JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.19.34.120

89.19.34.120 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 16%: ?

16%

ISP	NEW-YORK-CUSTOMERS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.19.34.120

Whois 89.19.34.120

IP Abuse Reports for 89.19.34.120:

This IP address has been reported a total of 13 times from 8 distinct sources. 89.19.34.120 was first reported on April 14th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-22 11:54:08 (1 week ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:54:02.393823 2026] [security2:error] [pid 10031:tid 10031] [client 89.19.34.120:46127] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|zerotaxlab.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "zerotaxlab.com"] [uri "/wp-config.inc"] [unique_id "ahBD2joxL1iWdCtq_Xxi_gAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-22 11:06:24 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:06:16.231002 2026] [security2:error] [pid 11829:tid 11829] [client 89.19.34.120:20775] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abcollie.com"] [uri "/wp-config.php~"] [unique_id "ahA4qFbvxKks5SjARquaNgAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:17:44 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:17:38.384249 2026] [security2:error] [pid 15657:tid 15657] [client 89.19.34.120:35941] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "altoshp.com"] [uri "/wp-config.php~"] [unique_id "ag4k8ha0f-_U_r24Rc092gAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:42:45 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:42:41.651828 2026] [security2:error] [pid 4340:tid 4375] [client 89.19.34.120:18729] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.property-management.property-management-companies-chicago.com"] [uri "/wp-config.bak"] [unique_id "ag4cwWypN9svpit-8HPKTQAAAJc"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 ddw	2026-05-19 15:51:41 (2 weeks ago)	ModSecurity detection - Rules: 949110(Inbound Anomaly Score Exceeded (Total Score: 10))	Web App Attack
🇨🇭 4server	2026-04-14 23:57:18 (1 month ago)	[WedApr1501:57:14.1161742026][security2:error][pid1427745:tid1427762][client89.19.34.120:0]ModSecuri ... show more [WedApr1501:57:14.1161742026][security2:error][pid1427745:tid1427762][client89.19.34.120:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Matchedphrase\"wp-config\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"342\"][id\"960720\"][msg\"Forbiddenfileaccess\"][hostname\"r102.ch\"][uri\"/wp-config.php.bak\"][unique_id\"ad7UWoOZwSNiYDrqBr95-wAAAA4\"] show less	Hacking Web App Attack
Anonymous	2025-12-28 01:01:00 (5 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-09-07 05:12:49 (8 months ago)	(mod_security) mod_security (id:210350) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Sep 07 01:12:43.969673 2025] [security2:error] [pid 2930:tid 2930] [client 89.19.34.120:58719] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|surrenderhouse.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "surrenderhouse.com"] [uri "/about.html"] [unique_id "aL0USzrWdVSXm0lhVEhsmgAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 css672	2024-10-17 09:19:31 (1 year ago)	Credential brute-force attacks on webpage logins [18,21]. remote_addr: 89.19.34.120, error_code: 76 ... show more Credential brute-force attacks on webpage logins [18,21]. remote_addr: 89.19.34.120, error_code: 76 username: [email protected] password: [censored] fruad_score: 0, abuseConfidenceScore: 0 css672: V.4.10.16.1436 show less	Brute-Force Web App Attack
Anonymous	2024-06-26 08:00:37 (1 year ago)	Web App Attack	Hacking Web App Attack
🇺🇸 TPI-Abuse	2024-05-14 23:38:17 (2 years ago)	(mod_security) mod_security (id:225170) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 89.19.34.120 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 14 19:38:13.261230 2024] [security2:error] [pid 31487] [client 89.19.34.120:12409] [client 89.19.34.120] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gre-home.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gre-home.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ZkP15cZEm02Icb7zoUtlTwAAAA4"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 VSM Networks	2024-02-29 04:44:19 (2 years ago)	Credential Stuffing	Brute-Force
🇩🇪 SCHAPPY	2022-04-14 02:46:36 (4 years ago)	Critical web app attack detected. HTTP protocol version is not allowed by policy	Web App Attack

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.130.168.7

🇺🇸 165.154.172.224

🇬🇧 141.136.33.253

🇨🇳 124.251.110.186

🇵🇱 89.231.35.28

🇫🇷 62.171.180.86

🇺🇸 52.173.223.131

🇵🇱 46.20.58.112

🇧🇷 45.230.29.145

🇳🇱 45.153.34.195

🇨🇭 45.143.200.246

🇩🇪 2a0d:3344:503c:2608:7cff:201a:7fa:e3c5

🇧🇷 177.152.27.237

🇭🇰 152.32.169.7

🇺🇸 147.185.132.247

🇧🇷 138.255.205.246

🇬🇭 102.223.92.101

🇺🇸 96.78.175.41

🇦🇺 51.161.172.164

🇺🇸 50.114.172.89