JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.31.103.53

89.31.103.53 was found in our database!

This IP was reported 34 times. Confidence of Abuse is 100%: ?

100%

ISP	XL Internet Services Amsterdam Network
Usage Type	Data Center/Web Hosting/Transit
ASN	AS20857
Hostname(s)	hosting.krve.nl
Domain Name	xl-is.net
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.31.103.53

Whois 89.31.103.53

IP Abuse Reports for 89.31.103.53:

This IP address has been reported a total of 34 times from 29 distinct sources. 89.31.103.53 was first reported on April 30th 2026, and the most recent report was 1 hour ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 ghostwarriors	2026-06-07 16:20:20 (1 hour ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇫🇷 dynamix	2026-06-07 15:51:55 (2 hours ago)	Multiple WAF Violations	Web App Attack
🇺🇸 Power Ca	2026-06-07 12:56:47 (5 hours ago)	89.31.103.53 - - [07/Jun/2026:12:56:46 +0000] "GET /.env HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows ... show more 89.31.103.53 - - [07/Jun/2026:12:56:46 +0000] "GET /.env HTTP/1.1" 301 178 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" ... show less	Web App Attack Hacking
🇹🇭 Sawasdee	2026-06-07 11:24:08 (6 hours ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇩🇪 pigro	2026-06-07 11:11:41 (6 hours ago)	89.31.103.53 - - [07/Jun/2026:13:11:35 +0200] "GET /.git/HEAD HTTP/1.1" 404 125 "-" "Mozilla/5.0 (co ... show more 89.31.103.53 - - [07/Jun/2026:13:11:35 +0200] "GET /.git/HEAD HTTP/1.1" 404 125 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" 89.31.103.53 - - [07/Jun/2026:13:11:40 +0200] "GET /.env HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 14.4; rv:125.0) Gecko/20100101 Firefox/125.0" ... show less	Web App Attack
🇦🇷 Bruno	2026-06-07 08:57:53 (9 hours ago)	Port Scanner: 89.31.103.53	Port Scan
🇮🇩 PENJAGA.AUM	2026-06-07 07:42:49 (10 hours ago)	89.31.103.53 - Attack: GPL WEB_SERVER .htpasswd access	Web App Attack SQL Injection Spoofing
🇺🇸 RAP	2026-06-07 06:13:44 (11 hours ago)	2026-06-07 06:13:44 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇨🇿 ptlab	2026-06-07 04:00:04 (14 hours ago)	Detected env_leak attack from WP-host.	Hacking Web App Attack
🇵🇱 nfsec.pl	2026-06-07 03:50:35 (14 hours ago)	Detected: TCP scan on port: 8080 with flags: SYN	Port Scan
🇺🇸 RAP	2026-06-07 01:36:22 (16 hours ago)	2026-06-07 01:36:22 UTC Unauthorized activity to TCP port 8080. Web App	Port Scan Web App Attack
🇬🇧 andypiper	2026-06-07 01:01:35 (17 hours ago)	CrowdSec ban for AbuseIPDB Top List	Brute-Force Web App Attack
🇷🇸 Scan	2026-06-07 00:14:38 (17 hours ago)	MultiHost/MultiPort Probe, Scan, Hack -	Port Scan Hacking
🇺🇸 TPI-Abuse	2026-06-06 23:23:56 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.31.103.53 (hosting.krve.nl): 1 in the last 3 ... show more (mod_security) mod_security (id:210492) triggered by 89.31.103.53 (hosting.krve.nl): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 19:23:48.431693 2026] [security2:error] [pid 18731:tid 18731] [client 89.31.103.53:47482] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.113"] [uri "/.git/config"] [unique_id "aiSsBLsXIyBMLO5GAg1nlAAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Holger	2026-06-06 20:04:36 (22 hours ago)	Bruteforce WebAttack	Brute-Force Web App Attack

Showing 1 to 15 of 34 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.246.176.7

🇺🇸 66.132.195.29

🇮🇪 54.74.204.155

🇩🇪 45.38.190.97

🇺🇸 43.166.242.149

🇪🇬 41.128.181.199

🇬🇧 216.226.76.30

🇮🇳 152.52.220.126

🇲🇽 101.44.25.58

🇳🇱 45.156.128.151

🇺🇸 34.162.200.25

🇮🇳 14.194.125.58

🇺🇸 216.180.246.176

🇭🇰 154.92.17.30

🇲🇾 145.79.28.121

🇧🇩 103.179.198.19

🇳🇱 45.148.10.147

🇧🇩 123.49.38.114

🇨🇳 120.48.174.36

🇷🇴 92.118.39.236