JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.37.63.42

89.37.63.42 was found in our database!

This IP was reported 27 times. Confidence of Abuse is 43%: ?

43%

ISP	Mullvad VPN AB
Usage Type	Data Center/Web Hosting/Transit
ASN	AS212238
Domain Name	mullvad.net
Country	🇸🇪 Sweden
City	Stockholm, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.37.63.42

Whois 89.37.63.42

IP Abuse Reports for 89.37.63.42:

This IP address has been reported a total of 27 times from 20 distinct sources. 89.37.63.42 was first reported on January 29th 2025, and the most recent report was 14 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-06 12:20:02 (14 hours ago)	suspicious request in access.log	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 12:11:08 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 08:11:01.755974 2026] [security2:error] [pid 10896:tid 10896] [client 89.37.63.42:42988] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aupapierjaponais.com"] [uri "/.git/index"] [unique_id "aiQOVfQPmVT2i4Gs4Tk5XQAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 11:55:55 (14 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 07:55:47.111965 2026] [security2:error] [pid 22030:tid 22030] [client 89.37.63.42:50626] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "athletefirst.org"] [uri "/.git/index"] [unique_id "aiQKwwdW0wBX9ryrOqcXRgAAACI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 11:10:22 (15 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 07:10:15.627522 2026] [security2:error] [pid 22001:tid 22001] [client 89.37.63.42:52824] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "artbyrt.com"] [uri "/.git/index"] [unique_id "aiQAF08uAyi5QOmxpfCCpgAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-06 10:24:25 (16 hours ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 10:00:31 (16 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 06:00:24.776540 2026] [security2:error] [pid 3461:tid 3461] [client 89.37.63.42:47168] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ankitoner.com"] [uri "/.git/index"] [unique_id "aiPvuNFiC0E_Od1t-NlQ9gAAABg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:44:40 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:44:33.694903 2026] [security2:error] [pid 12304:tid 12304] [client 89.37.63.42:45526] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "andrejblatnik.com"] [uri "/.git/index"] [unique_id "aiPsAXcM6rlJfXHTHqxBYQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 09:19:35 (17 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 05:19:30.930891 2026] [security2:error] [pid 14989:tid 14989] [client 89.37.63.42:56148] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "americanacademyofteachersofsinging.org"] [uri "/.git/index"] [unique_id "aiPmIrkes1Iw6IPjhl9ZCQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-06 09:06:06 (17 hours ago)		Web App Attack
🇺🇸 TPI-Abuse	2026-06-06 08:36:54 (18 hours ago)	(mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 89.37.63.42 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 06 04:36:48.808486 2026] [security2:error] [pid 29694:tid 29705] [client 89.37.63.42:54358] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "alicefaye.com"] [uri "/.git/index"] [unique_id "aiPcIBBeOp91XL1blvUk4wAAAkg"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Mendip_Defender	2026-06-06 08:32:35 (18 hours ago)	[06/Jun/2026:09:32:31.522477 +0100] aiPbH-XKuTNOfe5Uj-RLHgAAABM 89.37.63.42 58546 188.246.206.60 708 ... show more [06/Jun/2026:09:32:31.522477 +0100] aiPbH-XKuTNOfe5Uj-RLHgAAABM 89.37.63.42 58546 188.246.206.60 7081 [06/Jun/2026:09:32:32.274250 +0100] aiPbIOXKuTNOfe5Uj-RLHwAAAAs 89.37.63.42 58558 188.246.206.60 7081 ... show less	Brute-Force
Anonymous	2026-05-02 07:20:04 (1 month ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇳🇱 mieg	2026-04-30 01:30:41 (1 month ago)	Web vulnerability probing	Brute-Force Web App Attack
🇫🇷 masterguru	2026-04-28 07:55:11 (1 month ago)	Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot\|bingbot\|googlebot\|yandexbot\|duckduckbot ... show more Blocked scraper - old Chrome UA. Match of "rx (?i)(amazonbot\|bingbot\|googlebot\|yandexbot\|duckduckbot)" against "REQUEST_HEADERS:User-Agent" required. (780532-133) show less	Hacking
🇺🇸 xmission.com	2026-01-21 20:45:45 (4 months ago)	Blocked by UFW (TCP on 51413) Source port: 54535 TTL: 44 Packet length: 60 TOS: 0x08 This report (f ... show more Blocked by UFW (TCP on 51413) Source port: 54535 TTL: 44 Packet length: 60 TOS: 0x08 This report (for 89.37.63.42) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan

Showing 1 to 15 of 27 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.25.89.91

🇬🇧 193.176.29.15

🇺🇸 66.132.186.224

🇳🇱 45.148.10.152

🇫🇮 147.185.133.39

🇳🇱 85.121.127.137

🇧🇪 84.196.119.41

🇮🇹 83.224.168.48

🇺🇸 71.6.135.131

🇺🇸 64.62.156.182

🇻🇳 14.225.173.146

🇧🇷 187.85.153.62

🇻🇳 183.91.186.36

🇺🇸 147.185.132.12

🇺🇸 135.237.122.43

🇮🇩 103.175.225.238

🇺🇸 103.4.250.37

🇳🇱 77.83.39.53

🇵🇰 59.103.119.161

🇫🇷 51.159.125.104