JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 185.89.42.169

185.89.42.169 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 12%: ?

12%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 185.89.42.169

Whois 185.89.42.169

IP Abuse Reports for 185.89.42.169:

This IP address has been reported a total of 16 times from 7 distinct sources. 185.89.42.169 was first reported on January 22nd 2025, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-05-30 14:19:02 (1 week ago)	FPROCO WEBEXPLOIT 185.89.42.169 (185.89.42.169)	Web App Attack
🇺🇸 TPI-Abuse	2026-05-27 11:11:17 (2 weeks ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 07:11:11.875670 2026] [security2:error] [pid 31353:tid 31353] [client 185.89.42.169:42129] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|maycockfamily.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "maycockfamily.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahbRT_n_Zsga4MHpNvSaFwAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 18:47:46 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 13:47:43.029148 2026] [security2:error] [pid 22016:tid 22114] [client 185.89.42.169:41385] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mcdonaldmountainranch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mcdonaldmountainranch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXJwz9A1Hzf3h2ggBNX43gAAAIw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-21 19:06:47 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 185.89.42.169 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 21 15:06:40.056975 2025] [security2:error] [pid 13329:tid 13329] [client 185.89.42.169:55299] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|kawkacevents.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "kawkacevents.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aPfZwLH93DPRVompntwu7QAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 SilverZippo	2025-10-21 05:17:15 (7 months ago)	Web App Attack	Web App Attack
Anonymous	2025-10-19 09:08:08 (7 months ago)	wordpress-trap	Web App Attack
🇺🇸 kosada.com	2025-10-19 07:01:49 (7 months ago)	Web password guessing	Brute-Force
🇨🇿 lp	2025-02-13 19:21:06 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-02-13T19:52:29+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-02-13T19:52:29+01:00 vpn Access-Reject 'manitus' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇸🇪 OnTheEdge	2025-02-13 11:34:25 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇸🇪 OnTheEdge	2025-02-11 16:01:34 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇸🇪 OnTheEdge	2025-02-06 06:28:46 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇨🇿 lp	2025-01-27 02:50:34 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-01-27T03:35:50+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-01-27T03:35:50+01:00 vpn Access-Reject 'infraction' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-01-25 20:50:12 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-01-25T21:39:21+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 185.89.42.169 2025-01-25T21:39:21+01:00 vpn Access-Reject 'disbursing' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-01-24 07:21:48 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 185.89.42.169 2025-01-24T07:06:52+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 185.89.42.169 2025-01-24T07:06:52+01:00 vpn Access-Reject 'deaccessioning' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-01-24T07:10:57+01:00 vpn Access-Reject 'indianhood' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-01-24 01:21:33 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 185.89.42.169 2025-01-24T01:23:24+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 185.89.42.169 2025-01-24T01:23:24+01:00 vpn Access-Reject 'umbecast' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-01-24T01:52:13+01:00 vpn Access-Reject 'designlessness' station: 185.89.42.169 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 2a02:a03f:a081:1201:40d0:69df:9384:ee44

🇰🇷 220.80.92.17

🇩🇪 217.92.30.179

🇺🇸 216.25.89.92

🇸🇬 172.217.32.147

🇺🇸 144.172.107.227

🇸🇬 114.119.136.24

🇮🇷 94.182.134.147

🇱🇹 81.30.98.62

🇩🇪 45.151.160.140

🇧🇷 43.164.196.114

🇨🇴 38.210.187.8

🇯🇵 192.95.86.47

🇨🇦 154.21.61.157

🇸🇬 114.119.135.166

🇸🇬 114.119.135.107

🇬🇧 89.116.93.243

🇩🇪 85.215.107.193

🇫🇮 65.108.149.206

🇱🇹 45.227.254.170