JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 170.168.29.189

170.168.29.189 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 17%: ?

17%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 170.168.29.189

Whois 170.168.29.189

IP Abuse Reports for 170.168.29.189:

This IP address has been reported a total of 13 times from 9 distinct sources. 170.168.29.189 was first reported on March 14th 2026, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 librebit	2026-06-21 21:07:43 (4 days ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-06-18 08:41:43 (1 week ago)	Brute force	Brute-Force
🇪🇸 librebit	2026-06-17 00:20:20 (1 week ago)	Brute force	Brute-Force
🇫🇷 masterguru	2026-04-29 16:28:17 (1 month ago)	(modsec_5080) ModSec 5080: Infrastructure subdomain probe from 170.168.29.189 (FR/France/-): 1 in th ... show more (modsec_5080) ModSec 5080: Infrastructure subdomain probe from 170.168.29.189 (FR/France/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇺🇸 TPI-Abuse	2026-04-27 16:02:54 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 170.168.29.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 170.168.29.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 12:02:46.037114 2026] [security2:error] [pid 32350:tid 32350] [client 170.168.29.189:27881] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.corinthianscruise.bahamascruisersguide.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.corinthianscruise.bahamascruisersguide.com"] [uri "/s3cmd.ini"] [unique_id "ae-IppnNRZTzEkW0Q6bQJAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-27 08:46:30 (1 month ago)	FPROCO WEBEXPLOIT 170.168.29.189 (170.168.29.189)	Web App Attack
🇺🇸 TPI-Abuse	2026-04-26 16:56:54 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 170.168.29.189 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 170.168.29.189 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 12:56:50.353897 2026] [security2:error] [pid 18833:tid 18845] [client 170.168.29.189:21987] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.fraudexaminercertified.com.aafm.us\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.fraudexaminercertified.com.aafm.us"] [uri "/s3cmd.ini"] [unique_id "ae5D0rt-YMELMYUQ0pkfGAAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 ptlab	2026-04-21 04:47:49 (2 months ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇺🇸 kosada.com	2026-04-19 23:25:22 (2 months ago)	Web password guessing	Brute-Force
🇩🇪 Hazzard	2026-03-31 21:32:38 (2 months ago)	(wordpress) Failed wordpress login from 170.168.29.189 (FR/France/Ille-et-Vilaine/Princé/-/[redacted ... show more (wordpress) Failed wordpress login from 170.168.29.189 (FR/France/Ille-et-Vilaine/Princé/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 kosada.com	2026-03-31 16:00:38 (2 months ago)	Web password guessing	Brute-Force
🇮🇹 VHosting	2026-03-26 20:21:59 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇨🇿 krok141	2026-03-14 20:38:00 (3 months ago)	Find WP files	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇯🇵 20.89.235.8

🇺🇸 208.84.100.128

🇬🇧 194.50.235.155

🇨🇱 190.114.33.86

🇲🇽 189.197.192.101

🇻🇪 186.167.113.29

🇳🇱 185.93.89.147

🇺🇸 184.105.247.206

🇱🇰 182.161.1.109

🇲🇴 182.93.7.194

🇺🇸 173.255.225.139

🇺🇸 172.239.62.109

🇩🇪 167.71.56.135

🇺🇸 162.216.150.63

🇨🇳 123.207.65.62

🇨🇳 122.232.105.106

🇨🇳 112.32.138.180

🇻🇳 103.74.118.39

🇺🇸 98.142.103.98

🇷🇺 37.79.232.82