JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.180.237.139

194.180.237.139 was found in our database!

This IP was reported 10 times. Confidence of Abuse is 24%: ?

24%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.180.237.139

Whois 194.180.237.139

IP Abuse Reports for 194.180.237.139:

This IP address has been reported a total of 10 times from 7 distinct sources. 194.180.237.139 was first reported on February 18th 2026, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 nodepile	2026-06-23 08:26:50 (5 days ago)	Requests denied due to active blacklist hits (tenant=82 method=GET path=/product_info.php ua='Mozill ... show more Requests denied due to active blacklist hits (tenant=82 method=GET path=/product_info.php ua='Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.2542.43 Safari/537.36') show less	Web App Attack Exploited Host
🇺🇸 TPI-Abuse	2026-06-03 04:55:01 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 194.180.237.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:210730) triggered by 194.180.237.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 03 00:54:54.070933 2026] [security2:error] [pid 19807:tid 19807] [client 194.180.237.139:54633] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bailey/Thumbs.db"] [unique_id "ah-znp8p1ud1PNvz_C7nhAAAAA0"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bailey/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-25 01:53:59 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.180.237.139 (-): 1 in the last 300 secs; Po ... show more (mod_security) mod_security (id:225170) triggered by 194.180.237.139 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 24 21:53:51.815548 2026] [security2:error] [pid 7267:tid 7267] [client 194.180.237.139:23347] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bergopro.co.uk\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bergopro.co.uk"] [uri "/wp-json/wp/v2/users/"] [unique_id "ahOrr2qwghoJinv1a4FuowAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 tilellit.pro	2026-05-19 08:02:30 (1 month ago)	Fail2Ban banned 194.180.237.139 for security violations in jail wp-armour. Log: 2026/05/19 08:02:29 ... show more Fail2Ban banned 194.180.237.139 for security violations in jail wp-armour. Log: 2026/05/19 08:02:29 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 194.180.237.139 \| Target: wplogin" , client: 194.180.237.139, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://espsformacion.com/wp-login.php" ... show less	Web Spam
🇨🇭 backslash	2026-05-17 21:42:00 (1 month ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇦 electronico	2026-05-14 07:44:04 (1 month ago)	194.180.237.139 - - [14/May/2026:18:44:01 +1100] "GET /wp-login.php HTTP/1.1" 301 487 "https://www.g ... show more 194.180.237.139 - - [14/May/2026:18:44:01 +1100] "GET /wp-login.php HTTP/1.1" 301 487 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 194.180.237.139 - - [14/May/2026:18:44:03 +1100] "GET /wp-login.php HTTP/1.1" 403 5677 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 194.180.237.139 - - [14/May/2026:18:44:04 +1100] "GET /wp-login.php HTTP/1.1" 301 487 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force Web App Attack
🇫🇷 tilellit.pro	2026-05-14 03:59:48 (1 month ago)	Fail2Ban banned 194.180.237.139 for security violations in jail wp-armour. Log: 2026/05/14 03:59:48 ... show more Fail2Ban banned 194.180.237.139 for security violations in jail wp-armour. Log: 2026/05/14 03:59:48 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 194.180.237.139 \| Target: wplogin" , client: 194.180.237.139, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "http://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇪🇸 el-brujo	2026-05-10 14:03:44 (1 month ago)	[Sun May 10 16:03:41.340154 2026] [proxy_fcgi:error] [pid 1249785:tid 1249857] [remote 194.180.237.1 ... show more [Sun May 10 16:03:41.340154 2026] [proxy_fcgi:error] [pid 1249785:tid 1249857] [remote 194.180.237.139:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Sun May 10 16:03:43.915564 2026] [proxy_fcgi:error] [pid 1249785:tid 1249798] [remote 194.180.237.139:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇨🇭 backslash	2026-04-16 12:21:01 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇪🇸 Mugen	2026-02-18 13:55:23 (4 months ago)	Unauthorized VPN login attempts	Brute-Force

Showing 1 to 10 of 10 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 2804:d4b:7c26:1b00:9055:aeed:ae74:44be

🇮🇹 213.215.209.101

🇰🇷 211.178.165.251

🇱🇻 81.30.98.49

🇮🇷 80.191.103.21

🇩🇪 69.5.169.213

🇰🇷 61.76.112.4

🇸🇬 52.237.119.41

🇲🇾 47.250.129.126

🇺🇸 44.222.32.220

🇩🇪 44.152.3.179

🇬🇧 35.203.211.182

🇻🇳 27.71.230.31

🇨🇳 202.105.98.252

🇮🇳 180.149.243.14

🇺🇸 135.237.122.155

🇨🇳 109.244.96.105

🇨🇳 106.12.69.68

🇫🇷 104.28.211.190

🇺🇸 72.68.164.159