JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.25.140

194.99.25.140 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 2%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.25.140

Whois 194.99.25.140

IP Abuse Reports for 194.99.25.140:

This IP address has been reported a total of 12 times from 8 distinct sources. 194.99.25.140 was first reported on February 29th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-18 01:08:25 (2 weeks ago)	(mod_security) mod_security (id:210350) triggered by 194.99.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.99.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 17 21:08:19.947053 2026] [security2:error] [pid 22272:tid 22272] [client 194.99.25.140:33251] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|rannals.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "rannals.com"] [uri "/"] [unique_id "agpmg7GqdMj4t3KbVjoaiAAAABY"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2025-12-23 18:51:52 (5 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -25.111 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -25.111 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3688.5 show less	Bad Web Bot Web App Attack
🇩🇪 HandyTreff.de	2025-11-28 11:59:02 (6 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -31.442 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -31.442 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3019.5 show less	Bad Web Bot Web App Attack
🇩🇪 hbrks	2025-11-04 06:54:37 (7 months ago)	2 attack(s) detected, such as these: {"event":"nginx_block","ip":"194.99.25.140","host":"marche-be.c ... show more 2 attack(s) detected, such as these: {"event":"nginx_block","ip":"194.99.25.140","host":"marche-be.com","request":"GET /wp-login.php HTTP/1.1","user_agent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36","reason":"service:unknow","timestamp":"2025-11-04T06:54:37 00:00","logentry":"marche-be.com 194.99.25.140 - - [04/Nov/2025:06:54:37 0000] GET /wp-login.php HTTP/1.1 444 0 http://marche-be.com/wp-login.php Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.198 Safari/537.36 - matched:service:unknow"} * Report Details : https://p4u.xyz/3X0NCM8GTH0/1 IP Details *: https://p4u.xyz/3X0NCM8GTH0/2 show less	Web Spam Hacking Bad Web Bot
🇨🇭 backslash	2025-06-21 05:10:08 (11 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2024-12-01 07:45:52 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 194.99.25.140 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 194.99.25.140 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 02:45:46.013606 2024] [security2:error] [pid 3684297:tid 3684297] [client 194.99.25.140:28395] [client 194.99.25.140] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Clive/Thumbs.db"] [unique_id "Z0wUKtAhLr1osh6uR0bq_QAAAAw"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Clive/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-09-24 09:42:42 (1 year ago)	GlobalProtect login attempts with user wmdunnell.	VPN IP Brute-Force
Anonymous	2024-08-09 01:21:03 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇨🇭 backslash	2024-05-23 05:10:07 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇭 backslash	2024-04-10 21:50:07 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇪🇸 10dencehispahard SL	2024-03-29 04:01:57 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇺🇸 VSM Networks	2024-02-29 11:25:39 (2 years ago)	Credential Stuffing	Brute-Force

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇷🇺 104.28.236.96

🇫🇷 88.180.221.45

🇫🇮 74.125.114.151

🇺🇸 64.31.25.250

🇬🇧 35.203.211.35

🇷🇴 2.57.121.25

🇳🇱 172.235.173.150

🇸🇬 172.217.97.16

🇳🇦 160.242.72.54

🇪🇸 154.70.207.29

🇺🇸 143.198.134.9

🇩🇪 92.208.79.54

🇸🇪 46.195.11.171

🇳🇱 45.198.224.145

🇳🇱 45.148.10.157

🇩🇪 45.3.42.115

🇧🇷 201.63.223.138

🇵🇱 194.113.39.34

🇭🇰 154.83.16.14

🇺🇸 130.131.220.95