JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.26.137

194.99.26.137 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 4%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.26.137

Whois 194.99.26.137

IP Abuse Reports for 194.99.26.137:

This IP address has been reported a total of 11 times from 9 distinct sources. 194.99.26.137 was first reported on March 25th 2024, and the most recent report was 10 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 LRob.fr	2026-06-27 10:15:07 (10 hours ago)	Repeated requests on blocked xmlrpc.php, blocked by fail2ban in custom-503-xmlrpc jail	Bad Web Bot Web App Attack
🇬🇧 noise.agency	2026-02-11 10:25:27 (4 months ago)	(wordpress) Failed wordpress login from 194.99.26.137 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-02-03 07:36:05 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.26.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.26.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Feb 03 02:35:57.035899 2026] [security2:error] [pid 2285:tid 2285] [client 194.99.26.137:56501] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|mail.webjemm.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "mail.webjemm.net"] [uri "/wp-json/wp/v2/users"] [unique_id "aYGlXXJg5a0M8vAU2B6eFgAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-31 23:53:26 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.26.137 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.26.137 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 18:53:22.344614 2026] [security2:error] [pid 17703:tid 17703] [client 194.99.26.137:46019] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cityindustries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cityindustries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX6V8oXGfGM_jIfKR6w7igAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇹 VHosting	2025-07-19 19:45:50 (11 months ago)	Detected attack by Imunify360	Brute-Force Web App Attack
Anonymous	2025-03-30 13:09:37 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/30 08:07:08	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2025-03-28 13:39:51 (1 year ago)	This IP was involved in an brute force and password spray attack on 2025/03/28 08:18:43	Port Scan Brute-Force Exploited Host Web App Attack
Anonymous	2024-10-12 23:30:04 (1 year ago)	\| CMS (WordPress or Joomla) brute force attempt 10 times (rewritten)	Hacking SQL Injection Web App Attack
🇮🇩 Burayot	2024-10-12 03:05:12 (1 year ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.99.26.137 (US/United States/-): ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 194.99.26.137 (US/United States/-): 2 in the last 3600 secs show less	Web App Attack
🇷🇺 sms.ru	2024-09-28 23:25:08 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇩🇪 niceshops.com	2024-03-25 06:59:04 (2 years ago)	Large amount of http-requests in short time ([25/Mar/2024:07:56:10.202] )	Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 45.148.10.152

🇲🇽 201.105.211.16

🇳🇱 195.178.110.228

🇶🇦 176.202.87.38

🇳🇱 176.65.132.141

🇩🇪 167.94.146.59

🇩🇪 150.241.113.163

🇯🇵 149.22.87.35

🇵🇰 72.255.18.192

🇳🇱 45.148.10.157

🇸🇬 43.134.57.89

🇺🇸 24.142.170.231

🇵🇾 186.16.46.105

🇨🇳 183.159.51.210

🇺🇸 172.202.118.22

🇺🇸 147.185.132.126

🇺🇸 71.161.109.46

🇺🇸 34.63.78.184

🇺🇸 23.229.114.146

🇺🇸 20.245.234.247