JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.27.117

194.99.27.117 was found in our database!

This IP was reported 12 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43444
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.27.117

Whois 194.99.27.117

IP Abuse Reports for 194.99.27.117:

This IP address has been reported a total of 12 times from 6 distinct sources. 194.99.27.117 was first reported on February 2nd 2025, and the most recent report was 2 months ago.

Old Reports: The most recent abuse report for this IP address is from 2 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-05 13:31:56 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 05 09:31:52.380019 2026] [security2:error] [pid 8636:tid 8636] [client 194.99.27.117:40521] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|wizind.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "wizind.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adJkSA1NewM7Jk_qmvzASwAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-30 06:46:02 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 30 02:45:54.718875 2026] [security2:error] [pid 22028:tid 22028] [client 194.99.27.117:41769] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sentientresearch.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sentientresearch.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acocImpiL6X-V-4uZTVPvQAAAAM"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-24 18:30:44 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 14:30:28.459175 2026] [security2:error] [pid 29952:tid 29952] [client 194.99.27.117:27919] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thedenzers.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thedenzers.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acLYRJe73thHuac0g5R43QAAACY"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-04 00:26:16 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 194.99.27.117 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 03 19:26:09.710869 2026] [security2:error] [pid 23920:tid 23920] [client 194.99.27.117:12373] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|cosentient.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "cosentient.com"] [uri "/"] [unique_id "aVmzodCLN3S4AXBUMwTmFAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 oncord	2025-12-19 10:23:31 (5 months ago)	Form spam	Web Spam
🇩🇪 Packets-Decreaser.NET	2025-12-10 14:34:41 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 10dencehispahard SL	2025-07-08 05:10:19 (11 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇨🇿 lp	2025-03-18 17:54:23 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-18T18:38:27+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-18T18:38:27+01:00 vpn Access-Reject 'jaytee' station: 194.99.27.117 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-17 01:23:36 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-17T01:35:59+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-17T01:35:59+01:00 vpn Access-Reject 'carmel' station: 194.99.27.117 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-16 01:22:13 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-16T01:06:50+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-16T01:06:50+01:00 vpn Access-Reject 'lovesit' station: 194.99.27.117 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-15 01:24:19 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-15T01:57:38+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 194.99.27.117 2025-03-15T01:57:38+01:00 vpn Access-Reject '22222222' station: 194.99.27.117 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇳 ThreatBook.io	2025-02-02 23:44:02 (1 year ago)	2025-02-02 06:42:56 /	Web App Attack

Showing 1 to 12 of 12 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇦🇷 181.116.179.252

🇺🇸 209.38.70.156

🇩🇪 185.168.31.148

🇧🇷 170.245.98.64

🇺🇸 142.93.56.216

🇨🇳 113.4.241.16

🇺🇿 95.214.210.221

🇺🇸 95.181.237.45

🇫🇷 51.91.18.151

🇺🇸 38.127.88.130

🇺🇸 20.64.104.65

🇮🇳 203.192.232.180

🇺🇸 193.31.126.36

🇦🇷 191.103.39.94

🇩🇪 185.220.101.165

🇰🇷 175.207.254.233

🇨🇮 154.0.30.137

🇬🇪 109.234.117.14

🇮🇳 106.219.240.68

🇿🇦 102.64.36.154