JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.71.227.149

194.71.227.149 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 26%: ?

26%

ISP	EDIS Infrastructure in Belgium
Usage Type	Data Center/Web Hosting/Transit
ASN	AS57169
Hostname(s)	149.227.71.194.in-addr.arpa
Domain Name	edis.at
Country	🇧🇪 Belgium
City	Zaventem, Flanders

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.71.227.149

Whois 194.71.227.149

IP Abuse Reports for 194.71.227.149:

This IP address has been reported a total of 12 times from 7 distinct sources. 194.71.227.149 was first reported on April 10th 2026, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-30 23:42:07 (1 week ago)	(mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 30 19:42:01.434322 2026] [security2:error] [pid 13831:tid 13831] [client 194.71.227.149:55676] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|bodiehistory.com:443\|F\|4"] [data "CONNECT bodiehistory.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bodiehistory.com"] [uri "/"] [unique_id "aht1yaq6FbPPkAPkVrHFbgAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 xmission.com	2026-05-30 02:43:36 (1 week ago)	194.71.227.149 - - [29/May/2026:20:00:20 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 194 ... show more 194.71.227.149 - - [29/May/2026:20:00:20 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 194.71.227.149 - - [29/May/2026:20:31:22 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 194.71.227.149 - - [29/May/2026:20:43:35 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 194.71.227.149 - - [29/May/2026:20:43:36 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" 194.71.227.149 - - [29/May/2026:20:43:36 -0600] "CONNECT dooce.com:443 HTTP/1.1" 400 150 "-" "-" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2026-05-18 00:56:31 (3 weeks ago)	(mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 20:56:25.734557 2026] [security2:error] [pid 26370:tid 26379] [client 194.71.227.149:48094] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|icecc.com:443\|F\|4"] [data "CONNECT icecc.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "icecc.com"] [uri "/"] [unique_id "agpjuc0VzW89XOq7VwxU-AAAAIU"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ipblock.com	2026-05-12 07:25:00 (4 weeks ago)	IPBlock protected site ID [4055-d][s=01]. Persistent 404, vulnerability scanner	Hacking Bad Web Bot Web App Attack
🇸🇮 administrator	2026-05-04 16:52:11 (1 month ago)	2026-04-06 08:16:21,219 fail2ban.actions [117784]: NOTICE [apache-badbots] Ban 194.71.227.14 ... show more 2026-04-06 08:16:21,219 fail2ban.actions [117784]: NOTICE [apache-badbots] Ban 194.71.227.149 2026-04-06 08:16:21,219 fail2ban.actions [117784]: NOTICE [apache-badbots] Ban 194.71.227.149 2026-04-06 08:16:21,219 fail2ban.actions [117784]: NOTICE [apache-badbots] Ban 194.71.227.149 ... show less	Bad Web Bot Web Spam Email Spam Blog Spam Port Scan Brute-Force Web App Attack
🇩🇪 Skyrider	2026-04-17 18:12:06 (1 month ago)	crowdsecurity/http-open-proxy	Hacking
🇺🇸 TPI-Abuse	2026-04-16 21:21:50 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 17:21:45.885001 2026] [security2:error] [pid 3741649:tid 3741649] [client 194.71.227.149:35887] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|bennecelli.com:443\|F\|4"] [data "CONNECT bennecelli.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "bennecelli.com"] [uri "/"] [unique_id "aeFS6dX4n6fMaqhV7BNwJgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 09:39:25 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 16 05:39:19.625683 2026] [security2:error] [pid 2860686:tid 2860686] [client 194.71.227.149:41103] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|www.cameronwv.com:443\|F\|4"] [data "CONNECT www.cameronwv.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.cameronwv.com"] [uri "/"] [unique_id "aeCuR0AKoSr1uu7Rlg6G-QAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-15 16:09:46 (1 month ago)	(mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 ... show more (mod_security) mod_security (id:217210) triggered by 194.71.227.149 (149.227.71.194.in-addr.arpa): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 12:09:41.962876 2026] [security2:error] [pid 3968082:tid 3968082] [client 194.71.227.149:42531] ModSecurity: Access denied with code 403 (phase 2). Match of "rx ^(?i:(?:[a-z]{3,10}\\\\s+(?:\\\\w{3,7}?://[\\\\w\\\\-\\\\./](?::\\\\d+)?)?/[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S])?\|connect (?:\\\\d{1,3}\\\\.){3}\\\\d{1,3}\\\\.?(?::\\\\d+)?\|options \\\\)\\\\s+[\\\\w\\\\./]+\|get /[^?#](?:\\\\?[^#\\\\s])?(?:#[\\\\S]*)?)$" against "REQUEST_LINE" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "114"] [id "217210"] [rev "1"] [msg "COMODO WAF: Invalid HTTP Request Line\|\|haverhillhouse.com:443\|F\|4"] [data "CONNECT haverhillhouse.com:443 HTTP/1.1"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "haverhillhouse.com"] [uri "/"] [unique_id "ad-4RUyNbrs6ID7a53UOJwAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 4server	2026-04-15 05:19:37 (1 month ago)	[WedApr1507:19:31.8589162026][security2:error][pid3248770:tid3248790][client194.71.227.149:0]ModSecu ... show more [WedApr1507:19:31.8589162026][security2:error][pid3248770:tid3248790][client194.71.227.149:0]ModSecurity:Accessdeniedwithcode403$phase2$.Patternmatch\"$\?:\<\?/\?\?script\\|\(\?:\<\\|\<\?/$$\?:\(\?:java\\|vb$script\\|about\\|applet\\|activex\\|chrome\\|qx\?ss\\|embed\)\\|\<\?/\?i\?frame\\\\\\\\b\\|\<\?imgsrc\?=\\|\<\?basehref\?=\)\"atARGS:custom_U387.[file\"/etc/apache2/conf.d/modsec_rules/10_asl_rules.conf\"][line\"1010\"][id\"340147\"][rev\"163\"][msg\"Atomicorp.comWAFRules:PotentialCrossSiteScriptingAttack\"][data\"\<imgsrc=\"][severity\"CRITICAL\"][hostname\"bno.ch\"][uri\"/scripts/form-u386.php\"][unique_id\"ad8f4249ryXvyOyw4eznCQAAANE\"]\,referer:http://bno.ch/contatti.html show less	Port Scan Brute-Force Web App Attack
🇩🇪 Skyrider	2026-04-14 05:17:16 (1 month ago)	crowdsecurity/http-open-proxy	Hacking
🇮🇹 VHosting	2026-04-10 05:01:40 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 168.0.211.175

🇺🇸 165.154.134.156

🇺🇸 135.119.112.78

🇩🇿 105.99.130.99

🇨🇦 40.85.247.124

🇳🇱 206.223.236.181

🇮🇩 203.175.125.130

🇻🇪 190.97.253.23

🇨🇴 181.225.73.130

🇧🇩 157.20.117.202

🇺🇸 147.185.132.209

🇫🇷 88.162.225.86

🇳🇱 45.148.10.141

🇨🇳 43.139.26.4

🇨🇳 36.32.104.6

🇬🇧 193.163.125.101

🇩🇪 185.201.160.162

🇺🇸 162.243.87.135

🇺🇸 162.216.150.234

🇳🇬 155.93.116.10