JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.202.16.240

193.202.16.240 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 19%: ?

19%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.202.16.240

Whois 193.202.16.240

IP Abuse Reports for 193.202.16.240:

This IP address has been reported a total of 11 times from 7 distinct sources. 193.202.16.240 was first reported on September 5th 2023, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-14 18:32:01 (3 days ago)	(mod_security) mod_security (id:225170) triggered by 193.202.16.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.202.16.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 14:31:57.551202 2026] [security2:error] [pid 9807:tid 9807] [client 193.202.16.240:58455] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|njletr.org\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "njletr.org"] [uri "/wp-json/wp/v2/users"] [unique_id "ai7zndbj15KUms58nzt7LAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Oakley	2026-06-06 17:29:12 (1 week ago)	(mod_security) mod_security (id:900177) triggered by 193.202.16.240 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900177) triggered by 193.202.16.240 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇩🇪 Oakley	2026-05-20 17:44:06 (4 weeks ago)	(mod_security) mod_security (id:900177) triggered by 193.202.16.240 (US/United States/-): 5 in the l ... show more (mod_security) mod_security (id:900177) triggered by 193.202.16.240 (US/United States/-): 5 in the last 900 secs show less	Web App Attack Hacking
🇪🇸 sshtmp	2026-05-20 04:02:26 (4 weeks ago)	[AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T06:02:26+0 ... show more [AbuseIPDB auto-report] Attack: WordPress XML-RPC brute-force Hits: 1 \| First: 2026-05-20T06:02:26+02:00 \| Last: 2026-05-20T06:02:26+02:00 Samples: POST /xmlrpc.php [200] show less	Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 193.202.16.240	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 193.202.16.240	DDoS Attack Brute-Force Web App Attack
🇨🇦 wil.com	2024-09-25 00:31:26 (1 year ago)	GlobalProtect login attempts with user tpoke.	VPN IP Brute-Force
Anonymous	2024-06-17 01:20:59 (2 years ago)	193.202.16.240 - - [17/Jun/2024:03:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4281 "-" "Apache-Htt ... show more 193.202.16.240 - - [17/Jun/2024:03:20:54 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4281 "-" "Apache-HttpClient/4.5.13 (Java/11.0.23)" 193.202.16.240 - - [17/Jun/2024:03:20:56 +0200] "POST /xmlrpc.php HTTP/1.1" 200 4374 "-" "Apache-HttpClient/4.5.13 (Java/11.0.23)" ... show less	Web App Attack
🇺🇸 TPI-Abuse	2023-12-25 00:09:59 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 193.202.16.240 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 193.202.16.240 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 24 19:09:56.343111 2023] [security2:error] [pid 21018] [client 193.202.16.240:35697] [client 193.202.16.240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Horizon II/Horizon II/Stargo Black/originals/Thumbs.db"] [unique_id "ZYjIVOHkA5jwoEMOUzHMtQAAAAc"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Horizon%20II/Horizon%20II/Stargo%20Black/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2023-10-07 05:51:47 (2 years ago)		Bad Web Bot
🇨🇭 backslash	2023-09-05 11:29:47 (2 years ago)	honeypot	Bad Web Bot

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇸🇬 178.128.28.25

🇯🇵 156.231.117.100

🇺🇸 104.234.53.115

🇮🇶 185.158.21.115

🇺🇸 162.216.149.169

🇯🇵 160.251.202.50

🇺🇸 147.185.132.196

🇺🇸 107.150.96.189

🇬🇧 87.106.35.227

🇮🇹 64.137.59.194

🇰🇷 59.28.102.182

🇨🇳 49.75.185.71

🇯🇴 46.185.191.38

🇱🇹 213.101.138.172

🇮🇳 117.205.3.26

🇺🇦 82.21.224.182

🇮🇹 45.92.70.136

🇹🇷 8.212.129.196

🇪🇨 205.235.2.176

🇺🇸 192.227.183.149