JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.180.236.242

194.180.236.242 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 13%: ?

13%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.180.236.242

Whois 194.180.236.242

IP Abuse Reports for 194.180.236.242:

This IP address has been reported a total of 10 times from 6 distinct sources. 194.180.236.242 was first reported on June 10th 2025, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-03 09:09:37 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 05:09:30.528225 2026] [security2:error] [pid 1870:tid 1870] [client 194.180.236.242:56939] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Ashton II Recliner/Havana Brown/originals/Thumbs.db"] [unique_id "ah_vSneTX0MPJY8jPNK-IwAAAB8"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Ashton%20II%20Recliner/Havana%20Brown/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2026-05-20 03:08:04 (1 month ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.246 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -51.246 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.4072.6 show less	Web App Attack Bad Web Bot
🇩🇪 bescared	2026-04-30 22:35:00 (1 month ago)	Malicious activity detected: URL probing.	Bad Web Bot Web App Attack Hacking
🇨🇭 backslash	2026-04-18 16:48:00 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇱🇻 garmtech.com	2025-12-22 14:03:15 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇨🇭 backslash	2025-12-16 01:15:07 (6 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-12-10 03:12:38 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 22:12:35.039594 2025] [security2:error] [pid 1957:tid 1957] [client 194.180.236.242:36029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bews.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aTjlI6oLr0CgTEmKYZl2iwAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2025-11-26 22:20:45 (7 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 fbarela	2025-11-19 18:00:42 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-06-10 04:36:09 (1 year ago)	(mod_security) mod_security (id:210740) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210740) triggered by 194.180.236.242 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 10 00:36:03.532032 2025] [security2:error] [pid 3713897:tid 3713897] [client 194.180.236.242:29641] ModSecurity: Access denied with code 403 (phase 2). Matched phrase "/Proxy-Connection/" at TX:header_name. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "33"] [id "210740"] [rev "2"] [msg "COMODO WAF: HTTP header is restricted by policy\|\|www.kbalan.com\|F\|4"] [data "/Proxy-Connection/"] [severity "WARNING"] [tag "CWAF"] [tag "HTTP"] [hostname "www.kbalan.com"] [uri "/2014/member/"] [unique_id "aEe2MyNpJood87A9rV13HwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇴 141.98.83.240

🇺🇦 94.240.166.29

🇻🇳 2402:800:627d:c947:e4b0:442e:6487:e429

🇺🇸 216.73.160.74

🇵🇰 203.6.210.250

🇺🇸 172.236.228.115

🇩🇪 167.94.146.53

🇵🇰 154.57.216.142

🇸🇬 139.59.231.23

🇻🇳 123.18.82.156

🇭🇰 118.193.32.92

🇻🇳 117.7.231.217

🇻🇳 116.109.166.136

🇮🇳 106.202.23.235

🇭🇰 101.36.124.220

🇩🇪 93.196.68.61

🇵🇹 89.154.17.20

🇹🇷 88.242.201.211

🇺🇸 67.207.93.64

🇺🇸 66.132.224.61