JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.202.16.172

193.202.16.172 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 22%: ?

22%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.202.16.172

Whois 193.202.16.172

IP Abuse Reports for 193.202.16.172:

This IP address has been reported a total of 14 times from 11 distinct sources. 193.202.16.172 was first reported on September 22nd 2023, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-17 01:03:52 (4 days ago)	(mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 16 21:03:47.330958 2026] [security2:error] [pid 6835:tid 6839] [client 193.202.16.172:58065] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|cocoonprojects.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "cocoonprojects.com"] [uri "/"] [unique_id "ajHycwhwOqz_jQ1V_5CPfAAAAIA"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇫🇷 masterguru	2026-06-15 07:18:55 (6 days ago)	(modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.16.172 (US/United States/-): 1 in the ... show more (modsec_5015) ModSec 5015: Suspicious User-Agent from 193.202.16.172 (US/United States/-): 1 in the last 3600 secs (0-195) show less	Hacking
🇬🇧 Oakley	2026-06-14 13:30:29 (6 days ago)	(mod_security) mod_security (id:900177) triggered by 193.202.16.172 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900177) triggered by 193.202.16.172 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇵🇾 armandosaucedo.me	2026-02-24 13:34:45 (3 months ago)	193.202.16.172 - - [24/Feb/2026:13:34:42 +0000] "GET /remote/login HTTP/1.1" 404 196 "-" "Mozilla/5. ... show more 193.202.16.172 - - [24/Feb/2026:13:34:42 +0000] "GET /remote/login HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/115.0.0.0 Safari/537.36 Edg/115.0.1901.203" show less	Web App Attack
🇱🇻 garmtech.com	2026-01-28 08:40:21 (4 months ago)	IM360 WAF: Attempt to upload malware	Hacking
Anonymous	2026-01-19 14:40:30 (5 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.19 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2026.01.19 is noted in report timestamp show less	Hacking Brute-Force
🇵🇱 sefinek.net	2026-01-01 01:33:06 (5 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1. ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: MANAGED_CHALLENGE Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 This report was generated by: https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇱🇻 garmtech.com	2025-12-27 11:57:14 (5 months ago)	IM360 WAF: Attempt to upload malware	Hacking
🇺🇸 TPI-Abuse	2025-11-19 04:31:03 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Nov 18 23:30:57.844514 2025] [security2:error] [pid 8785:tid 8898] [client 193.202.16.172:28487] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.churchstjoseph.org\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.churchstjoseph.org"] [uri "/social-ministry"] [unique_id "aR1IAQTWQXpXNUzI8z7gbwAAAc4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-11 17:40:05 (7 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2025-10-28 16:25:01 (7 months ago)	(mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 193.202.16.172 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Oct 28 12:24:58.003124 2025] [security2:error] [pid 30325:tid 30325] [client 193.202.16.172:62057] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|www.perryoclock.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "www.perryoclock.com"] [uri "/"] [unique_id "aQDuWevcn5yr0sbC9tMvJAAAAAk"] show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-26 00:05:07 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
Anonymous	2024-05-10 14:30:09 (2 years ago)	Failed password for invalid user RECEPTION port 443 SSLPVN	VPN IP Brute-Force
🇳🇿 Tripwire	2023-09-22 07:19:45 (2 years ago)	Wordpress login scanning	Brute-Force Web App Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 168.228.89.207

🇩🇪 159.65.112.25

🇻🇳 152.32.249.95

🇻🇳 123.21.26.223

🇹🇭 49.228.242.242

🇨🇳 14.103.115.162

🇸🇪 188.149.41.41

🇵🇹 188.83.131.4

🇮🇳 182.78.67.22

🇺🇸 152.163.119.68

🇺🇸 147.185.132.29

🇵🇰 119.156.99.196

🇳🇱 91.92.40.6

🇫🇷 85.217.140.40

🇺🇸 64.62.156.153

🇯🇵 58.98.197.137

🇰🇷 36.38.56.82

🇿🇦 197.185.134.202

🇩🇪 172.253.1.222

🇺🇸 160.79.106.35