JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.26.192.149

194.26.192.149 was found in our database!

This IP was reported 353 times. Confidence of Abuse is 100%: ?

100%

ISP	1337 Services GmbH
Usage Type	Data Center/Web Hosting/Transit
ASN	AS210558
Hostname(s)	194.26.192.149.powered.by.rdp.sh
Domain Name	as210558.net
Country	🇳🇱 Netherlands
City	Lelystad, Flevoland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.26.192.149

Whois 194.26.192.149

IP Abuse Reports for 194.26.192.149:

This IP address has been reported a total of 353 times from 155 distinct sources. 194.26.192.149 was first reported on April 8th 2025, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-06-05 06:19:47 (2 days ago)	Attempted access to sensitive endpoint (/wp-content/themes/seotheme/db.php?u) detected. Automated sc ... show more Attempted access to sensitive endpoint (/wp-content/themes/seotheme/db.php?u) detected. Automated scan or unauthorized probing. show less	Web App Attack
🇩🇪 updown.io	2026-06-05 06:16:12 (2 days ago)	{"level":"info","ts":1780636152.3392725,"logger":"http.log.access.log1","msg":"handled request","req ... show more {"level":"info","ts":1780636152.3392725,"logger":"http.log.access.log1","msg":"handled request","request":{"remote_ip":"194.26.192.149","remote_port":"61298","client_ip":"194.26.192.149","proto":"HTTP/1.1","method":"POST","host":"app-status.legalatoms.com","uri":"/alfacgiapi/perl.alfa","headers":{"Accept-Language":["en-US,en;q=0.9,fr;q=0.8"],"Content-Length":["69"],"Upgrade-Insecure-Requests":["1"],"Accept":["text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,/;q=0.8"],"User-Agent":["Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36"],"Referer":["www.google.com"],"Connection":["keep-alive"],"Content-Type":["application/x-www-form-urlencoded"],"Cache-Control":["max-age=0"]}},"bytes_read":0,"user_id":"","duration":0.000050666,"size":0,"status":308,"resp_headers":{"Connection":["close"],"Location":["https://app-status.legalatoms.com/alfacgiapi/perl.alfa"],"Cont ... show less	DDoS Attack Web App Attack
🇨🇦 electronico	2026-06-05 03:22:31 (2 days ago)	194.26.192.149 - - [05/Jun/2026:14:17:11 +1100] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 ... show more 194.26.192.149 - - [05/Jun/2026:14:17:11 +1100] "POST /ALFA_DATA/alfacgiapi/perl.alfa HTTP/1.1" 404 5909 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 194.26.192.149 - - [05/Jun/2026:14:17:11 +1100] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 5853 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" 194.26.192.149 - - [05/Jun/2026:14:17:11 +1100] "POST /alfacgiapi/perl.alfa HTTP/1.1" 404 2104 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 194.26.192.149 - - [05/Jun/2026:14:17:12 +1100] "POST /wp-plain.php HTTP/1.1" 404 5909 "www.google.com" "Mozilla/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.311 ... show less	Brute-Force Web App Attack
🇫🇷 ✨	2026-06-05 01:14:13 (2 days ago)	Domain : pleskcontrolpanel Rule : WEB IP in black list	Port Scan
Anonymous	2026-06-04 21:02:46 (2 days ago)	Multiple, malicious web requests detected	Port Scan Hacking
🇦🇺 rubixstudios	2026-06-04 21:01:02 (2 days ago)	Excessive HTTP requests consistent with automated attack behaviour detected by Imunify360	DDoS Attack Brute-Force Web App Attack
🇮🇹 ciccio diddo	2026-06-04 15:50:15 (2 days ago)	CMS/WP Exploit multiple 404 port:Tcp/80,443	Brute-Force Web App Attack
