JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.195.210.202

194.195.210.202 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 47%: ?

47%

ISP	Linode, LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS63949
Hostname(s)	g1-fa24-server.gerware.com
Domain Name	linode.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.195.210.202

Whois 194.195.210.202

IP Abuse Reports for 194.195.210.202:

This IP address has been reported a total of 12 times from 8 distinct sources. 194.195.210.202 was first reported on June 15th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 mnsf	2026-06-16 00:13:23 (1 week ago)	Scanning/Probing (12)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 16:16:39 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 12:16:34.639164 2026] [security2:error] [pid 24328:tid 24328] [client 194.195.210.202:41320] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "camillascause.org"] [uri "/database/.env"] [unique_id "ajAlYjKEI9G3WroONX8xTwAAAH0"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 thetomtaylor.co.uk	2026-06-15 13:09:02 (1 week ago)	Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa ... show more Fail2Ban - [NGINX]WordPress Logins Sniffings on nginx-wordpress-sniffer ... [ice01,mx01,mx02,mx03,wa01,wa02] show less	Bad Web Bot Web App Attack
🇩🇪 BlueWire Hosting	2026-06-15 12:54:13 (1 week ago)	Bad bot ignoring robot.txt	Bad Web Bot
🇺🇸 TPI-Abuse	2026-06-15 12:48:27 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:48:22.580074 2026] [security2:error] [pid 10931:tid 10931] [client 194.195.210.202:42054] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "arriagarealestate.com"] [uri "/app/.env"] [unique_id "ai_0lty72qk92Uqzmn2--gAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-06-15 12:40:44 (1 week ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Yosi	2026-06-15 12:24:51 (1 week ago)	RdpGuard detected brute-force attempt on HTTP	Brute-Force
🇺🇸 TPI-Abuse	2026-06-15 12:01:56 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 08:01:53.112484 2026] [security2:error] [pid 10565:tid 10565] [client 194.195.210.202:41124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thoughtworm.com"] [uri "/.env"] [unique_id "ai_psSV_wbUxC8tPVfREswAAAEQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 e.fierstra	2026-06-15 11:57:24 (1 week ago)	ModSecurity hits exceeded	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 09:10:51 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 05:10:45.437753 2026] [security2:error] [pid 6253:tid 6253] [client 194.195.210.202:35582] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ambarsolar.com"] [uri "/api/.env"] [unique_id "ai_BlTpkmxFww_tkteUWeQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 08:55:22 (1 week ago)	(mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 ... show more (mod_security) mod_security (id:210492) triggered by 194.195.210.202 (g1-fa24-server.gerware.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jun 15 04:55:15.201569 2026] [security2:error] [pid 28598:tid 28598] [client 194.195.210.202:51732] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cayman-boat-registration.com"] [uri "/api/.env"] [unique_id "ai-981I0rs-HLaKpMF5fjwAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 wlt-blocker	2026-06-15 08:40:44 (1 week ago)	Unauthorized access to webpage admin	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 176.65.139.181

🇮🇳 168.144.159.109

🇺🇸 65.49.1.71

🇫🇷 46.105.244.177

🇧🇷 20.206.67.148

🇵🇰 202.63.202.169

🇫🇷 172.70.108.214

🇧🇷 172.69.11.48

🇱🇻 81.30.98.158

🇱🇻 62.60.234.140

🇩🇪 51.77.94.151

🇫🇷 5.135.245.55

🇳🇱 5.61.209.92

🇮🇳 223.233.85.193

🇭🇰 223.197.178.95

🇧🇷 205.210.31.224

🇮🇳 202.141.6.26

🇺🇸 199.189.224.30

🇪🇬 197.44.15.210

🇳🇱 195.178.110.30