JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.25.213

194.99.25.213 was found in our database!

This IP was reported 22 times. Confidence of Abuse is 13%: ?

13%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.25.213

Whois 194.99.25.213

IP Abuse Reports for 194.99.25.213:

This IP address has been reported a total of 22 times from 14 distinct sources. 194.99.25.213 was first reported on June 16th 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-18 18:33:48 (3 weeks ago)	(mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon May 18 14:33:41.046325 2026] [security2:error] [pid 10023:tid 10028] [client 194.99.25.213:25537] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.transitionalcareservices.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.transitionalcareservices.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agtbhVHCgu1YLKP4WZCHmAAAAMM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 Baking333	2026-05-06 10:52:36 (1 month ago)	[redacted] 194.99.25.213 - - [06/May/2026:11:52:28 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/3888 ... show more [redacted] 194.99.25.213 - - [06/May/2026:11:52:28 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/388851 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" [redacted] 194.99.25.213 - - [06/May/2026:11:52:35 +0100] "GET /[redacted] HTTP/1.1" 302 1518 0/80600 "https://[redacted]" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-28 18:56:08 (1 month ago)	WP Login Scan Activities: "2026-04-29T01:56:08.674+07:00" "/wp-login.php" "194.99.25.213" "Mozilla/5 ... show more WP Login Scan Activities: "2026-04-29T01:56:08.674+07:00" "/wp-login.php" "194.99.25.213" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-27 21:14:24 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 27 17:14:19.208720 2026] [security2:error] [pid 21788:tid 21788] [client 194.99.25.213:35297] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|renjunews.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "renjunews.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ae_Rq0juK8NecQrZ0jT6WwAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-26 18:20:08 (1 month ago)	WP Login Scan Activities: "2026-04-27T01:20:08.687+07:00" "/wp-login.php" "194.99.25.213" "Mozilla/5 ... show more WP Login Scan Activities: "2026-04-27T01:20:08.687+07:00" "/wp-login.php" "194.99.25.213" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇺🇦 URAN Publishing Service	2026-04-07 16:44:12 (2 months ago)	194.99.25.213 - - [07/Apr/2026:19:44:07 +0300] "GET /wp-login.php HTTP/1.1" 404 3127 "https://www.go ... show more 194.99.25.213 - - [07/Apr/2026:19:44:07 +0300] "GET /wp-login.php HTTP/1.1" 404 3127 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 194.99.25.213 - - [07/Apr/2026:19:44:12 +0300] "GET /wp-login.php HTTP/1.1" 404 3127 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Web App Attack
🇬🇧 consul.to	2026-04-01 03:59:31 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇺🇸 TPI-Abuse	2026-03-13 15:13:48 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.25.213 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 13 11:13:42.599995 2026] [security2:error] [pid 9701:tid 9701] [client 194.99.25.213:49249] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|calvarycavaliers.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "calvarycavaliers.org"] [uri "/wp-json/wp/v2/users"] [unique_id "abQppkERNXg3Sw3M8XnO4gAAABc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-27 18:25:14 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.27 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.27 is noted in report timestamp show less	Hacking Brute-Force
🇱🇻 garmtech.com	2026-01-02 05:28:13 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-12-03 22:55:08 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇱🇻 garmtech.com	2025-12-01 16:33:29 (6 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇦🇺 oncord	2025-11-29 21:04:26 (6 months ago)	Form spam	Web Spam
🇺🇸 fbarela	2025-11-23 01:00:39 (6 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇲🇽 licjperezl	2025-06-10 19:10:58 (1 year ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force

Showing 1 to 15 of 22 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 203.218.220.129

🇸🇬 178.128.51.84

🇺🇸 154.197.57.219

🇸🇪 145.14.96.134

🇫🇮 109.172.95.248

🇹🇷 94.122.184.17

🇨🇦 85.217.149.38

🇨🇳 58.47.122.94

🇬🇧 35.203.210.234

🇮🇩 2001:448a:1083:870d:8087:9c2c:67a8:ba4c

🇫🇷 207.180.210.81

🇺🇸 195.184.76.234

🇺🇸 165.232.61.133

🇸🇳 154.124.177.2

🇫🇮 147.185.133.109

🇨🇳 113.24.61.97

🇮🇩 103.171.83.51

🇨🇳 101.35.210.162

🇺🇸 98.14.70.2

🇫🇷 91.121.33.230