JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.58.57.45

89.58.57.45 was found in our database!

This IP was reported 51 times. Confidence of Abuse is 0%: ?

ISP	netcup GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS197540
Hostname(s)	v2202302183353218405.goodsrv.de
Domain Name	netcup.de
Country	🇩🇪 Germany
City	Nurnberg, Bavaria

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.58.57.45

Whois 89.58.57.45

IP Abuse Reports for 89.58.57.45:

This IP address has been reported a total of 51 times from 26 distinct sources. 89.58.57.45 was first reported on July 5th 2022, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇲🇾 Rizzy	2026-03-14 21:01:03 (2 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇩🇪 GunsawianHosting	2026-03-12 17:08:57 (2 months ago)	Open Proxy	Open Proxy
🇩🇪 outputblog.de	2026-03-04 13:16:06 (3 months ago)	apache-wp-probephp	Port Scan Hacking Brute-Force
🇵🇱 cheatmaster.store	2026-02-26 06:12:45 (3 months ago)	Automated report: This IP address has been identified as an active public open proxy. Classification ... show more Automated report: This IP address has been identified as an active public open proxy. Classification: Open Proxy \| Spoofing \| VPN/Anonymizer \| Bad Web Bot. Country: Germany Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic. Reported by automated threat intelligence pipeline. Do not whitelist without manual verification. show less	Web Spam Port Scan Web App Attack
🇮🇹 Progetto1	2026-02-10 13:35:02 (3 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack
🇺🇸 TPI-Abuse	2026-02-07 15:05:46 (3 months ago)	(mod_security) mod_security (id:217280) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): ... show more (mod_security) mod_security (id:217280) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 07 10:05:40.571125 2026] [security2:error] [pid 20622:tid 20622] [client 89.58.57.45:56420] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?:\\\\n\|\\\\r)+(?:get\|post\|head\|options\|connect\|put\|delete\|trace\|propfind\|propatch\|mkcol\|copy\|move\|lock\|unlock)\\\\s+" at MATCHED_VAR. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "137"] [id "217280"] [rev "6"] [msg "COMODO WAF: HTTP Request Smuggling Attack\|\|pcsyportatiles.com\|F\|2"] [data "Matched Data: get found within MATCHED_VAR"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "pcsyportatiles.com"] [uri "/"] [unique_id "aYdUxML2qCqf9EM7cLodSAAAAAY"], referer: http://pcsyportatiles.com show less	Brute-Force Bad Web Bot Web App Attack
🇲🇾 Rizzy	2026-02-05 19:17:27 (3 months ago)	Multiple WAF Violations	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-05 14:55:22 (3 months ago)	(mod_security) mod_security (id:210831) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): ... show more (mod_security) mod_security (id:210831) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 05 09:55:16.418595 2026] [security2:error] [pid 1802167:tid 1802167] [client 89.58.57.45:47348] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|backstore.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "backstore.com"] [uri "/usage_202602.html"] [unique_id "aYSvVIRMdmLzX6Kf4qDJ9wAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-01-19 13:38:02 (4 months ago)	2026-01-19 14:38:02 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇳🇱 homeshowdomain.nl	2026-01-16 22:59:13 (4 months ago)	Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on ... show more Auto-ban: single probe for restricted files (.env / backups / admin endpoints). Likely mass-scan on 2026-01-15. show less	Hacking Web App Attack SSH
🇺🇸 TPI-Abuse	2026-01-15 20:53:46 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): ... show more (mod_security) mod_security (id:210492) triggered by 89.58.57.45 (v2202302183353218405.goodsrv.de): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 15:53:39.669661 2026] [security2:error] [pid 18060:tid 18060] [client 89.58.57.45:58066] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/config/parameters.yml" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.electric-cosmos.com"] [uri "/app/config/parameters.yml"] [unique_id "aWlT08xlfErLolPWww-lsAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2026-01-15 02:54:44 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 89.58.57.45 (DE/Germany/v2202302183 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 89.58.57.45 (DE/Germany/v2202302183353218405.goodsrv.de): 1 in the last 3600 secs show less	Web App Attack
Anonymous	2026-01-15 01:55:01 (4 months ago)	suspicious request in access.log	Web App Attack
🇸🇬 pusathosting.com	2026-01-14 19:10:05 (4 months ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇮🇹 Progetto1	2026-01-13 07:05:02 (4 months ago)	Website Scanning / Scraping	Bad Web Bot Exploited Host Web App Attack

Showing 1 to 15 of 51 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 221.10.187.253

🇨🇴 190.5.200.98

🇳🇱 185.226.197.28

🇨🇳 111.32.153.180

🇯🇵 103.163.220.119

🇺🇸 64.236.140.192

🇮🇩 163.7.4.169

🇧🇷 152.32.199.20

🇺🇦 128.0.104.44

🇨🇳 116.255.169.129

🇦🇺 110.239.34.239

🇨🇳 101.201.104.216

🇩🇪 69.5.169.51

🇳🇱 45.153.34.43

🇳🇱 45.128.199.127

🇳🇱 20.123.146.92

🇮🇪 18.201.186.84

🇺🇸 216.180.246.101

🇳🇱 195.211.191.112

🇮🇳 182.70.243.207