JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.116.202

193.56.116.202 was found in our database!

This IP was reported 154 times. Confidence of Abuse is 55%: ?

55%

ISP	VPN Consumer Atlanta, United States of America
Usage Type	Data Center/Web Hosting/Transit
ASN	AS62240
Domain Name	vpnconsumer.com
Country	🇺🇸 United States of America
City	Atlanta, Georgia

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.116.202

Whois 193.56.116.202

IP Abuse Reports for 193.56.116.202:

This IP address has been reported a total of 154 times from 43 distinct sources. 193.56.116.202 was first reported on June 4th 2022, and the most recent report was 6 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-16 09:10:34 (6 days ago)	Web App Attack	Web App Attack
🇨🇿 plzenskypruvodce.cz	2026-06-16 06:28:57 (6 days ago)	2026-06-16T08:28:46.958580+02:00 web wordpress(choteborky.cz)[3232526]: Authentication attempt for u ... show more 2026-06-16T08:28:46.958580+02:00 web wordpress(choteborky.cz)[3232526]: Authentication attempt for unknown user [email protected] from 193.56.116.202 2026-06-16T08:28:51.668209+02:00 web wordpress(choteborky.cz)[3232002]: Authentication attempt for unknown user root from 193.56.116.202 2026-06-16T08:28:57.755744+02:00 web wordpress(choteborky.cz)[3232526]: Authentication attempt for unknown user adminroot from 193.56.116.202 ... show less	Brute-Force
🇫🇷 dynamix	2026-06-16 03:55:09 (1 week ago)	WordPress wp-login.php Brute Force Attack	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-16 00:09:56 (1 week ago)	Login Too Frequent (7)	Brute-Force Web App Attack
🇩🇪 conseilgouz	2026-06-15 21:14:56 (1 week ago)	coe-6 : Trying access system files=>/wp-login.php(wp-login.php)	Hacking
🇩🇪 LRob.fr	2026-06-15 12:30:10 (1 week ago)	WordPress login brute-force detected by Fail2Ban in plesk-wordpress jail	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-06-15 02:30:56 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 193.56.116.202 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 193.56.116.202 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 14 22:30:51.195953 2026] [security2:error] [pid 27580:tid 27580] [client 193.56.116.202:51827] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|constructiondomex.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "constructiondomex.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ai9j24F40qt_O92dG8SziwAAACo"], referer: https://duckduckgo.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-06-14 12:50:06 (1 week ago)	Bot / scanning and/or hacking attempts: GET /wp-login.php?redirect_to=https%3A%2F%2Fc4eo.eu%2Fwp-adm ... show more Bot / scanning and/or hacking attempts: GET /wp-login.php?redirect_to=https%3A%2F%2Fc4eo.eu%2Fwp-admin% show less	Hacking Web App Attack
🇬🇧 blik2108	2026-06-14 10:20:35 (1 week ago)	blog.blacknellsatsea.co.uk:443 193.56.116.202 - - [14/Jun/2026:11:20:27 +0100] "POST /wp-login.php H ... show more blog.blacknellsatsea.co.uk:443 193.56.116.202 - - [14/Jun/2026:11:20:27 +0100] "POST /wp-login.php HTTP/1.1" 200 7276 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7; rv:119.0) Gecko/20100101 Firefox/119.0" blog.blacknellsatsea.co.uk:443 193.56.116.202 - - [14/Jun/2026:11:20:31 +0100] "GET /wp-login.php?redirect_to=https%3A%2F%2Fblog.blacknellsatsea.co.uk%2Fwp-admin%2Findex.php&reauth=1 HTTP/1.1" 200 5930 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_6_1; rv:119.0) Gecko/20100101 Firefox/119.0" blog.blacknellsatsea.co.uk:443 193.56.116.202 - - [14/Jun/2026:11:20:32 +0100] "POST /wp-login.php HTTP/1.1" 200 3951 "https://blog.blacknellsatsea.co.uk/wp-login.php" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" blog.blacknellsatsea.co.uk:443 193.56.116.202 - - [14/Jun/2026:11:20:34 +0100] "GET /wp-login.php?redirect_to=https%3A%2F%2 ... show less	Brute-Force Web App Attack
🇺🇸 mnsf	2026-06-14 06:09:22 (1 week ago)	Login Too Frequent (7)	Brute-Force Web App Attack
🇩🇪 FeG Deutschland	2026-04-24 20:43:34 (1 month ago)	Looking for CMS/PHP/SQL vulnerablilities/excessive crawling - 124	Exploited Host Web App Attack
Anonymous	2026-04-19 22:18:40 (2 months ago)	193.56.116.202 - - [19/Apr/2026:22:18:40 +0000] "GET /wp-content/.env HTTP/1.1" 404 437 "-" "Mozilla ... show more 193.56.116.202 - - [19/Apr/2026:22:18:40 +0000] "GET /wp-content/.env HTTP/1.1" 404 437 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/86.0.4240.183 Safari/537.36" ... show less	Bad Web Bot Web App Attack
🇩🇪 Starburst SysOp Team	2026-04-19 19:57:36 (2 months ago)	Host header is a numeric IP address. Pattern match "(?:^( (920350-nue6-2)	Hacking Bad Web Bot
🇫🇮 oh.mg	2026-04-19 02:11:24 (2 months ago)	[Sun Apr 19 04:11:20.918415 2026] [security2:error] [pid 1774354:tid 1774362] [client 193.56.116.202 ... show more [Sun Apr 19 04:11:20.918415 2026] [security2:error] [pid 1774354:tid 1774362] [client 193.56.116.202:61211] [client 193.56.116.202] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "95.216.72.247"] [uri "/conf/.env"] [unique_id "aeQ5yO7WZSWdSKbuXrQv3QAAAIA"] [Sun Apr 19 04:11:23.521224 2026] [security2:error] [pid 1774354:tid 1774364] [client 193.56.116.202:48189] [client 193.56.116.202] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 8)"] [ver "OWASP_CRS/4.10.0-dev ... show less	Web App Attack Bad Web Bot
🇯🇵 VXG-NET	2026-04-18 19:36:40 (2 months ago)	port=80, indicator_type=info-leak	Hacking

Showing 1 to 15 of 154 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 205.210.31.229

🇨🇳 111.26.6.111

🇯🇵 103.163.220.251

🇧🇷 38.190.77.179

🇺🇸 20.9.81.190

🇯🇵 194.5.48.215

🇺🇸 172.212.224.40

🇩🇪 69.5.169.164

🇬🇦 41.158.155.57

🇨🇳 14.103.63.16

🇩🇪 213.209.159.235

🇳🇱 185.165.242.225

🇭🇰 101.36.108.175

🇳🇱 91.92.40.36

🇺🇸 52.206.93.154

🇩🇪 46.101.156.158

🇮🇩 36.95.127.51

🇪🇨 190.130.132.35

🇳🇱 176.65.139.92

🇩🇪 172.253.1.222