JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.58.31.106

89.58.31.106 was found in our database!

This IP was reported 196 times. Confidence of Abuse is 100%: ?

100%

ISP	netcup GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197540
Hostname(s)	server8.1.serversnation.com
Domain Name	netcup.de
Country	🇩🇪 Germany
City	Nuremberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.58.31.106

Whois 89.58.31.106

IP Abuse Reports for 89.58.31.106:

This IP address has been reported a total of 196 times from 130 distinct sources. 89.58.31.106 was first reported on February 7th 2022, and the most recent report was 13 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 poundawebsiteltd	2026-06-18 20:16:03 (13 hours ago)	WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 89.58.31.106 - - [18/Jun/2026:21:15:58 +0100] PO ... show more WP Exploit attempt. Evidence: [REDACTED_DOMAIN]:443 89.58.31.106 - - [18/Jun/2026:21:15:58 +0100] POST /wp-login.php HTTP/2.0 200 3731 https://[REDACTED_DOMAIN]/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36 Edg/133.0.0.0 show less	Web App Attack
🇦🇺 FSB.ru - Is it?	2026-06-18 20:13:39 (13 hours ago)	Brute force login for honeypot user accounts	Brute-Force Web App Attack
🇩🇪 AlexEventfahrtenIPDB	2026-06-18 19:14:16 (14 hours ago)	[Thu Jun 18 21:14:16.116762 2026] [authz_core:error] [pid 1375627:tid 1375627] [client 89.58.31.106: ... show more [Thu Jun 18 21:14:16.116762 2026] [authz_core:error] [pid 1375627:tid 1375627] [client 89.58.31.106:37702] AH01630: client denied by server configuration: /var/www/std-sites/cadillac/wp-login.php ... show less	Brute-Force Web App Attack
🇬🇧 spamverify.com	2026-06-18 19:13:50 (14 hours ago)	Honeypot Hit: WordPress Login	Web Spam Blog Spam Bad Web Bot Web App Attack
🇫🇷 ELYAZ	2026-06-18 19:13:49 (14 hours ago)	(y4) Failed scan -byebye- from 89.58.31.106 (DE/Germany/server8.1.serversnation.com): (CF_ENABLE)	Hacking
Anonymous	2026-06-18 11:46:27 (21 hours ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-18 05:11:57 (1 day ago)	<jail> banned by fail2ban	Brute-Force Web App Attack
🇲🇹 Malta	2026-06-17 23:51:20 (1 day ago)	89.58.31.106 - - [18/Jun/2026:01:51:19 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux ... show more 89.58.31.106 - - [18/Jun/2026:01:51:19 +0200] "POST /wp-login.php HTTP/1.1" "Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36" Brute-force password attempt show less	Hacking Web App Attack Brute-Force
🇸🇮 administrator	2026-06-17 22:01:27 (1 day ago)	2026-06-16 01:42:58,724 fail2ban.actions [203556]: NOTICE [webadmin-badips] Ban 89.58.31.106 ... show more 2026-06-16 01:42:58,724 fail2ban.actions [203556]: NOTICE [webadmin-badips] Ban 89.58.31.106 2026-06-17 00:01:36,968 fail2ban.actions [203556]: NOTICE [webadmin-nfw] Ban 89.58.31.106 2026-06-18 00:01:23,180 fail2ban.actions [203556]: NOTICE [webadmin-nfw] Ban 89.58.31.106 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇩🇪 ger-stg-sifi1	2026-06-17 06:47:32 (2 days ago)	(wordpress) Failed wordpress login using wp-login.php or xmlrpc.php	Web App Attack
Anonymous	2026-06-17 04:31:36 (2 days ago)	Failed login attempt detected by Fail2Ban in plesk-postfix jail	Brute-Force
Anonymous	2026-06-17 02:46:22 (2 days ago)	Failed Wordpress Logins	Web App Attack
Anonymous	2026-06-16 23:44:00 (2 days ago)	Part of a persistent, large-scale spam campaign. This IP is used to distribute phishing emails promo ... show more Part of a persistent, large-scale spam campaign. This IP is used to distribute phishing emails promoting illicitly modified B-CAS cards. The associated landing pages are intentionally using Cloudflare’s protection to conceal their activities (Cloaking). This is a verified malicious actor involved in long-term fraud and victim tracking. [Illegally modified B-CAS card sales site: https://bom.so/Tk8rbT -> https://iajmghkwhkjk.top/] show less	Web Spam Email Spam Spoofing Phishing
🇫🇷 tecnicorioja	2026-06-16 22:01:46 (2 days ago)	wp-login attack [16/Jun/2026:05:42:12	Brute-Force Web App Attack
🇬🇧 SCLwebadministrator	2026-06-16 13:12:00 (2 days ago)	Bruteforce WordPress logins detected with Loginizer	Brute-Force Web App Attack Hacking

Showing 1 to 15 of 196 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇳 202.141.26.181

🇨🇳 180.167.128.203

🇰🇷 101.33.80.42

🇨🇳 101.23.75.221

🇫🇷 13.140.155.136

🇵🇰 223.123.46.71

🇦🇿 188.227.221.191

🇧🇷 181.189.62.33

🇺🇸 172.234.218.87

🇮🇳 159.65.148.158

🇩🇪 151.243.11.37

🇺🇸 143.42.1.123

🇧🇷 143.0.112.114

🇨🇳 121.228.126.172

🇺🇸 107.150.97.147

🇨🇳 52.81.18.39

🇺🇸 43.135.172.89

🇧🇪 34.96.41.97

🇫🇷 217.76.55.220

🇷🇺 213.180.203.140