JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.202.16.104

193.202.16.104 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 10%: ?

10%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.202.16.104

Whois 193.202.16.104

IP Abuse Reports for 193.202.16.104:

This IP address has been reported a total of 25 times from 18 distinct sources. 193.202.16.104 was first reported on July 1st 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇦🇺 MAGIC	2026-06-04 02:14:25 (2 weeks ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇺🇸 TPI-Abuse	2026-05-20 12:42:48 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 193.202.16.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 193.202.16.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 08:42:40.567245 2026] [security2:error] [pid 32504:tid 32504] [client 193.202.16.104:64083] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.store.newmooncafe.com"] [uri "/.wp-config.php.swp"] [unique_id "ag2sQHGUFMebuHAbnt7V_gAAAA0"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 4server	2026-04-16 20:39:30 (2 months ago)	[ThuApr1622:39:27.2490802026][security2:error][pid2757882:tid2757895][client193.202.16.104:0]ModSecu ... show more [ThuApr1622:39:27.2490802026][security2:error][pid2757882:tid2757895][client193.202.16.104:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/plugins/[\^/] /\(readme\\\\\\\\.txt\\|changelog\\\\\\\\.txt\)\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"381\"][id\"960828\"][msg\"WordPresspluginenumerationblocked\"][hostname\"cadvending.ch\"][uri\"/wp-content/plugins/all-in-one-seo-pack/readme.txt\"][unique_id\"aeFI_6WVPoaNO0FJJnYkoAAAAAg\"] show less	Hacking Web App Attack
Anonymous	2026-01-19 00:00:00 (5 months ago)	Brute force against VPN	Brute-Force Bad Web Bot
🇮🇩 BPS-StatisticsIndonesia	2025-12-26 06:41:13 (5 months ago)	WP Login Scan Activities	Web App Attack
Anonymous	2025-12-26 01:02:47 (5 months ago)	Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.26 is noted in report tim ... show more Attempted brute force login to web vpn 2 time(s); last attempt for 2025.12.26 is noted in report timestamp show less	Hacking Brute-Force
🇪🇸 el-brujo	2025-12-25 02:37:59 (5 months ago)	[Thu Dec 25 03:37:57.875301 2025] [proxy_fcgi:error] [pid 3392355:tid 3393066] [remote 193.202.16.10 ... show more [Thu Dec 25 03:37:57.875301 2025] [proxy_fcgi:error] [pid 3392355:tid 3393066] [remote 193.202.16.104:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Thu Dec 25 03:37:59.144808 2025] [proxy_fcgi:error] [pid 3392355:tid 3392980] [remote 193.202.16.104:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇫🇷 masterguru	2025-12-23 11:13:41 (6 months ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.16.104 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.16.104 (US/United States/-): 1 in the last 3600 secs (0-197) show less	Hacking
🇪🇸 el-brujo	2025-12-18 05:59:27 (6 months ago)	Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: PUREVOLTAGE-INC Country: US Method: GET Timestamp: 2025-12-18T05:59:27Z ruleId: 12b9aecf1f6245b29d7e842bf35a42a0. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2025-12-18 05:44:28 (6 months ago)	Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 ... show more Cloudflare WAF: Request Path: /ptbt_apdos Request Query: Host: elhacker.net userAgent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36 Action: block Source: l7ddos ASN Description: PUREVOLTAGE-INC Country: US Method: GET Timestamp: 2025-12-18T05:44:28Z ruleId: 12b9aecf1f6245b29d7e842bf35a42a0. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇨🇭 Zeprax	2025-12-17 22:29:09 (6 months ago)	Layer 7 Flood Detected	DDoS Attack
🇩🇪 Packets-Decreaser.NET	2025-12-11 19:19:08 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 TPI-Abuse	2025-12-10 04:07:08 (6 months ago)	(mod_security) mod_security (id:210350) triggered by 193.202.16.104 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 193.202.16.104 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Dec 09 23:07:01.554830 2025] [security2:error] [pid 26905:tid 26905] [client 193.202.16.104:47621] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.powerastronomy.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.powerastronomy.com"] [uri "/Runequest/doku.php"] [unique_id "aTjx5R7WHCcpERUFa0LQXAAAAAQ"], referer: http://www.powerastronomy.com/Runequest/doku.php?id=cat888_bet&do=register show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 fbarela	2025-10-27 19:00:48 (7 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇲🇽 licjperezl	2025-06-05 17:58:39 (1 year ago)	Ataque de diccionario o DDoS en nuestros servicios en linea	Brute-Force

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 194.50.235.148

🇨🇴 190.250.108.32

🇧🇪 149.154.243.153

🇫🇷 91.196.152.103

🇦🇲 87.241.156.224

🇩🇪 69.5.169.44

🇲🇾 49.124.146.42

🇦🇺 46.250.241.125

🇳🇱 45.148.10.239

🇷🇺 31.173.21.229

🇺🇾 186.53.63.150

🇳🇱 144.31.54.15

🇹🇷 138.124.107.53

🇭🇰 114.111.54.189

🇷🇺 89.113.136.32

🇩🇪 69.5.169.81

🇧🇷 45.205.1.241

🇳🇱 31.59.95.52

🇮🇳 223.196.193.153

🇮🇩 182.10.129.83