JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 172.102.216.19

172.102.216.19 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	Aventice LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS9009
Domain Name	aventice.com
Country	🇩🇪 Germany
City	Frankfurt am Main, Hesse

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 172.102.216.19

Whois 172.102.216.19

IP Abuse Reports for 172.102.216.19:

This IP address has been reported a total of 9 times from 3 distinct sources. 172.102.216.19 was first reported on December 4th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-01 01:25:00 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 30 21:24:52.182387 2026] [security2:error] [pid 29091:tid 29125] [client 172.102.216.19:35743] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ftp.kettlehill.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ftp.kettlehill.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "afQA5Ivym1NKJfPpyFpP2wAAAEE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-01 11:48:59 (4 months ago)	(mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Feb 01 06:48:53.580054 2026] [security2:error] [pid 16721:tid 16878] [client 172.102.216.19:45323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.net"] [uri "/a.htaccess"] [unique_id "aX89pbZSDMB2xJcUTnRiwQAAAo8"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-12-01 06:58:03 (6 months ago)	(mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 01 01:57:57.717520 2025] [security2:error] [pid 30768:tid 30773] [client 172.102.216.19:34821] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.kettlehill.net"] [uri "/.env.prod.local"] [unique_id "aS08df5kVQ-rlVW6wYR6JgAAAUE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-01 14:47:51 (8 months ago)	(mod_security) mod_security (id:218420) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:218420) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 01 10:47:05.107596 2025] [security2:error] [pid 12475:tid 12498] [client 172.102.216.19:37109] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i)php://(std(in\|out\|err)\|(in\|out)put\|fd\|memory\|temp\|filter)" at ARGS_NAMES:\\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/21_PHP_PHPGen.conf"] [line "22"] [id "218420"] [rev "2"] [msg "COMODO WAF: PHP Injection Attack: I/O Stream Found\|\|kettlehill.kettlehill.com\|F\|2"] [data "Matched Data: php://input found within ARGS_NAMES:\\x5cxadd allow_url_include=1 \\x5cxadd auto_prepend_file=php://input: \\xadd allow_url_include=1 \\xadd auto_prepend_file=php://input"] [severity "CRITICAL"] [tag "CWAF"] [tag "PHPGen"] [hostname "kettlehill.kettlehill.com"] [uri "/php-cgi/php.exe"] [unique_id "aN0-6WCKjmgjI9kURFKC_wAAAVM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-08-01 10:17:04 (10 months ago)	(mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Aug 01 06:17:01.723742 2025] [security2:error] [pid 3904814:tid 3904943] [client 172.102.216.19:44467] ModSecurity: Access denied with code 403 (phase 1). Matched phrase ".htaccess" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "ftp.kettlehill.com"] [uri "/.htaccess"] [unique_id "aIyUHV6-dT8nKLZzIg5uugAAAI4"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-06-01 15:40:14 (1 year ago)	\| XSS (Cross Site Scripting) attempt.	Hacking SQL Injection Web App Attack
🇺🇸 TPI-Abuse	2025-05-30 18:18:14 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 172.102.216.19 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 30 14:18:10.056925 2025] [security2:error] [pid 490653:tid 490653] [client 172.102.216.19:34021] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|ftp.nbcnewsradio.com\|F\|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "ftp.nbcnewsradio.com"] [uri "/windows/win.ini"] [unique_id "aDn2Yu43vt5ADwPUVM5QsAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-02-27 13:43:18 (2 years ago)	honeypot	Bad Web Bot
🇨🇭 backslash	2023-12-04 14:19:40 (2 years ago)	honeypot	Bad Web Bot

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 206.212.244.18

🇮🇳 182.78.144.34

🇺🇸 172.245.51.54

🇺🇸 165.227.6.52

🇨🇦 144.217.74.127

🇨🇳 116.179.32.108

🇹🇭 110.77.137.236

🇫🇮 80.223.200.184

🇺🇸 66.132.195.40

🇮🇳 61.95.198.138

🇺🇸 45.66.156.2

🇬🇧 35.203.211.180

🇺🇸 35.171.197.82

🇧🇪 34.156.120.113

🇮🇪 3.255.158.241

🇲🇽 186.96.145.241

🇮🇶 185.166.25.150

🇨🇳 120.230.20.238

🇨🇳 110.83.4.175

🇨🇳 110.83.4.93