JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 51.89.242.47

51.89.242.47 was found in our database!

This IP was reported 147 times. Confidence of Abuse is 0%: ?

ISP	1337 Services GmbH 1337 Services GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS16276
Hostname(s)	ip47.ip-51-89-242.eu
Domain Name	ovh.net
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	City of London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 51.89.242.47

Whois 51.89.242.47

IP Abuse Reports for 51.89.242.47:

This IP address has been reported a total of 147 times from 43 distinct sources. 51.89.242.47 was first reported on October 10th 2021, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 Tripwire	2025-04-21 23:40:04 (1 year ago)	Scanning for backup files - /backup.zip	Web App Attack
Anonymous	2025-04-16 23:36:11 (1 year ago)	[00:36:10] 4*: Exploit attempt against non-existent file - /backup.zip	Hacking Bad Web Bot Web App Attack
🇳🇿 Tripwire	2025-04-05 22:48:12 (1 year ago)	Scanning for backup files - /backup.zip	Web App Attack
🇸🇪 SkyDancer	2025-04-04 22:33:17 (1 year ago)	Multiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blo ... show more Multiple web intrusion attempts or RDP/SSH hacking using wrong credentials. Attack automatically blocked by SkyDancer Ai. EXT-SYS-Ai-D show less	Hacking Brute-Force SSH
🇺🇸 SiliSoftware	2025-04-04 08:18:46 (1 year ago)	/backup.zip	Web App Attack
🇺🇸 TPI-Abuse	2025-04-02 22:45:05 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 02 18:44:57.330730 2025] [security2:error] [pid 31403:tid 31403] [client 51.89.242.47:50731] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.ilovecoffeegroup.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.ilovecoffeegroup.com"] [uri "/backup.sql"] [unique_id "Z-296boD-aqW0x3itgmDBgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-02 09:25:42 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 02 05:25:35.854324 2025] [security2:error] [pid 11372:tid 11372] [client 51.89.242.47:61600] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.javierreinoso.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.javierreinoso.com"] [uri "/backup.sql"] [unique_id "Z-0CjzD5lpaHT-ZrJOuskwAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇿 Tripwire	2025-04-01 10:26:00 (1 year ago)	Scanning for backup files - /backup.zip	Web App Attack
🇺🇸 TPI-Abuse	2025-03-31 08:22:54 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 31 04:22:49.860326 2025] [security2:error] [pid 29901:tid 29901] [client 51.89.242.47:57553] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.seekingthemind.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.seekingthemind.com"] [uri "/backup.sql"] [unique_id "Z-pQ2SBLYtRfMJ3QFX_Q1gAAACE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2025-03-27 04:06:41 (1 year ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2025-03-27 03:16:39 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 26 23:16:34.821283 2025] [security2:error] [pid 16581:tid 16581] [client 51.89.242.47:56557] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.prcomputersolutions.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.prcomputersolutions.com"] [uri "/backup.sql"] [unique_id "Z-TDEoX7FshbTd1H4pd4DAAAAAU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-25 20:09:57 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 25 16:09:49.274977 2025] [security2:error] [pid 11607:tid 11607] [client 51.89.242.47:58680] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.salonpurelodi.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.salonpurelodi.com"] [uri "/backup.sql"] [unique_id "Z-MNjcz1odmINSil7lz7PQAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-03-25 09:04:55 (1 year ago)	Account archive download attempts	Hacking Brute-Force
🇺🇸 octageeks.com	2025-03-25 04:08:17 (1 year ago)	Wordpress malicious attack:[octablocked]	Web App Attack
🇺🇸 TPI-Abuse	2025-03-24 19:01:09 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the l ... show more (mod_security) mod_security (id:210730) triggered by 51.89.242.47 (ip47.ip-51-89-242.eu): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 24 15:01:03.452232 2025] [security2:error] [pid 2531802:tid 2531802] [client 51.89.242.47:52899] [client 51.89.242.47] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "4"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.sandwcreations.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.sandwcreations.com"] [uri "/backup.sql"] [unique_id "Z-Gr72Gl_pCHTx3A47r3IwAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 147 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 203.19.35.147

🇹🇼 198.235.24.68

🇻🇳 113.160.82.122

🇵🇰 110.39.164.74

🇨🇦 85.217.149.53

🇺🇸 66.132.195.107

🇺🇸 66.132.186.244

🇸🇬 43.156.105.119

🇮🇹 31.59.89.180

🇩🇪 3.126.50.117

🇺🇸 207.90.244.18

🇩🇪 194.187.176.55

🇺🇸 192.169.213.186

🇳🇱 176.65.148.216

🇺🇸 172.56.235.142

🇸🇪 171.25.158.80

🇰🇪 102.204.198.72

🇮🇹 95.181.233.6

🇫🇷 85.217.140.39

🇮🇳 59.184.255.60