JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.180.232.205

194.180.232.205 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 11%: ?

11%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.180.232.205

Whois 194.180.232.205

IP Abuse Reports for 194.180.232.205:

This IP address has been reported a total of 20 times from 13 distinct sources. 194.180.232.205 was first reported on September 14th 2025, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-20 20:22:49 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:22:44.066041 2026] [security2:error] [pid 28097:tid 28097] [client 194.180.232.205:62127] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "waterspell.net"] [uri "/wp-config.php.orig"] [unique_id "ag4YFE69M4SRvBETBSavmgAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 19:14:33 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:14:29.600263 2026] [security2:error] [pid 28865:tid 28865] [client 194.180.232.205:64435] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "iconconstructors.com"] [uri "/wp-config.php.save"] [unique_id "ag4IFS1L0Fi8gN3O0wD5dQAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 18:38:04 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210492) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 14:37:58.325130 2026] [security2:error] [pid 10730:tid 10730] [client 194.180.232.205:19013] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "puckerbikini.com"] [uri "/wp-config.php.bak"] [unique_id "ag3_hudYgwuueOdYmvyRXQAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-05-13 21:36:24 (3 weeks ago)	(mod_security) mod_security (id:900210) triggered by 194.180.232.205 (US/United States/-): 2 in the ... show more (mod_security) mod_security (id:900210) triggered by 194.180.232.205 (US/United States/-): 2 in the last 900 secs show less	Web App Attack Hacking
🇺🇸 TPI-Abuse	2026-04-09 16:11:05 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 194.180.232.205 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 09 12:10:58.429014 2026] [security2:error] [pid 1093471:tid 1093471] [client 194.180.232.205:24145] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|keithbowles.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "keithbowles.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adfPkiBtGJSJXRqT6-Ee3QAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-31 16:27:38 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-27.194.180.232.205.web-spam ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 19-27.194.180.232.205.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
Anonymous	2026-02-24 23:37:04 (3 months ago)	Forum/form spam	Web Spam
🇧🇪 voormedia	2026-02-09 05:09:20 (3 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇳🇱 iGroupware	2026-02-08 01:01:49 (3 months ago)		Web App Attack
🇮🇩 Burayot	2026-02-02 14:35:15 (4 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.180.232.205 (US/United States/- ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.180.232.205 (US/United States/-): 1 in the last 3600 secs show less	Web App Attack
🇱🇻 garmtech.com	2026-01-05 15:20:46 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-01-03 22:03:02 (5 months ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-01-02 22:14:41 (5 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-14.194.180.232.205.web-spam ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 00-14.194.180.232.205.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇦🇺 MAGIC	2025-12-20 03:07:42 (5 months ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 webgobe	2025-12-09 12:58:59 (5 months ago)	jow-Joomla User : try to access forms...	Hacking

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 91.230.168.174

🇺🇸 74.209.100.246

🇫🇷 34.155.53.126

🇨🇳 14.116.150.36

🇨🇳 183.6.118.248

🇩🇪 172.70.240.64

🇺🇸 147.185.132.36

🇮🇳 139.59.59.165

🇩🇪 134.122.93.100

🇧🇩 103.183.62.3

🇫🇷 91.196.152.110

🇷🇺 87.250.224.40

🇨🇦 85.217.149.16

🇮🇳 43.227.185.238

🇬🇧 35.203.210.184

🇦🇪 20.203.59.187

🇺🇸 20.29.21.25

🇬🇧 213.166.84.38

🇸🇬 194.164.107.4

🇬🇧 194.50.235.137