JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.89.42.134

185.89.42.134 was found in our database!

This IP was reported 7 times. Confidence of Abuse is 7%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.89.42.134

Whois 185.89.42.134

IP Abuse Reports for 185.89.42.134:

This IP address has been reported a total of 7 times from 5 distinct sources. 185.89.42.134 was first reported on April 22nd 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-05-18 17:26:23 (1 month ago)	Fail2Ban banned 185.89.42.134 for security violations in jail wp-armour. Log: 2026/05/18 17:26:18 [e ... show more Fail2Ban banned 185.89.42.134 for security violations in jail wp-armour. Log: 2026/05/18 17:26:18 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 185.89.42.134 \| Target: wplogin" , client: 185.89.42.134, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇺🇸 TPI-Abuse	2026-05-06 20:43:56 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 06 16:43:52.633458 2026] [security2:error] [pid 14144:tid 14144] [client 185.89.42.134:26033] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thestardance.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thestardance.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afuoCPzArs3p7vOIG0Xt_AAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-05 16:21:21 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 05 12:21:16.231314 2026] [security2:error] [pid 18903:tid 18903] [client 185.89.42.134:40629] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ontimelogistiks.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ontimelogistiks.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afoY_FEH60x8TSrdwvmGywAAABA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-28 20:37:01 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.134 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 28 16:36:52.845331 2026] [security2:error] [pid 20882:tid 20882] [client 185.89.42.134:44361] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tekbit.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tekbit.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afEaZBWiaXMnCe_T3zanFgAAACM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2024-11-24 14:51:48 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.134 2024-11-24T15:37:53+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.134 2024-11-24T15:37:53+01:00 vpn Access-Reject '525' station: 185.89.42.134 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇵🇱 TI	2023-10-28 10:12:07 (2 years ago)	Scrapping website, using diffrent useragents, not wait for response, #botnet20231026	DDoS Attack Bad Web Bot
🇸🇪 Lemmy	2023-04-22 17:40:55 (3 years ago)	SQL Injection	SQL Injection

Showing 1 to 7 of 7 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇪🇸 212.64.172.182

🇦🇺 203.185.199.72

🇺🇸 2607:f8b0:4023:100d::123

🇺🇸 104.236.118.31

🇳🇬 62.173.38.229

🇳🇱 172.233.41.27

🇹🇷 159.253.39.62

🇹🇭 147.50.231.135

🇨🇳 106.13.79.83

🇮🇩 103.169.252.190

🇳🇱 85.11.167.136

🇫🇷 83.169.1.209

🇱🇹 62.60.130.219

🇰🇷 61.72.145.120

🇨🇦 3.98.127.233

🇺🇸 3.22.234.7

🇺🇸 3.22.97.70

🇮🇳 2a02:4780:12:73df::1

🇨🇳 223.91.89.241

🇨🇳 218.71.59.70