JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.202.14.172

193.202.14.172 was found in our database!

This IP was reported 13 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.202.14.172

Whois 193.202.14.172

IP Abuse Reports for 193.202.14.172:

This IP address has been reported a total of 13 times from 10 distinct sources. 193.202.14.172 was first reported on September 8th 2022, and the most recent report was 4 months ago.

Old Reports: The most recent abuse report for this IP address is from 4 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇨🇦 SSH-Admin	2026-02-07 17:12:28 (4 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇫🇷 masterguru	2026-01-07 12:02:26 (5 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.14.172 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.14.172 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
Anonymous	2025-12-16 02:31:14 (6 months ago)	2025-12-16T04:31:13.913666+02:00 zanati wp(www.sahpa.co.za)[977484]: Blocked authentication attempt ... show more 2025-12-16T04:31:13.913666+02:00 zanati wp(www.sahpa.co.za)[977484]: Blocked authentication attempt for admin from 193.202.14.172 ... show less	Web App Attack
🇨🇦 SSH-Admin	2025-12-01 02:33:03 (6 months ago)	Probing for Exploits	Exploited Host Web App Attack
🇪🇸 10dencehispahard SL	2025-11-21 07:35:23 (7 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇨🇦 electronico	2025-11-18 11:51:36 (7 months ago)	193.202.14.172 - - [18/Nov/2025:22:42:52 +1100] "POST /wp-login.php HTTP/1.1" 200 3516 "https://cttm ... show more 193.202.14.172 - - [18/Nov/2025:22:42:52 +1100] "POST /wp-login.php HTTP/1.1" 200 3516 "https://cttmd.nc/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 193.202.14.172 - - [18/Nov/2025:22:47:16 +1100] "POST /wp-login.php HTTP/1.1" 200 3516 "https://cttmd.nc/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" 193.202.14.172 - - [18/Nov/2025:22:51:35 +1100] "POST /wp-login.php HTTP/1.1" 200 3516 "https://cttmd.nc/wp-login.php" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.207 Safari/537.36" ... show less	Brute-Force Web App Attack
Anonymous	2025-11-01 20:18:03 (7 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-10-29 16:41:42 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Oct 29 12:41:35.493016 2025] [security2:error] [pid 16975:tid 16975] [client 193.202.14.172:15519] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marinestorage.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marinestorage.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aQJDvzmQDBDNLKxlyJr9pQAAAAE"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-10-27 16:07:55 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Oct 27 12:07:48.163344 2025] [security2:error] [pid 4144590:tid 4144590] [client 193.202.14.172:55949] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|waterjetsolutions.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "waterjetsolutions.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aP-Y1AfiwY1RQwJOfOJkugAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-04-18 13:49:45 (1 year ago)	(mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.202.14.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 18 09:49:39.557638 2025] [security2:error] [pid 13721:tid 14019] [client 193.202.14.172:51291] [client 193.202.14.172] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|thecraftsycat.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thecraftsycat.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aAJYc_OJLUIpEPz5683UXwAAAQg"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 FeG Deutschland	2025-04-04 02:58:03 (1 year ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 1	Exploited Host Web App Attack
🇩🇪 SCHAPPY	2023-07-26 19:55:29 (2 years ago)	IP was involved in L7 DDoS attack.	DDoS Attack
🇺🇸 VSM Networks	2022-09-08 12:31:27 (3 years ago)	Credential Stuffing	Brute-Force

Showing 1 to 13 of 13 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 193.176.31.157

🇱🇾 164.160.146.69

🇺🇸 162.216.150.187

🇵🇰 72.255.32.170

🇺🇸 12.68.228.244

🇲🇽 187.143.32.166

🇱🇰 175.157.85.138

🇺🇸 172.253.15.220

🇩🇪 167.94.146.39

🇺🇸 147.185.132.96

🇹🇼 128.14.236.224

🇷🇴 94.156.152.35

🇩🇪 69.5.169.228

🇫🇮 65.108.91.28

🇹🇼 59.126.224.134

🇳🇱 45.148.10.152

🇵🇰 39.43.132.112

🇺🇸 16.58.56.214

🇴🇲 5.162.242.242

🇭🇰 2404:6800:4005:c08::127