JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.58.26.216

89.58.26.216 was found in our database!

This IP was reported 1,876 times. Confidence of Abuse is 100%: ?

100%

This address is a Tor exit node. Neither the owner nor the provider are directly behind the offending action.

ISP	netcup GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197540
Hostname(s)	NurembergTor78.quetzalcoatl-relays.org
Domain Name	netcup.de
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.58.26.216

Whois 89.58.26.216

IP Abuse Reports for 89.58.26.216:

This IP address has been reported a total of 1,876 times from 372 distinct sources. 89.58.26.216 was first reported on November 5th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 s@ch@	2026-06-04 19:45:04 (3 days ago)	Jail: plesk-panel \| Web application attack (Plesk Panel)	Web App Attack
Anonymous	2026-06-04 11:12:08 (4 days ago)		Web Spam Bad Web Bot
🇨🇦 zXero	2026-06-03 12:39:21 (5 days ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇩🇪 ghostwarriors	2026-06-01 22:20:27 (6 days ago)	Webpage scraping	Brute-Force Bad Web Bot Web App Attack
🇩🇪 LRob.fr	2026-05-31 17:45:03 (1 week ago)	Plesk panel brute-force detected by Fail2Ban in plesk-panel jail	Web App Attack
Anonymous	2026-05-30 23:55:09 (1 week ago)	Attac	Brute-Force
🇩🇪 Duggy_Tuxy🧱	2026-05-30 23:41:36 (1 week ago)	[SW01-SRV01-DE] Blocked by SysWarden Firewall (Web Attack)	Web App Attack Hacking Port Scan
🇩🇪 raph	2026-05-30 06:39:00 (1 week ago)	[005] content filter failure, web form spam detected	Web Spam Blog Spam
🇨🇦 zXero	2026-05-29 12:33:33 (1 week ago)	Fail2Ban automatic report - jail: no-wordpress	Brute-Force SSH DDoS Attack
🇩🇪 LRob.fr	2026-05-27 10:31:14 (1 week ago)	Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ... show more Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail show less	Brute-Force Web App Attack
🇺🇸 cwytech	2026-05-26 18:34:53 (1 week ago)	Fleet-wide ban from the Ghostfleet 👻. Triggered by scenario: cwy/web-asn-lockdown-high.	Bad Web Bot Web App Attack
Anonymous	2026-05-26 10:57:47 (1 week ago)	REPM WEBFORM SPAM 89.58.26.216 (NurembergTor78.quetzalcoatl-relays.org)	Web Spam
🇧🇪 voormedia	2026-05-25 18:21:07 (1 week ago)	Accessed trap at '/admin.php'	Web App Attack
🇮🇳 evicky2002	2026-05-25 06:00:00 (2 weeks ago)	Confirmed malicious by STILWaters CTI platform (score=100, sources=1)	Hacking Brute-Force SSH
🇺🇸 LotPhantom	2026-05-21 23:22:21 (2 weeks ago)	89.58.26.216 - - [21/May/2026:23:21:22 +0000] "GET /lander/pl---bitcointraderai---alo_1770898458/ind ... show more 89.58.26.216 - - [21/May/2026:23:21:22 +0000] "GET /lander/pl---bitcointraderai---alo_1770898458/index.php HTTP/1.1" 404 0 "https://job-search-api.bridginggaps.tech/lander/pl---bitcointraderai---alo_1770898458/index.php" "Mozilla/5.0 (iPhone; CPU iPhone OS 18_7 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/26.4 Mobile/15E148 Safari/604.1" ... show less	Web App Attack

Showing 1 to 15 of 1876 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 213.152.161.54

🇺🇸 195.184.76.67

🇰🇿 95.82.81.9

🇫🇷 91.196.152.219

🇨🇳 39.64.107.8

🇺🇸 34.73.252.12

🇬🇧 31.59.33.232

🇦🇪 20.203.42.204

🇨🇳 223.199.191.89

🇳🇱 176.65.148.229

🇺🇸 162.217.160.226

🇯🇵 136.110.81.208

🇲🇾 121.123.141.251

🇷🇴 80.94.92.165

🇺🇸 73.18.241.98

🇺🇸 65.49.20.124

🇦🇪 47.91.125.252

🇬🇧 5.226.140.31

🇧🇪 207.175.75.78

🇵🇰 121.52.147.5