JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.110.150.196

194.110.150.196 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 4%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.110.150.196

Whois 194.110.150.196

IP Abuse Reports for 194.110.150.196:

This IP address has been reported a total of 14 times from 6 distinct sources. 194.110.150.196 was first reported on January 15th 2022, and the most recent report was 1 day ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-19 04:44:16 (1 day ago)	(mod_security) mod_security (id:210350) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 00:44:10.683563 2026] [security2:error] [pid 13301:tid 13301] [client 194.110.150.196:23417] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.thomasgardner.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.thomasgardner.com"] [uri "/"] [unique_id "ajTJGmVfNCMx3qboIw38vgAAAA0"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-14 06:14:46 (4 months ago)	(mod_security) mod_security (id:210350) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210350) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Feb 14 01:14:40.568970 2026] [security2:error] [pid 24403:tid 24403] [client 194.110.150.196:21753] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|kraftre.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "kraftre.com"] [uri "/"] [unique_id "aZAS0N8AOrejz8qsu2FGGwAAAAU"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 Burayot	2025-12-23 19:43:26 (5 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.110.150.196 (US/United States/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.110.150.196 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇨🇦 wil.com	2024-09-23 15:13:28 (1 year ago)	GlobalProtect login attempts with user apalmer.	VPN IP Brute-Force
🇺🇸 octageeks.com	2024-03-03 05:06:16 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-03-02 05:06:16 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-02-29 05:06:18 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-02-28 05:06:16 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-02-27 05:06:16 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 octageeks.com	2024-02-26 05:06:16 (2 years ago)	Wordpress malicious attack:[octa404]	Web App Attack
🇺🇸 TPI-Abuse	2024-02-08 22:15:51 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 194.110.150.196 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 08 17:15:45.977313 2024] [security2:error] [pid 699] [client 194.110.150.196:23203] [client 194.110.150.196] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Laurel/Thumbs.db"] [unique_id "ZcVSkR3rZPXe7XzK5ycEYgAAAAg"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Laurel/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2023-10-07 05:51:56 (2 years ago)		Bad Web Bot
🇨🇭 backslash	2023-09-04 12:53:33 (2 years ago)	honeypot	Bad Web Bot
🇺🇸 VSM Networks	2022-01-15 23:51:34 (4 years ago)	Credential Stuffing	Brute-Force

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 177.36.187.87

🇳🇱 91.92.40.12

🇱🇹 81.30.98.144

🇪🇸 79.108.230.88

🇷🇺 195.2.78.191

🇪🇸 149.91.97.132

🇺🇸 147.185.132.22

🇷🇴 138.199.53.212

🇦🇪 132.243.121.237

🇨🇳 121.43.195.151

🇲🇾 49.124.153.32

🇬🇭 41.139.19.183

🇺🇸 34.187.130.174

🇺🇸 20.124.82.131

🇮🇳 4.224.40.94

🇷🇴 2.57.122.177

🇺🇸 216.25.89.147

🇲🇽 187.192.86.153

🇺🇸 184.72.98.46

🇱🇹 141.98.11.224