JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.37.63.148

89.37.63.148 was found in our database!

This IP was reported 15 times. Confidence of Abuse is 30%: ?

30%

ISP	Mullvad VPN AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mullvad.net
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.37.63.148

Whois 89.37.63.148

IP Abuse Reports for 89.37.63.148:

This IP address has been reported a total of 15 times from 7 distinct sources. 89.37.63.148 was first reported on November 28th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-11 15:05:22 (5 days ago)	Abuse Detected (2)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 14:56:50 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 10:56:46.494940 2026] [security2:error] [pid 32737:tid 32737] [client 89.37.63.148:41676] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cherith-bible-inst.org"] [uri "/.git/index"] [unique_id "airMrjuLiIoaVvaHTw9-aAAAADQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 14:21:22 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 10:21:16.709072 2026] [security2:error] [pid 24406:tid 24531] [client 89.37.63.148:40022] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ceol.com"] [uri "/.git/index"] [unique_id "airEXAZwmX_GnsiR_GRs1AAAAQ4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 big-cloud.nl	2026-06-11 13:56:34 (5 days ago)	Try to access /.git/index	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:51:57 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:51:51.665371 2026] [security2:error] [pid 25585:tid 25585] [client 89.37.63.148:39476] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "catzpaw.com"] [uri "/.git/index"] [unique_id "aiq9dyrQP4PeBWOA1_2zZwAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:34:45 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:34:38.542887 2026] [security2:error] [pid 10947:tid 10947] [client 89.37.63.148:59898] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "casadelsolmexico.net"] [uri "/.git/index"] [unique_id "aiq5bif-WV7t1hdRL2pOXwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 13:12:56 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 09:12:51.683993 2026] [security2:error] [pid 5989:tid 5989] [client 89.37.63.148:44008] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caquintet.com"] [uri "/.git/index"] [unique_id "aiq0Uzo3iI3seu6Pi2vBBgAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-11 12:53:30 (5 days ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:51:23 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:51:16.562871 2026] [security2:error] [pid 9121:tid 9121] [client 89.37.63.148:34048] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cameronwv.com"] [uri "/.git/index"] [unique_id "aiqvROPMH810BS1eFH9UIQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 12:35:58 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 08:35:55.521746 2026] [security2:error] [pid 23275:tid 23275] [client 89.37.63.148:53304] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "caferutadelaseda.com"] [uri "/.git/index"] [unique_id "aiqrq7ttRmvGTNcZfia7iQAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-06-11 12:05:15 (5 days ago)	Abuse Detected (3)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-11 11:31:46 (5 days ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.148 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 11 07:31:39.900733 2026] [security2:error] [pid 10311:tid 10459] [client 89.37.63.148:47976] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "8mm-stockfootage.com"] [uri "/.git/index"] [unique_id "aiqcm2Fzva38OS08eYyNVAAAARU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-07 15:30:06 (3 months ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇱🇻 garmtech.com	2026-03-07 15:25:28 (3 months ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇩🇪 marzzzello	2025-11-28 11:31:50 (6 months ago)	Ports: 25x 44017	Port Scan

Showing 1 to 15 of 15 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 209.50.190.61

🇧🇷 205.210.31.163

🇿🇦 196.25.239.70

🇺🇸 147.185.132.212

🇺🇸 143.42.164.182

🇮🇳 117.247.23.131

🇨🇳 117.62.232.202

🇺🇸 94.72.112.185

🇩🇪 82.115.30.125

🇺🇸 34.145.223.204

🇧🇷 20.197.178.106

🇫🇮 2a01:4f9:c013:48e1::1

🇨🇳 222.128.15.132

🇺🇸 216.180.224.122

🇺🇸 208.84.100.207

🇨🇳 202.111.183.254

🇲🇽 189.178.84.91

🇦🇷 186.122.177.140

🇮🇳 182.95.233.86

🇨🇳 182.43.164.191