JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.37.63.199

89.37.63.199 was found in our database!

This IP was reported 23 times. Confidence of Abuse is 55%: ?

55%

ISP	Mullvad VPN AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mullvad.net
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.37.63.199

Whois 89.37.63.199

IP Abuse Reports for 89.37.63.199:

This IP address has been reported a total of 23 times from 15 distinct sources. 89.37.63.199 was first reported on April 29th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 rdpguard.com	2026-06-14 03:12:52 (1 day ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 mnsf	2026-06-14 03:08:36 (1 day ago)	Abuse Detected (3)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 03:01:44 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 23:01:38.601069 2026] [security2:error] [pid 11331:tid 11331] [client 89.37.63.199:44486] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "crearcuestionarios.com"] [uri "/.git/index"] [unique_id "ai4ZkhwBVODJ7ucR8BnCJAAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 02:10:08 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 22:10:01.603964 2026] [security2:error] [pid 23132:tid 23132] [client 89.37.63.199:40742] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "connectigramme.com"] [uri "/.git/index"] [unique_id "ai4NeTK8CorGuLLRnudvkwAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 01:14:11 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 21:14:03.491947 2026] [security2:error] [pid 13295:tid 13295] [client 89.37.63.199:59864] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cmgpartners.com"] [uri "/.git/index"] [unique_id "ai4AW83qRywNHklGPaZ_XgAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇧🇪 cmbplf	2026-06-14 00:59:40 (1 day ago)	271 requests with url.path .git/	Brute-Force Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-14 00:52:53 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 20:52:47.530626 2026] [security2:error] [pid 29103:tid 29103] [client 89.37.63.199:50508] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "clayrivers.com"] [uri "/.git/index"] [unique_id "ai37X3Dj2I9TxLUmF4z9TgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 AvonleaConsulting	2026-06-14 00:49:45 (1 day ago)	Scanning unused Default website or suspicious access to valid sites from IP marked as abusive	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 00:32:49 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 20:32:43.175889 2026] [security2:error] [pid 6514:tid 6514] [client 89.37.63.199:41384] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "circulodesonido.org"] [uri "/.git/index"] [unique_id "ai32q3bcwfq2kI4sJKEzcAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-14 00:13:32 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 20:13:26.695652 2026] [security2:error] [pid 1347:tid 1347] [client 89.37.63.199:45478] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "christineohlman.net"] [uri "/.git/index"] [unique_id "ai3yJvgv-CWqTqZn0oXI6QAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 23:49:26 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:49:20.708520 2026] [security2:error] [pid 4574:tid 4574] [client 89.37.63.199:60528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "chezlubacov.org"] [uri "/.git/index"] [unique_id "ai3sgDpsaLnEsurRXrLEPQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 kosada.com	2026-06-13 23:37:16 (1 day ago)	Web vulnerability probing: /.git/index	Web App Attack
🇺🇸 TPI-Abuse	2026-06-13 23:23:35 (1 day ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.199 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 13 19:23:31.620788 2026] [security2:error] [pid 20175:tid 20205] [client 89.37.63.199:44554] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aceelectricalsupplies.com"] [uri "/.git/index"] [unique_id "ai3mcyquuXnV8uL_wa3LtwAAAFI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 SiliSoftware	2026-05-23 00:51:05 (3 weeks ago)	/phpBB3/download/file.php?id=225	Web App Attack
Anonymous	2026-05-03 16:10:04 (1 month ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection

Showing 1 to 15 of 23 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 180.153.91.15

🇳🇱 45.148.10.134

🇬🇧 34.89.42.92

🇰🇷 14.51.223.131

🇰🇷 222.232.176.7

🇳🇱 176.65.139.229

🇫🇮 135.181.182.250

🇮🇩 114.10.149.12

🇫🇮 81.27.98.217

🇺🇸 66.132.186.244

🇺🇸 3.144.91.72

🇩🇪 213.209.159.241

🇫🇷 185.250.36.130

🇺🇸 152.32.207.172

🇩🇪 151.243.11.35

🇺🇸 137.184.159.11

🇷🇺 79.143.30.214

🇺🇸 74.125.80.149

🇩🇿 41.200.21.154

🇳🇱 31.14.32.4