JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.19.34.107

89.19.34.107 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	NEW-YORK-CUSTOMERS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.19.34.107

Whois 89.19.34.107

IP Abuse Reports for 89.19.34.107:

This IP address has been reported a total of 19 times from 11 distinct sources. 89.19.34.107 was first reported on March 4th 2024, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇧🇪 voormedia	2026-02-09 05:09:21 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇮🇩 Burayot	2025-12-31 14:55:32 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 89.19.34.107 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 89.19.34.107 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-09-06 20:12:40 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 16:12:33.179005 2025] [security2:error] [pid 31717:tid 31717] [client 89.19.34.107:23007] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Bindu/Thumbs.db"] [unique_id "aLyVsYjWxFFwsx4kKs8w9wAAAAE"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Bindu/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-06-19 22:45:07 (11 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇲🇽 licjperezl	2025-06-10 19:13:09 (11 months ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force
🇺🇸 TPI-Abuse	2025-05-06 05:02:27 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 01:02:19.926234 2025] [security2:error] [pid 601919:tid 601919] [client 89.19.34.107:30253] [client 89.19.34.107] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Bindu/Thumbs.db"] [unique_id "aBmX27WG_DO9K9pC1yvB_gAAAAw"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Bindu/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nowyouknow	2025-05-01 18:18:47 (1 year ago)	(From [email protected]) Dear Team, Are you often working abroad for business? A lo ... show more (From [email protected]) Dear Team, Are you often working abroad for business? A lot of businesses still pay a lot on roaming fees. We offer a smart solution with international eSIM plans — fully digital, instantly activated, and cutting your roaming costs drastically. Great for international businesses. Learn more: https://e-simworldwide.com Kind regards, e-SIM Worldwide show less	Phishing Web Spam
Anonymous	2025-05-01 15:38:25 (1 year ago)	Unauthorized VPN login attempts	Hacking Brute-Force
🇺🇸 nowyouknow	2025-04-27 22:16:25 (1 year ago)	(From [email protected]) Dear Sir, Are you often traveling for business? Many indepen ... show more (From [email protected]) Dear Sir, Are you often traveling for business? Many independent professionals still spend a lot on roaming fees. We offer a smart solution with international eSIM plans — 100% virtual, ready in minutes, and with savings of up to 85%. Perfect for digital nomads. Learn more: https://e-simworldwide.com Kind regards, e-SIM Worldwide show less	Phishing Web Spam
🇺🇸 nowyouknow	2025-04-24 23:51:33 (1 year ago)	(From [email protected]) Dear Madam, Do you happen to be frequently traveling for busines ... show more (From [email protected]) Dear Madam, Do you happen to be frequently traveling for business? Many independent professionals still spend a lot on roaming fees. We offer a smart solution with global eSIM plans — 100% virtual, ready in minutes, and cutting your roaming costs drastically. Great for remote teams. Find out more: https://e-simworldwide.com Kind regards, e-SIM Worldwide show less	Phishing Web Spam
🇺🇸 TPI-Abuse	2024-11-10 22:07:08 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Nov 10 17:07:02.876645 2024] [security2:error] [pid 2550095:tid 2550095] [client 89.19.34.107:19135] [client 89.19.34.107] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Briarwood II/Briarwood II/Stetson Bordeaux/originals/Thumbs.db"] [unique_id "ZzEuhhCSquRINTJPen0qbwAAABY"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Briarwood%20II/Briarwood%20II/Stetson%20Bordeaux/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-09-24 05:53:48 (1 year ago)	GlobalProtect login attempts with user pdunn.	VPN IP Brute-Force
🇬🇧 essinghigh	2024-08-05 02:13:15 (1 year ago)	1722823995 # Service_probe # SIGNATURE_SEND # source_ip:89.19.34.107 # dst_port:1605 ...	Port Scan
🇺🇸 TPI-Abuse	2024-05-24 01:09:44 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.107 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 23 21:09:37.528960 2024] [security2:error] [pid 9322] [client 89.19.34.107:44509] [client 89.19.34.107] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Longhorn II/Thumbs.db"] [unique_id "Zk_o0cMi2lNQtYn7nWsx2wAAAAY"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Longhorn%20II/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-05-23 03:30:08 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 156.245.239.180

🇮🇹 83.224.179.9

🇨🇭 209.99.188.147

🇳🇱 195.178.110.30

🇸🇾 185.225.41.192

🇸🇬 119.56.17.76

🇷🇴 109.100.14.222

🇺🇸 103.143.238.100

🇭🇰 103.43.191.43

🇧🇬 78.128.112.6

🇺🇸 48.217.251.179

🇮🇳 43.251.170.60

🇨🇳 14.103.91.55

🇳🇱 213.177.179.12

🇱🇻 185.113.139.84

🇳🇱 172.94.9.136

🇨🇦 138.197.164.175

🇳🇱 93.123.109.128

🇫🇷 85.112.201.196

🇩🇪 80.141.222.251