JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 89.47.55.152

89.47.55.152 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 1%: ?

ISP	RCS Technologies FZE LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS35830
Domain Name	rcstech.ae
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 89.47.55.152

Whois 89.47.55.152

IP Abuse Reports for 89.47.55.152:

This IP address has been reported a total of 21 times from 9 distinct sources. 89.47.55.152 was first reported on January 23rd 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-15 22:38:05 (3 weeks ago)	(mod_security) mod_security (id:211030) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:211030) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 15 18:37:58.332309 2026] [security2:error] [pid 8234:tid 8234] [client 89.47.55.152:40949] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at ARGS. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/08_Global_Other.conf"] [line "17"] [id "211030"] [rev "3"] [msg "COMODO WAF: LDAP Injection Attack\|\|www.genesis-castle.com\|F\|2"] [data "Matched Data: (%'%~%'%\|%\|%( found within ARGS: 0"] [severity "CRITICAL"] [tag "CWAF"] [tag "Other"] [hostname "www.genesis-castle.com"] [uri "/gallery/index.php"] [unique_id "agegRjkOg7xjuJ1JvTnn9QAAAB8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-05 09:31:41 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 05:31:34.941708 2026] [security2:error] [pid 9052:tid 9052] [client 89.47.55.152:25553] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fitnessdoctors.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fitnessdoctors.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adIr9qc0tlo7zpGTMDwgEwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-04-03 03:42:58 (2 months ago)	(wordpress) Failed wordpress login from 89.47.55.152 (AE/United Arab Emirates/-/-/-/[redacted]): (C ... show more (wordpress) Failed wordpress login from 89.47.55.152 (AE/United Arab Emirates/-/-/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-01 18:37:38 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 14:37:31.879141 2026] [security2:error] [pid 17601:tid 17601] [client 89.47.55.152:25709] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mwrn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mwrn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ac1l6xwldiBXpCRkaiBr6gAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2026-03-31 08:59:53 (2 months ago)	WordPress login attempt	Brute-Force
🇺🇸 TPI-Abuse	2026-03-31 00:57:26 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 89.47.55.152 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 20:57:17.662635 2026] [security2:error] [pid 15597:tid 15597] [client 89.47.55.152:31837] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ccoxes.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ccoxes.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acsb7ZEmZSVCbu5TezK0pAAAACc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nationaleventpros.com	2025-12-24 10:21:51 (5 months ago)	WordPress login attempt	Brute-Force
🇬🇧 relianoid.com	2025-12-05 08:10:53 (6 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-09-18 17:07:55 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-09-08 02:06:33 (8 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-09-06 07:11:38 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-03-06 18:11:44 (1 year ago)	Failed Wordpress Logins	Web App Attack
🇸🇪 OnTheEdge	2025-02-12 17:03:50 (1 year ago)	Password spraying. Multiple unauthorized login attempts	Hacking Web App Attack
🇨🇿 lp	2025-02-08 05:50:32 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 89.47.55.152 2025-02-08T06:19:00+01:0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 89.47.55.152 2025-02-08T06:19:00+01:00 vpn Access-Reject 'Abolisher' station: 89.47.55.152 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-02-05 11:51:00 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 89.47.55.152 2025-02-05T11:49:29+01:0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 89.47.55.152 2025-02-05T11:49:29+01:00 vpn Access-Reject 'bocaiwangshuangseqiu' station: 89.47.55.152 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2a02:4780:2b:1555:0:232e:f026:1

🇨🇳 110.249.202.120

🇺🇸 104.168.4.239

🇮🇳 103.38.219.22

🇭🇰 91.213.189.180

🇳🇱 77.81.121.253

🇸🇪 5.133.192.166

🇭🇰 185.227.153.56

🇳🇱 172.94.9.60

🇮🇳 171.61.20.182

🇵🇹 79.169.114.139

🇺🇸 76.33.245.196

🇺🇸 75.186.8.102

🇺🇸 66.132.172.37

🇨🇳 58.47.121.41

🇺🇸 44.209.113.59

🇺🇸 34.168.198.176

🇺🇸 34.139.98.105

🇺🇸 23.27.145.207

🇻🇳 14.225.173.146