JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.127.199.10

194.127.199.10 was found in our database!

This IP was reported 67 times. Confidence of Abuse is 15%: ?

15%

ISP	Blix Group AS
Usage Type	Data Center/Web Hosting/Transit
ASN	AS50304
Domain Name	blix.com
Country	🇳🇴 Norway
City	Stavanger, Rogaland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.127.199.10

Whois 194.127.199.10

IP Abuse Reports for 194.127.199.10:

This IP address has been reported a total of 67 times from 43 distinct sources. 194.127.199.10 was first reported on February 15th 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-05 00:40:04 (2 weeks ago)	\| Multiple SQL injection attempts from same source ip.(multiple servers)	Web App Attack Hacking SQL Injection
🇷🇺 Agrohim	2026-05-23 00:38:44 (3 weeks ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇷🇺 Agrohim	2026-05-21 00:07:03 (4 weeks ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇸🇮 administrator	2026-05-04 17:09:55 (1 month ago)	2026-04-20 07:40:31,666 fail2ban.actions [133402]: NOTICE [apache-badbots] Ban 194.127.199.1 ... show more 2026-04-20 07:40:31,666 fail2ban.actions [133402]: NOTICE [apache-badbots] Ban 194.127.199.10 2026-04-20 07:40:31,666 fail2ban.actions [133402]: NOTICE [apache-badbots] Ban 194.127.199.10 2026-04-20 07:40:31,666 fail2ban.actions [133402]: NOTICE [apache-badbots] Ban 194.127.199.10 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇷🇺 Agrohim	2026-04-29 00:18:53 (1 month ago)	Gate Inet blocked for categories:	DDoS Attack Ping of Death Port Scan Hacking Brute-Force
🇩🇪 Ba-Yu	2026-04-13 21:36:00 (2 months ago)	General hacking/exploits/scanning	Web Spam Hacking Brute-Force Exploited Host Web App Attack
🇩🇪 Starburst SysOp Team	2026-04-13 21:19:55 (2 months ago)	Restricted File Access Attempt. Matched phrase ".git/" at REQUEST_FILENAME. (930130-nue6-1)	Hacking Web App Attack
Anonymous	2026-04-13 19:05:01 (2 months ago)	suspicious request in access.log	Web App Attack
Anonymous	2026-03-31 19:05:53 (2 months ago)	Blocked: Reason='Possible SQL injection activity (26/60 min)'; Requests=26	SQL Injection
🇮🇩 Burayot	2026-03-31 18:24:56 (2 months ago)	LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 194.127.199.10 (NO/Norway/-): 1 in t ... show more LF_MODSEC: (mod_security) mod_security (id:949110) triggered by 194.127.199.10 (NO/Norway/-): 1 in the last 3600 secs show less	Web App Attack
🇨🇭 backslash	2026-03-20 14:03:18 (2 months ago)	block ruleset Badbot using very old user-agents 5CF3CDB778C7D82564405B86B9242E612F378C68	Bad Web Bot
🇵🇱 get-money.pl	2026-03-11 16:44:00 (3 months ago)	Confirmed source of repeated and high-risk malicious activity targeting web applications. Observed b ... show more Confirmed source of repeated and high-risk malicious activity targeting web applications. Observed behavior includes high-volume automated requests, multiple confirmed SQL injection attempts, and targeted exploitation of application endpoints. The activity triggered repeated critical Fail2Ban detections (Category: SQL injection / intrusion) and demonstrates clear hostile intent. Due to persistence and severity, the IP address has been permanently blocked at firewall and WAF level and classified as malicious. show less	Brute-Force Exploited Host Web App Attack Hacking SQL Injection
🇺🇸 TPI-Abuse	2026-03-11 05:02:38 (3 months ago)	(mod_security) mod_security (id:218580) triggered by 194.127.199.10 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218580) triggered by 194.127.199.10 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 11 01:02:32.092759 2026] [security2:error] [pid 16795:tid 16795] [client 194.127.199.10:59371] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:tree. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "74"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|kountz.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "kountz.org"] [uri "/famsearch.php"] [unique_id "abD3aND2IamwFuWDpr6hNwAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-03-02 16:50:22 (3 months ago)	Unauthorized connection attempt detected in the last 24 hours	Hacking
🇺🇸 mw	2026-02-15 00:00:26 (4 months ago)	GET /.env.php HTTP/1.1	Web App Attack

Showing 1 to 15 of 67 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 2001:470:2cc:1::267

🇫🇮 147.185.133.109

🇨🇳 222.222.73.70

🇩🇪 209.38.247.93

🇷🇺 194.176.114.36

🇫🇷 193.187.129.119

🇦🇪 87.201.237.40

🇺🇸 72.240.125.133

🇺🇸 66.132.224.227

🇺🇸 66.132.195.35

🇳🇱 45.148.10.121

🇺🇸 37.19.220.47

🇸🇬 206.189.149.87

🇧🇷 205.210.31.180

🇧🇪 198.235.24.249

🇧🇷 186.237.127.212

🇳🇱 174.138.8.238

🇨🇳 121.229.156.71

🇨🇳 116.117.80.126

🇨🇳 112.86.225.242