🇸 195.184.76.189

🇩🇪 167.94.146.54

🇫🇮 147.185.133.30

🇨🇳 113.87.131.148

🇮🇷 91.251.97.117

🇺🇸 195.184.76.238

🇺🇸 195.184.76.50

🇮🇳 163.61.39.124

🇵🇱 159.26.110.31

🇺🇸 135.237.125.160

🇫🇷 91.231.89.113

🇳🇱 91.92.40.15

🇩🇪 80.158.109.51

🇺🇸 65.49.1.152

🇺🇸 64.62.156.59

🇺🇦 46.149.191.249

🇧🇷 45.205.1.247

🇺🇸 34.228.104.231

🇻🇳 14.191.68.246