JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.70.234.109

194.70.234.109 was found in our database!

This IP was reported 24 times. Confidence of Abuse is 10%: ?

10%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.70.234.109

Whois 194.70.234.109

IP Abuse Reports for 194.70.234.109:

This IP address has been reported a total of 24 times from 11 distinct sources. 194.70.234.109 was first reported on November 18th 2024, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 masterguru	2026-06-17 04:18:12 (1 week ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 194.70.234.109 (NL/The Netherlands/-): 1 in th ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 194.70.234.109 (NL/The Netherlands/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇦🇺 MAGIC	2026-05-20 02:11:50 (1 month ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 technojoe99	2026-04-27 05:40:59 (2 months ago)	Exploit scan from 194.70.234.109. GET /.aws/credentials HTTP/1.1.	Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 02:15:30 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 26 22:15:23.694170 2026] [security2:error] [pid 10155:tid 10155] [client 194.70.234.109:16763] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.joevallone.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.joevallone.com"] [uri "/s3cmd.ini"] [unique_id "ae7Gu-riNGsW2HCmrSCjdAAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 oralunal	2026-03-17 19:40:53 (3 months ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-12 16:22:25 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 12 11:22:20.867551 2026] [security2:error] [pid 16806:tid 16806] [client 194.70.234.109:60469] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|saimedo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "saimedo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aY3-PO-Vo8XVArL8KaO9ogAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-05 15:51:29 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-12-15 05:37:24 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 15 00:37:20.309728 2025] [security2:error] [pid 5349:tid 5349] [client 194.70.234.109:63165] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mwrn.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mwrn.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aT-ekImDkOTLLOxFaTnCVAAAAAQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-09 17:16:17 (6 months ago)	(mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 194.70.234.109 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 12:16:11.259466 2025] [security2:error] [pid 1840:tid 1840] [client 194.70.234.109:42019] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|alan-ip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "alan-ip.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aThZW-xKU7SXxXakgHJZOwAAABY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-05-16 22:28:49 (1 year ago)	ASWEEDCO WEBFORM SPAM 194.70.234.109 (194.70.234.109)	Web Spam
🇦🇺 oncord	2025-04-16 08:15:11 (1 year ago)	Form spam	Web Spam
Anonymous	2025-04-08 15:42:26 (1 year ago)	APTUDE WEBFORM SPAM 194.70.234.109 (194.70.234.109)	Web Spam
🇮🇪 Jim Keir	2025-04-06 09:19:11 (1 year ago)	2025-04-06 09:19:10 194.70.234.109 Spam word detected.	Web Spam
🇦🇺 MAGIC	2025-04-01 01:06:48 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2025-03-30 12:41:58 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/30 07:39:39	Port Scan Brute-Force Exploited Host Web App Attack

Showing 1 to 15 of 24 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇰 202.163.107.241

🇧🇷 177.30.64.65

🇺🇸 98.93.211.163

🇧🇷 15.229.25.59

🇧🇬 193.24.211.107

🇮🇹 185.15.171.137

🇺🇸 158.94.187.182

🇧🇩 103.179.198.19

🇳🇱 46.8.68.144

🇺🇸 45.130.83.174

🇺🇸 172.253.1.28

🇻🇳 117.2.123.19

🇺🇸 107.172.78.18

🇩🇪 85.215.252.72

🇺🇸 74.114.28.222

🇮🇹 72.146.44.117

🇺🇸 66.132.195.62

🇸🇪 20.240.51.74

🇺🇸 20.83.165.140

🇷🇴 151.242.30.40