JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.180.232.215

194.180.232.215 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 22%: ?

22%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.180.232.215

Whois 194.180.232.215

IP Abuse Reports for 194.180.232.215:

This IP address has been reported a total of 12 times from 9 distinct sources. 194.180.232.215 was first reported on October 9th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 SilverZippo	2026-06-07 13:51:21 (5 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-05-26 11:25:22 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 07:25:18.613422 2026] [security2:error] [pid 5248:tid 5308] [client 194.180.232.215:37805] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|adultbaja.com\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "adultbaja.com"] [uri "/www.sql"] [unique_id "ahWDHgrBuha8D0ua4wI-bAAAAoM"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2026-05-18 06:27:00 (3 weeks ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇩🇪 HandyTreff.de	2026-05-03 03:15:52 (1 month ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -54.792 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -54.792 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.1566.7 show less	Web App Attack Bad Web Bot
🇨🇭 backslash	2026-04-17 00:18:00 (1 month ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 oralunal	2026-03-24 14:13:16 (2 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-03 18:40:05 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 13:39:56.485891 2026] [security2:error] [pid 12696:tid 12696] [client 194.180.232.215:57517] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|gonzalez.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "gonzalez.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aYJA_G1DMH8_CcdpL1gyigAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-02-02 09:11:59 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.02 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.02.02 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2026-01-21 13:51:00 (4 months ago)	Brute force on VPN	Brute-Force Bad Web Bot
🇨🇦 wil.com	2025-12-01 06:13:27 (6 months ago)	GlobalProtect login attempts with user goku.	VPN IP Brute-Force
🇺🇸 TPI-Abuse	2025-10-29 19:41:57 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 194.180.232.215 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 15:41:54.140750 2025] [security2:error] [pid 22549:tid 22549] [client 194.180.232.215:23215] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|jolankagroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "jolankagroup.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQJuAiEujbWAET23b6AiNAAAAAc"], referer: https://jolankagroup.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-10-09 23:00:17 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 146.59.44.6

🇨🇳 140.206.235.4

🇨🇳 39.107.136.130

🇬🇧 35.203.211.10

🇰🇷 14.39.110.172

🇬🇧 2a06:4880::1d

🇹🇼 198.235.24.88

🇺🇸 195.184.76.89

🇳🇱 195.178.110.103

🇳🇮 190.212.215.44

🇬🇧 185.247.137.102

🇨🇿 185.91.116.105

🇺🇸 167.160.161.229

🇭🇰 144.48.8.10

🇨🇳 115.190.165.143

🇺🇸 93.177.94.253

🇧🇬 93.94.141.115

🇳🇱 91.92.40.29

🇺🇸 66.132.186.233

🇬🇧 5.226.140.89