JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.26.180

194.99.26.180 was found in our database!

This IP was reported 33 times. Confidence of Abuse is 33%: ?

33%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.26.180

Whois 194.99.26.180

IP Abuse Reports for 194.99.26.180:

This IP address has been reported a total of 33 times from 17 distinct sources. 194.99.26.180 was first reported on February 18th 2021, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇿 billyborsht	2026-06-05 08:31:33 (2 days ago)	2026-06-05T20:31:32.195496+12:00 southern wordpress(abrahamic.nz)[172802]: Authentication attempt fo ... show more 2026-06-05T20:31:32.195496+12:00 southern wordpress(abrahamic.nz)[172802]: Authentication attempt for unknown user admin from 194.99.26.180 ... show less	Hacking Web App Attack
🇩🇪 4server	2026-06-03 13:56:04 (3 days ago)	[WedJun0315:55:59.7119832026][security2:error][pid1821522:tid1821548][client194.99.26.180:0]ModSecur ... show more [WedJun0315:55:59.7119832026][security2:error][pid1821522:tid1821548][client194.99.26.180:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Stringmatch\"/xmlrpc.php\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"170\"][id\"960024\"][msg\"XML-RPCdisabled\"][hostname\"restaurantgandria.ch\"][uri\"/xmlrpc.php\"][unique_id\"aiAyb9S7GqXa1ZJs0l62bQAAAAg\"] show less	Port Scan Brute-Force Web App Attack
🇩🇪 SCHAPPY	2026-05-28 17:03:25 (1 week ago)	Wordpress attack using blacklisted username detected.	Web App Attack
🇯🇵 VXG-NET	2026-05-27 12:15:15 (1 week ago)	port=80, indicator_type=sql-injection	SQL Injection
🇺🇸 TPI-Abuse	2026-05-22 11:31:25 (2 weeks ago)	(mod_security) mod_security (id:218580) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:218580) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:31:21.760409 2026] [security2:error] [pid 31144:tid 31144] [client 194.99.26.180:13701] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:action. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|www.3905ccn.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "www.3905ccn.org"] [uri "/lookupLicensee.php"] [unique_id "ahA-iYNkKSEJShuH6OXBegAAABs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-16 19:09:33 (3 weeks ago)	(mod_security) mod_security (id:218580) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:218580) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Ports: ; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat May 16 15:09:29.593164 2026] [security2:error] [pid 2096:tid 2096] [client 194.99.26.180:30059] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:\\\\/\\\\[!+](?:[\\\\w\\\\s=_\\\\-()]+)?\\\\*\\\\/)" at ARGS:d. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/22_SQL_SQLi.conf"] [line "76"] [id "218580"] [rev "1"] [msg "COMODO WAF: MySQL in-line comment detected.\|\|caferutadelaseda.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "SQLi"] [hostname "caferutadelaseda.com"] [uri "/detalle.php"] [unique_id "agjA6Ya-AGFnIPEf74WBMgAAAD4"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-04-03 21:44:32 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 stinpriza	2026-04-02 19:34:52 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 stinpriza	2026-04-01 14:42:21 (2 months ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-03-31 01:07:15 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.26.180 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 21:07:06.285135 2026] [security2:error] [pid 13830:tid 13830] [client 194.99.26.180:44213] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|krakowski.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "krakowski.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acseOgaclyoqft4kTDh_qQAAAAA"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 stinpriza	2026-03-31 00:29:15 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 stinpriza	2026-03-28 18:35:45 (2 months ago)	Web App Attack	Web App Attack
🇳🇱 i-turnradio.nl	2026-03-28 02:29:16 (2 months ago)	2026-03-28 03:29:16 (CET) ~ Blocked by abusescan risk assessment	Web App Attack
🇩🇪 stinpriza	2026-03-23 05:07:39 (2 months ago)	Web App Attack	Web App Attack
🇩🇪 stinpriza	2026-03-21 20:43:10 (2 months ago)	Web App Attack	Web App Attack

Showing 1 to 15 of 33 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 159.26.96.83

🇨🇳 113.200.200.86

🇦🇲 109.75.45.129

🇮🇳 103.216.145.2

🇻🇳 103.24.245.51

🇵🇱 83.168.95.208

🇨🇳 43.248.108.184

🇹🇿 41.93.28.4

🇰🇷 221.161.125.35

🇸🇾 178.253.108.182

🇳🇱 176.65.148.93

🇵🇰 103.172.167.110

🇻🇳 103.75.183.113

🇷🇴 80.94.92.184

🇨🇳 182.54.23.143

🇳🇱 172.94.9.65

🇯🇲 104.244.227.157

🇭🇰 104.208.108.166

🇺🇦 91.225.162.93

🇺🇸 34.206.212.24