JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.70.234.213

194.70.234.213 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 3%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.70.234.213

Whois 194.70.234.213

IP Abuse Reports for 194.70.234.213:

This IP address has been reported a total of 19 times from 11 distinct sources. 194.70.234.213 was first reported on February 28th 2025, and the most recent report was 5 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇬🇧 relianoid.com	2026-06-19 07:41:13 (5 days ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇬🇧 relianoid.com	2026-06-13 10:51:58 (1 week ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇺🇸 TPI-Abuse	2026-04-16 01:46:42 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 194.70.234.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 194.70.234.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 21:46:33.338415 2026] [security2:error] [pid 2253601:tid 2253601] [client 194.70.234.213:21169] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Detrick/Thumbs.db"] [unique_id "aeA_eWf7UcF1ETt3ui1kWQAAABg"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Detrick/ show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 i-turnradio.nl	2026-02-24 13:59:43 (4 months ago)	2026-02-24 @ 14:59:43 (CET) ~ Blocked for trying to access: /xmlrpc.php	Web App Attack
🇪🇸 el-brujo	2026-02-24 12:10:49 (4 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: AppleWe ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: AppleWebKit/531.31 (KHTML, like Gecko111) Action: managed_challenge Source: firewallManaged ASN Description: AS-QUALITYNETWORK Country: FI Method: POST Timestamp: 2026-02-24T12:10:49Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇭 backslash	2026-01-12 07:55:06 (5 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇧🇪 voormedia	2026-01-10 08:14:41 (5 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇧🇪 voormedia	2026-01-08 10:01:18 (5 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇷🇸 Smel	2025-12-20 08:37:04 (6 months ago)	HTTP/80/443/8080 Unauthorized Probe, Hack -	Hacking Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-17 16:50:46 (7 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇨🇭 backslash	2025-04-05 04:00:09 (1 year ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-03-30 13:04:39 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/30 08:01:59	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-03-28 16:12:37 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/28 08:27:28	Port Scan Brute-Force Exploited Host Web App Attack
🇨🇦 wil.com	2025-03-28 08:41:20 (1 year ago)	GlobalProtect login attempts with user AJACKSON1.	VPN IP Brute-Force
🇺🇸 TPI-Abuse	2025-03-08 20:46:13 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 194.70.234.213 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 194.70.234.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 08 15:46:09.946094 2025] [security2:error] [pid 1495445:tid 1495445] [client 194.70.234.213:16153] [client 194.70.234.213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "lanistandifer.com"] [uri "/.env"] [unique_id "Z8yskXuduVG_jencm92AVQAAAAE"], referer: https://tasamm.com/about/ggg249.html show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 216.25.126.16

🇭🇰 190.92.239.22

🇦🇷 190.55.18.68

🇬🇧 188.122.37.97

🇻🇪 170.81.146.80

🇺🇸 162.216.150.114

🇲🇾 158.46.191.42

🇮🇳 157.38.135.162

🇺🇸 64.62.197.90

🇳🇱 45.148.10.157

🇺🇸 44.127.216.199

🇬🇧 31.113.12.178

🇩🇪 213.209.159.231

🇧🇷 205.210.31.243

🇨🇳 183.197.87.66

🇺🇸 162.216.150.154

🇺🇸 147.185.132.18

🇳🇴 141.98.253.62

🇺🇸 136.144.43.197

🇫🇷 92.103.134.183