JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.202.16.156

193.202.16.156 was found in our database!

This IP was reported 19 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.202.16.156

Whois 193.202.16.156

IP Abuse Reports for 193.202.16.156:

This IP address has been reported a total of 19 times from 10 distinct sources. 193.202.16.156 was first reported on October 27th 2023, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇮🇩 BPS-StatisticsIndonesia	2026-05-01 03:09:54 (1 month ago)	WP Login Scan Activities: "2026-05-01T10:09:54.861+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/ ... show more WP Login Scan Activities: "2026-05-01T10:09:54.861+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-30 22:42:22 (1 month ago)	WP Login Scan Activities: "2026-05-01T05:42:22.447+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/ ... show more WP Login Scan Activities: "2026-05-01T05:42:22.447+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-28 20:05:13 (1 month ago)	WP Login Scan Activities: "2026-04-29T03:05:13.882+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/ ... show more WP Login Scan Activities: "2026-04-29T03:05:13.882+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇮🇩 BPS-StatisticsIndonesia	2026-04-28 16:43:53 (1 month ago)	WP Login Scan Activities: "2026-04-28T23:43:53.963+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/ ... show more WP Login Scan Activities: "2026-04-28T23:43:53.963+07:00" "/wp-login.php" "193.202.16.156" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" show less	Web App Attack
🇩🇪 MusicLibrary	2026-04-25 07:20:58 (2 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇸🇬 pusathosting.com	2026-04-08 01:20:04 (2 months ago)	24ds22 bruteforce	Brute-Force Web App Attack
🇪🇸 Serpes	2026-04-06 07:43:30 (2 months ago)	WP Attack	Web App Attack Hacking
Anonymous	2026-01-29 21:10:03 (4 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.29 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.29 is noted in report timestamp show less	Hacking Brute-Force
Anonymous	2026-01-05 05:12:30 (5 months ago)	This IP was involved in a brute force and password spray attack.	Brute-Force Web App Attack
Anonymous	2025-08-24 19:53:46 (10 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.08.24 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.08.24 is noted in report timestamp show less	Hacking Brute-Force
🇨🇭 backslash	2025-06-19 15:25:06 (1 year ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-05-06 15:14:24 (1 year ago)	(mod_security) mod_security (id:210831) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210831) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 11:14:15.524442 2025] [security2:error] [pid 3261330:tid 3261330] [client 193.202.16.156:30605] [client 193.202.16.156] ModSecurity: Access denied with code 403 (phase 2). Pattern match "(?i:(?:^(?:microsoft url\|user-Agent\|www\\\\.weblogs\\\\.com\|(?:jakart\|vi)a\|(google\|i{0,1}explorer{0,1}\\\\.exe\|(ms){0,1}ie( [0-9.]{1,}){0,1} {0,1}(compatible( browser){0,1}){0,1})$)\|\\\\bdatacha0s\\\\b\|; widows\|\\\\\\\\r\|a(?: href=\|d(?:sarobot\|vanced email extractor ..." at REQUEST_HEADERS:User-Agent. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/03_Global_Agents.conf"] [line "29"] [id "210831"] [rev "2"] [msg "COMODO WAF: Rogue web site crawler\|\|thechoiceint.com\|F\|4"] [data "a href="] [severity "WARNING"] [tag "CWAF"] [tag "Agents"] [hostname "thechoiceint.com"] [uri "/webalizer/usage_201009.html"] [unique_id "aBonR4aXT3K065j-GSY5ywAAABA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-05-06 05:04:06 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 06 01:04:00.128336 2025] [security2:error] [pid 606581:tid 606581] [client 193.202.16.156:27937] [client 193.202.16.156] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/LEAP/Thumbs.db"] [unique_id "aBmYQG-nHDTTdQY1Mu-YCAAAABE"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/LEAP/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2024-12-01 08:05:43 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 193.202.16.156 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 03:05:38.908173 2024] [security2:error] [pid 3699541:tid 3699541] [client 193.202.16.156:36415] [client 193.202.16.156] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Catnapper/images/Soother/Thumbs.db"] [unique_id "Z0wY0kcNr2u8nGB1OFuOJQAAAAc"], referer: https://vitalitywebb.com/backstore/Catnapper/images/Soother/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-10-27 04:28:42 (1 year ago)	GlobalProtect login attempts with user benefits.	VPN IP Brute-Force

Showing 1 to 15 of 19 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇳 202.70.36.196

🇷🇴 193.46.255.86

🇺🇸 162.216.149.14

🇨🇳 124.163.203.191

🇭🇺 80.98.155.175

🇰🇷 221.147.160.73

🇦🇺 220.235.225.112

🇱🇻 196.196.53.140

🇺🇸 162.216.149.190

🇺🇸 91.193.232.90

🇳🇱 45.156.128.72

🇺🇸 104.243.35.104

🇻🇳 27.79.0.180

🇺🇸 216.25.89.103

🇫🇷 172.71.134.239

🇺🇸 162.216.150.142

🇷🇴 103.75.68.131

🇺🇸 66.132.172.116

🇩🇪 47.91.67.138

🇺🇸 24.142.170.231