JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.19.34.48

89.19.34.48 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	NEW-YORK-CUSTOMERS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.19.34.48

Whois 89.19.34.48

IP Abuse Reports for 89.19.34.48:

This IP address has been reported a total of 16 times from 11 distinct sources. 89.19.34.48 was first reported on June 17th 2021, and the most recent report was 3 months ago.

Old Reports: The most recent abuse report for this IP address is from 3 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-02-18 01:22:54 (3 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇷🇴 INTEQ	2026-01-23 02:57:45 (4 months ago)	Web attack from 89.19.34.48	Web App Attack
🇫🇷 Baking333	2026-01-15 22:06:41 (4 months ago)	[redacted] 89.19.34.48 - - [15/Jan/2026:23:06:37 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/25800 ... show more [redacted] 89.19.34.48 - - [15/Jan/2026:23:06:37 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/25800 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 89.19.34.48 - - [15/Jan/2026:23:06:40 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/24731 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇨🇿 lp	2025-08-19 06:22:59 (9 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 89.19.34.48 2025-08-19T07:41:57+02:00 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 89.19.34.48 2025-08-19T07:41:57+02:00 vpn Access-Reject 'nthomas' station: 89.19.34.48 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇭 backslash	2025-07-04 04:02:01 (11 months ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2025-06-21 02:25:00 (11 months ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 20 22:24:53.353816 2025] [security2:error] [pid 3106637:tid 3106637] [client 89.19.34.48:40505] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Scooters/2010 Companion Models/Thumbs.db"] [unique_id "aFYX9eQ0D3HMd3hm2gFZPgAAAAE"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Scooters/2010%20Companion%20Models/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-11-04 11:30:35 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Nov 04 06:30:28.204713 2024] [security2:error] [pid 3109394:tid 3109394] [client 89.19.34.48:25925] [client 89.19.34.48] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/STLC-674791/JPEG (300 dpi)/Thumbs.db"] [unique_id "ZyiwVEAWe8f1MR2ImHJFQQAAAAM"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/STLC-674791/JPEG%20(300%20dpi)/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2024-10-30 06:00:51 (1 year ago)	Kingcopy(AI-IDS)Potential Dangerous Requests Sucker	Bad Web Bot
🇨🇦 wil.com	2024-09-24 08:15:11 (1 year ago)	GlobalProtect login attempts with user amccarthy.	VPN IP Brute-Force
🇨🇭 backslash	2024-05-15 15:55:10 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2024-04-15 08:55:49 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 backslash	2024-04-11 19:40:31 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇿 lp	2024-03-17 19:40:35 (2 years ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 89.19.34.48 2024-03-17T12:56:14+01:00 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 89.19.34.48 2024-03-17T12:56:14+01:00 vpn Access-Reject '[email protected]' station: 89.19.34.48 auth-type: PAP realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇺🇸 VSM Networks	2024-02-29 12:15:35 (2 years ago)	Credential Stuffing	Brute-Force
🇺🇸 TPI-Abuse	2024-02-09 20:05:31 (2 years ago)	(mod_security) mod_security (id:217200) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:217200) triggered by 89.19.34.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 09 15:05:22.807799 2024] [security2:error] [pid 1764] [client 89.19.34.48:46237] [client 89.19.34.48] ModSecurity: Access denied with code 403 (phase 1). Match of "endsWith /wp-cron.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "103"] [id "217200"] [rev "2"] [msg "COMODO WAF: HTTP/1.1 POST request missing Content-Length Header\|\|www.jaxlist.org\|F\|2"] [data "/index.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Protocol"] [hostname "www.jaxlist.org"] [uri "/index.php"] [unique_id "ZcaFgrtO_UJnSPqL2esMzAAAAAU"], referer: https://www.jaxlist.org/index.php?page=register&action=register show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 2a02:4780:3f:2124:0:9e9:43ef:1

🇩🇪 217.154.173.63

🇩🇪 213.209.159.238

🇩🇪 178.105.252.160

🇺🇸 150.107.36.212

🇳🇱 93.123.109.114

🇺🇸 34.63.58.129

🇷🇴 2.57.121.25

🇹🇭 106.0.166.123

🇷🇺 94.243.9.127

🇺🇸 66.132.186.171

🇰🇷 59.26.132.170

🇸🇦 37.104.29.241

🇧🇪 34.53.246.64

🇦🇪 20.203.42.204

🇺🇸 20.65.193.155

🇺🇸 18.119.209.50

🇺🇸 205.210.31.76

🇺🇸 193.3.53.3

🇪🇨 186.68.83.104