🇩🇪 itsolon	2026-06-04 15:48:09 (2 days ago)	[04/Jun/2026:17:48:08 +0200] 178058808855.788447 194.26.192.149 56427 217.154.7.177 443 [04/Jun/2026 ... show more [04/Jun/2026:17:48:08 +0200] 178058808855.788447 194.26.192.149 56427 217.154.7.177 443 [04/Jun/2026:17:48:07 +0200] 17805880873.389778 194.26.192.149 56611 217.154.7.177 443 [04/Jun/2026:17:48:08 +0200] 178058808872.017826 194.26.192.149 56410 217.154.7.177 80 [04/Jun/2026:17:48:08 +0200] 178058808841.032069 194.26.192.149 56609 217.154.7.177 443 [04/Jun/2026:17:48:08 +0200] 178058808867.679914 194.26.192.149 56614 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
🇮🇹 NonOggiCaroMio	2026-06-04 14:30:48 (2 days ago)	Arruso ca si: crowdsecurity/http-bad-user-agent	Brute-Force
🇦🇺 afleventoffice.com.au	2026-06-04 13:21:10 (2 days ago)	GET /wp-content/plugins/fix/up.php HTTP/1.1	Web App Attack
🇩🇪 itsolon	2026-06-04 13:15:19 (3 days ago)	[04/Jun/2026:15:15:18 +0200] 178057891829.065549 194.26.192.149 52700 217.154.7.177 80 [04/Jun/2026: ... show more [04/Jun/2026:15:15:18 +0200] 178057891829.065549 194.26.192.149 52700 217.154.7.177 80 [04/Jun/2026:15:15:18 +0200] 178057891843.604664 194.26.192.149 52710 217.154.7.177 443 [04/Jun/2026:15:15:18 +0200] 178057891842.532864 194.26.192.149 52740 217.154.7.177 443 [04/Jun/2026:15:15:18 +0200] 178057891893.342940 194.26.192.149 52736 217.154.7.177 443 [04/Jun/2026:15:15:18 +0200] 178057891836.169458 194.26.192.149 52709 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack
Anonymous	2026-06-04 12:09:00 (3 days ago)	194.26.192.149 - - [04/Jun/2026:14:08:58 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" ... show more 194.26.192.149 - - [04/Jun/2026:14:08:58 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 62056 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 194.26.192.149 - - [04/Jun/2026:14:08:59 +0200] "GET /wp-content/themes/seotheme/db.php?u HTTP/1.1" 404 61771 "www.google.com" "Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36" 194.26.192.149 - - [04/Jun/2026:14:08:58 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 62100 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36" 194.26.192.149 - - [04/Jun/2026:14:08:59 +0200] "GET /wp-content/plugins/fix/up.php HTTP/1.1" 404 61815 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 ... show less	Brute-Force Web App Attack
🇺🇸 agenciahypelab.com.br	2026-06-04 09:24:52 (3 days ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇫🇷 ELYAZ	2026-06-04 09:00:07 (3 days ago)	(y3) Failed access -byebye- from 194.26.192.149 (-): (CF_ENABLE)	Hacking
🇩🇪 itsolon	2026-06-04 06:32:25 (3 days ago)	[04/Jun/2026:08:32:23 +0200] 178055474398.320008 194.26.192.149 49259 217.154.7.177 443 [04/Jun/2026 ... show more [04/Jun/2026:08:32:23 +0200] 178055474398.320008 194.26.192.149 49259 217.154.7.177 443 [04/Jun/2026:08:32:24 +0200] 178055474469.575830 194.26.192.149 52373 217.154.7.177 80 [04/Jun/2026:08:32:24 +0200] 17805547440.331844 194.26.192.149 53864 217.154.7.177 443 [04/Jun/2026:08:32:23 +0200] 178055474386.322862 194.26.192.149 64335 217.154.7.177 443 [04/Jun/2026:08:32:24 +0200] 178055474490.910234 194.26.192.149 65012 217.154.7.177 443 ... show less	Port Scan Hacking Brute-Force Web App Attack

Showing 1 to 15 of 353 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 120.33.126.224

🇨🇦 54.39.203.12

🇺🇸 52.128.53.134

🇭🇰 45.142.154.43

🇺🇸 45.79.98.252

🇧🇷 189.6.79.65

🇮🇳 122.173.28.61

🇺🇸 66.132.224.15

🇮🇳 49.43.92.166

🇭🇰 45.249.246.196

🇩🇪 43.228.157.204

🇦🇪 20.203.42.204

🇳🇱 2.26.20.64

🇳🇱 195.178.110.30

🇧🇷 187.110.238.50

🇮🇶 185.24.61.171

🇧🇷 179.61.154.206

🇸🇬 143.198.204.165

🇨🇳 106.75.222.86

🇺🇸 97.107.133.213