JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 98.70.98.64

98.70.98.64 was found in our database!

This IP was reported 166 times. Confidence of Abuse is 0%: ?

ISP	Microsoft Corporation
Usage Type	Data Center/Web Hosting/Transit
ASN	AS8075
Domain Name	microsoft.com
Country	🇮🇳 India
City	Pune, Maharashtra

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 98.70.98.64

Whois 98.70.98.64

IP Abuse Reports for 98.70.98.64:

This IP address has been reported a total of 166 times from 125 distinct sources. 98.70.98.64 was first reported on June 30th 2025, and the most recent report was 5 months ago.

Old Reports: The most recent abuse report for this IP address is from 5 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-12-27 04:46:04 (5 months ago)		Bad Web Bot
🇹🇷 rtbh.com.tr	2025-12-26 20:10:40 (5 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
🇩🇪 itsolon	2025-12-26 11:58:10 (5 months ago)	Fail2Ban plesk-modsecurity ban	Web App Attack SSH
Anonymous	2025-12-26 04:46:03 (5 months ago)		Bad Web Bot
🇳🇱 homeshowdomain.nl	2025-12-25 22:59:21 (5 months ago)	Auto-ban: 288 malicious requests on 2025-12-24 (e.g., env/backup probes, brute-force, or error burst ... show more Auto-ban: 288 malicious requests on 2025-12-24 (e.g., env/backup probes, brute-force, or error bursts). show less	Hacking Web App Attack SSH
🇹🇷 rtbh.com.tr	2025-12-25 20:10:39 (5 months ago)	list.rtbh.com.tr report: tcp/0	Brute-Force
Anonymous	2025-12-25 15:04:07 (5 months ago)	98.70.98.64 - - [24/Dec/2025:13:34:35 +0100] "GET /wp-content/plugins/hellopress/wp_filemanager.php ... show more 98.70.98.64 - - [24/Dec/2025:13:34:35 +0100] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 519 "-" "-" 98.70.98.64 - - [24/Dec/2025:13:34:39 +0100] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 301 4300 "-" "-" 98.70.98.64 - - [24/Dec/2025:13:34:42 +0100] "GET /upload.php HTTP/1.1" 301 443 "-" "-" ... show less	Bad Web Bot
Anonymous	2025-12-25 11:28:08 (5 months ago)	FortiWeb WAF: 168 attacks detected. Threat Score: 16800. Types: Client Management(84), GEO IP(84). O ... show more FortiWeb WAF: 168 attacks detected. Threat Score: 16800. Types: Client Management(84), GEO IP(84). Origin: India. show less	Web App Attack
🇬🇧 openstrike.co.uk	2025-12-25 06:14:19 (5 months ago)	338 attacks on PHP URLs: GET /gmo.php HTTP/1.1	Web App Attack
🇺🇸 octageeks.com	2025-12-25 05:06:08 (5 months ago)	Wordpress malicious attack:[octascan]	Web App Attack
Anonymous	2025-12-25 02:32:54 (5 months ago)	"GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1"	Hacking Web App Attack
🇯🇵 beon	2025-12-25 02:15:00 (5 months ago)	This IP was detected 12 times on my original honeypot and also performed automated reconnaissance an ... show more This IP was detected 12 times on my original honeypot and also performed automated reconnaissance and vulnerability scanning against my server between 2025-12-24T12:39:36Z UTC and 2025-12-24T12:40:00Z UTC. The honeypot files included examples such as: /wp-content/plugins/hellopress/wp_filemanager.php, /themes.php, /404.php, /about.php, /file.php, /item.php and others. It issued 50 HTTP requests targeting 12 distinct suspicious paths within about 24 seconds. The targeted paths included examples such as: /wp-conflg.php, /function.php, /upload.php, /13.php, /wp-cron.php, /alfa-rex.php and others. Some requests targeted file manager scripts commonly abused for remote code execution (e.g. filemanager or elfinder dialogs). Multiple requests used filenames that resemble PHP web shells or exploitation payloads. The behavior is consistent with an automated directory and CMS reconnaissance scan, not normal user browsing. show less	Hacking Brute-Force Web App Attack
🇭🇺 DumaNet	2025-12-25 01:41:00 (5 months ago)	Web app attack attempts, scanning for vulnerability. Date: 2025 Dec 24. 14:37:25 Source IP: 98.70. ... show more Web app attack attempts, scanning for vulnerability. Date: 2025 Dec 24. 14:37:25 Source IP: 98.70.98.64 Portion of the log(s): 98.70.98.64 - [24/Dec/2025:14:37:24 +0100] "GET /ahax.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:24 +0100] "GET /npi.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:23 +0100] "GET /aa.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:23 +0100] "GET /css/index.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:23 +0100] "GET /class20.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:23 +0100] "GET /ext.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:22 +0100] "GET /good.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:22 +0100] "GET /pass.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:22 +0100] "GET /classwithtostring.php HTTP/1.1" 404 153 "-" "-" 98.70.98.64 - [24/Dec/2025:14:37:21 +0100] "GET /dlex.php HTTP/1.1" 404 153 "-" "-" show less	Web App Attack
🇫🇷 tecnicorioja	2025-12-24 23:00:56 (5 months ago)	wp-login attack [24/Dec/2025:10:49:58	Brute-Force Web App Attack
🇳🇱 homeshowdomain.nl	2025-12-24 22:59:26 (5 months ago)	Auto-ban: >3000 req/min op 2025-12-24	Hacking Web App Attack SSH

Showing 1 to 15 of 166 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2602:80d:1007::2b

🇺🇸 173.255.243.63

🇸🇬 148.66.155.35

🇮🇩 103.160.213.137

🇪🇸 94.73.53.195

🇳🇱 85.11.167.118

🇰🇷 61.76.112.4

🇨🇳 60.27.226.209

🇨🇳 42.194.137.127

🇧🇪 35.205.143.232

🇺🇸 18.222.196.52

🇫🇷 194.183.213.12

🇨🇳 180.97.50.218

🇺🇸 162.243.244.10

🇭🇰 152.32.209.62

🇨🇳 123.148.123.242

🇰🇷 113.59.143.106

🇳🇱 64.89.162.167

🇮🇪 52.30.206.143

🇺🇸 50.253.133.58