JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.149.242.46

89.149.242.46 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 54%: ?

54%

ISP	LeaseWeb Netherlands B.V.
Usage Type	Data Center/Web Hosting/Transit
ASN	AS60781
Domain Name	leaseweb.com
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.149.242.46

Whois 89.149.242.46

IP Abuse Reports for 89.149.242.46:

This IP address has been reported a total of 16 times from 9 distinct sources. 89.149.242.46 was first reported on June 9th 2026, and the most recent report was 2 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 abdubhai	2026-06-14 05:09:34 (2 hours ago)	89.149.242.46 - - [14/Jun/2026:1 ...	Brute-Force
🇺🇸 TPI-Abuse	2026-06-11 02:28:46 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 22:28:40.188726 2026] [security2:error] [pid 4106:tid 4106] [client 89.149.242.46:54756] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|theyoungstrategist.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "theyoungstrategist.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiodWOGoho_cAOB74Bv-AQAAAEU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 22:54:54 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 18:54:50.430481 2026] [security2:error] [pid 13188:tid 13188] [client 89.149.242.46:39668] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.sacoriverjazz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sacoriverjazz.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ainrOvsIRgO6RWqhlI6IZgAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-10 22:33:16 (3 days ago)		Brute-Force Web App Attack
🇩🇪 dbmwebdesign	2026-06-10 18:40:07 (3 days ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
Anonymous	2026-06-10 17:11:02 (3 days ago)	Bot / scanning and/or hacking attempts: GET /?author=3 HTTP/1.1, POST /wp-login.php HTTP/1.1, POST / ... show more Bot / scanning and/or hacking attempts: GET /?author=3 HTTP/1.1, POST /wp-login.php HTTP/1.1, POST /xmlrpc.php HTTP/1.1, GET /?author=1 HTTP/1.1, GET /author/admin/ HTTP/1.1 show less	Hacking Web App Attack
Anonymous	2026-06-10 09:09:47 (3 days ago)	(XMLRPC) WP XMLPRC Attack 89.149.242.46 (-): 5 in the last 3600 secs; Ports: *; Direction: 1	Brute-Force SSH
🇺🇸 TPI-Abuse	2026-06-10 08:36:29 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 04:36:23.201932 2026] [security2:error] [pid 26569:tid 26569] [client 89.149.242.46:56112] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.jacquelineperriam.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jacquelineperriam.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aikiB9N4YtmXG4YU8q-6AgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 06:36:04 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 02:36:00.723318 2026] [security2:error] [pid 2100:tid 2100] [client 89.149.242.46:41040] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|exhaustthelimits.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "exhaustthelimits.org"] [uri "/wp-json/wp/v2/users"] [unique_id "aikF0GfKay_9TKA1iC5tvwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 04:15:08 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 00:14:59.065992 2026] [security2:error] [pid 16590:tid 16590] [client 89.149.242.46:32806] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.lajoze.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.lajoze.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aijkw_iEo0Wu9PzGu7zoFAAAAA8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-10 00:20:56 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 20:20:52.826609 2026] [security2:error] [pid 18099:tid 18099] [client 89.149.242.46:34832] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.havenlaneministries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.havenlaneministries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiit5Nesamgoj7gsgYQaMwAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 SpaceHost-Server	2026-06-09 22:31:20 (4 days ago)		Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-09 17:55:24 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 89.149.242.46 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 09 13:55:19.441684 2026] [security2:error] [pid 1667:tid 1667] [client 89.149.242.46:48218] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.sizefinder.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.sizefinder.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aihThxuvZtjUN6qC1rQWngAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-09 17:51:55 (4 days ago)	[redacted] 89.149.242.46 - - [09/Jun/2026:19:51:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "M ... show more [redacted] 89.149.242.46 - - [09/Jun/2026:19:51:51 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:100.0) Gecko/20100101 Firefox/100.0" [redacted] 89.149.242.46 - - [09/Jun/2026:19:51:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0" [redacted] 89.149.242.46 - - [09/Jun/2026:19:51:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:90.0) Gecko/20100101 Firefox/90.0" [redacted] 89.149.242.46 - - [09/Jun/2026:19:51:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:48.0) Gecko/20100101 Firefox/48.0" [redacted] 89.149.242.46 - - [09/Jun/2026:19:51:52 +0200] "POST /xmlrpc.php HTTP/1.1" 200 216 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0" [redacted] 89.149.242.46 - ... show less	Hacking Web App Attack
🇫🇮 Rexikon	2026-06-09 17:21:04 (4 days ago)	89.149.242.46 - - [09/Jun/2026:19:20:54 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/ ... show more 89.149.242.46 - - [09/Jun/2026:19:20:54 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:46.0) Gecko/20100101 Firefox/46.0" 89.149.242.46 - - [09/Jun/2026:19:20:54 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0" 89.149.242.46 - - [09/Jun/2026:19:20:56 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:67.0) Gecko/20100101 Firefox/67.0" 89.149.242.46 - - [09/Jun/2026:19:20:57 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:62.0) Gecko/20100101 Firefox/62.0" 89.149.242.46 - - [09/Jun/2026:19:21:04 +0200] "POST /wp-login.php HTTP/1.1" 200 15292 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:74.0) Gecko/20100101 Firefox/74.0" ... show less	Brute-Force

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 176.65.132.119

🇺🇸 143.42.1.52

🇳🇱 91.92.40.35

🇳🇱 45.148.10.157

🇬🇧 35.203.211.219

🇺🇸 2604:a880:400:d1:0:4:9622:4001

🇿🇦 197.185.179.196

🇬🇧 193.163.125.144

🇮🇳 182.95.231.62

🇮🇳 168.144.81.184

🇲🇾 149.118.135.252

🇧🇩 103.239.82.148

🇫🇷 85.169.118.71

🇨🇳 47.111.183.140

🇦🇷 181.97.187.214

🇺🇸 159.223.118.175

🇬🇧 85.121.120.115

🇺🇸 20.80.72.203

🇧🇬 213.183.62.133

🇲🇾 203.121.40.210