JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 194.99.27.244

194.99.27.244 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 20%: ?

20%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS43444
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 194.99.27.244

Whois 194.99.27.244

IP Abuse Reports for 194.99.27.244:

This IP address has been reported a total of 16 times from 11 distinct sources. 194.99.27.244 was first reported on November 18th 2024, and the most recent report was 54 minutes ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-20 23:56:16 (54 minutes ago)	Web App Attack	Web App Attack
🇩🇪 Lino Project	2026-06-19 18:16:24 (1 day ago)	194.99.27.244 - - [19/Jun/2026:20:16:23 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 3392 "-" "M ... show more 194.99.27.244 - - [19/Jun/2026:20:16:23 +0200] "GET /wp-admin/post-new.php HTTP/1.1" 403 3392 "-" "Mozilla/5.0 (Linux; Android 5.1.1; Redmi 3 Build/LMY47V; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/59.0.3071.125 Mobile Safari/537.36" ... show less	Brute-Force Bad Web Bot Web App Attack
🇯🇵 VXG-NET	2026-05-27 15:34:16 (3 weeks ago)	port=80, indicator_type=sql-injection	SQL Injection
🇩🇪 konseptit	2026-04-05 09:36:11 (2 months ago)	(wordpress) Failed wordpress login from 194.99.27.244 (US/United States/-)	Brute-Force
🇺🇸 TPI-Abuse	2026-03-24 20:43:42 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 16:43:36.823686 2026] [security2:error] [pid 9874:tid 9913] [client 194.99.27.244:55333] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thetooheys.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thetooheys.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acL3eLEnSX1XslTQEV66HwAAAMc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-24 10:19:17 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 06:19:11.434187 2026] [security2:error] [pid 29944:tid 29944] [client 194.99.27.244:23501] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|atomicmc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "atomicmc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "acJlH25iEEvOcBnUIrJ7TQAAAAs"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-23 18:53:49 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 23 14:53:43.822968 2026] [security2:error] [pid 20764:tid 20764] [client 194.99.27.244:12351] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|radiointernational.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "radiointernational.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acGMN2mZBH9b31sCXAlmqwAAAAw"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 kjaerulff	2026-03-23 11:38:25 (2 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-03-22 08:46:05 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 22 04:45:57.903637 2026] [security2:error] [pid 3036:tid 3036] [client 194.99.27.244:52653] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|catking.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "catking.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ab-sRY8uHezOuBVgMjznnQAAABc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 12:28:35 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 21 08:28:29.902159 2026] [security2:error] [pid 30890:tid 30890] [client 194.99.27.244:19381] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dwars.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dwars.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ab6O7anDZCd_PI_24OEm7wAAAAc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 octageeks.com	2026-03-20 04:11:21 (3 months ago)	Wordpress malicious attack:[octaxmlrpc]	Web App Attack
🇬🇧 consul.to	2026-03-05 04:39:53 (3 months ago)	Web attack/malicious scanning detected	Web App Attack
🇬🇧 Steve	2026-02-11 08:35:06 (4 months ago)	Abuse of XMLRPC	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 01:28:58 (4 months ago)	(mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 194.99.27.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jan 31 20:28:53.028499 2026] [security2:error] [pid 22934:tid 22934] [client 194.99.27.244:46227] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|shukrisharawico.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "shukrisharawico.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aX6sVbWzs9o2k3DIE1fP6gAAABQ"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇳🇱 exxos	2025-10-23 03:03:01 (7 months ago)	Attacks with Bad user agents	Hacking

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇪 198.235.24.183

🇺🇸 193.3.53.5

🇫🇮 147.185.133.9

🇯🇵 118.194.229.94

🇮🇹 93.92.79.192

🇹🇼 220.135.226.87

🇳🇱 204.76.203.206

🇳🇱 193.176.31.198

🇳🇱 185.223.235.59

🇮🇩 182.253.156.173

🇻🇳 160.191.242.222

🇧🇷 143.95.209.223

🇨🇳 123.157.192.248

🇨🇳 116.179.32.173

🇮🇳 106.221.205.53

🇧🇩 103.26.136.173

🇳🇱 81.19.216.124

🇳🇱 81.19.216.103

🇳🇱 81.19.216.70

🇫🇷 62.169.20.98