JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.40.222.58

89.40.222.58 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 3%: ?

ISP	H Development & Management SRL
Usage Type	Data Center/Web Hosting/Transit
ASN	AS48955
Domain Name	ip.ro
Country	🇷🇴 Romania
City	Bucharest, Bucharest

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.40.222.58

Whois 89.40.222.58

IP Abuse Reports for 89.40.222.58:

This IP address has been reported a total of 12 times from 7 distinct sources. 89.40.222.58 was first reported on December 12th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇪 AutosOnShow	2026-06-24 19:46:05 (2 days ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-06-24 19:45:27.778 \|	Web App Attack
🇮🇪 AutosOnShow	2026-05-22 09:30:08 (1 month ago)	blocked for webapp attack \| path requested: /.env \| seen at 2026-05-22 09:29:23.129 \|	Web App Attack
🇺🇸 floreriaexpress	2026-04-23 00:09:36 (2 months ago)	FakeADS-Anti: country:RO \| https://floreriaexpresschile.cl/product/coronita-para-adicionar/	Bad Web Bot
🇮🇪 Jim Keir	2025-11-13 19:01:20 (7 months ago)	2025-11-13 19:01:19 89.40.222.58 File scanning, blocking 89.40.222.58 for 5 minutes	Web App Attack
🇮🇪 Jim Keir	2025-10-09 04:11:13 (8 months ago)	2025-10-09 04:11:13 89.40.222.58 File scanning, blocking 89.40.222.58 for 5 minutes	Web App Attack
🇮🇪 Jim Keir	2025-10-03 21:23:07 (8 months ago)	2025-10-03 21:23:07 89.40.222.58 File scanning, blocking 89.40.222.58 for 5 minutes	Web App Attack
🇸🇬 Charles	2025-09-15 10:54:28 (9 months ago)	89.40.222.58 - - [15/Sep/2025:18:54:25 +0800] "GET /.env HTTP/1.1" 404 5930 "-" "Mozilla/5.0 (Window ... show more 89.40.222.58 - - [15/Sep/2025:18:54:25 +0800] "GET /.env HTTP/1.1" 404 5930 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36" ... show less	Web Spam Email Spam Brute-Force Bad Web Bot Web App Attack SSH
🇨🇳 ThreatBook.io	2025-09-11 22:15:14 (9 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/89.40.222.58 2025-09-1 ... show more ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/89.40.222.58 2025-09-11 12:21:41 /.env 2025-09-11 12:21:41 /,{"body":"0x%5B%5D=androxgh0st","content_type":"application/x-www-form-urlencoded","header":{"Accept":["/"],"Accept-Encoding":["gzip"],"Connection":["close"],"Content-Length":["20"],"Content-Type":["application/x-www-form-urlencoded"],"User-Agent":["Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"]},"host":"54.179.199.3","method":"POST","proto":"HTTP/1.1","remote_addr":"89.40.222.58:58279","status_code":200,"url":"/","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.5845.140 Safari/537.36"} show less	Web App Attack
🇨🇴 j458rjqwi348fhjq46	2025-08-05 12:18:21 (10 months ago)	Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extende ... show more Malicious IP detected by WAF with anomaly score 10.0. Attack types: Suspicious URL detected (extended rules), Exposure of environment file (.env), Timestamp deviates by 1.8 hours. Activity: 131 requests to 2 URLs. Period: 2025-08-05 06:52:47 - 2025-08-05 06:52:47 (America/Bogota). Origin: RO. Source: Automated WAF log analysis. show less	Hacking Web App Attack
🇮🇪 AutosOnShow	2025-07-03 20:00:27 (11 months ago)	\| blocked for webapp attack \| seen at 2025-07-03 19:12:43.769 \|	Web App Attack
Anonymous	2025-02-13 09:33:23 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2024-12-12 16:10:39 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 200.150.74.254

🇵🇱 195.3.220.7

🇳🇱 178.16.54.22

🇹🇭 152.32.245.27

🇯🇵 149.22.87.52

🇺🇸 47.89.251.186

🇧🇷 45.205.1.242

🇺🇸 44.79.248.236

🇬🇧 35.203.210.146

🇻🇳 14.171.196.239

🇨🇳 157.0.147.156

🇩🇪 51.68.179.234

🇺🇸 44.57.199.115

🇺🇸 198.23.130.204

🇧🇷 177.76.134.52

🇸🇪 158.174.210.161

🇮🇳 106.51.92.114

🇳🇱 91.92.42.7

🇳🇱 91.92.40.231

🇺🇸 44.93.250.61