JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.20.48

193.56.20.48 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 19%: ?

19%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.20.48

Whois 193.56.20.48

IP Abuse Reports for 193.56.20.48:

This IP address has been reported a total of 16 times from 10 distinct sources. 193.56.20.48 was first reported on April 11th 2024, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-21 22:35:15 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 21 18:35:10.218933 2026] [security2:error] [pid 32042:tid 32042] [client 193.56.20.48:45055] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "manosentuayuda.org"] [uri "/wp-config.php.dist"] [unique_id "ag-InqOS2J4bURvW2Rz3ngAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-21 09:05:16 (2 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 21:26:20 (2 weeks ago)	(mod_security) mod_security (id:949110) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:949110) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 17:26:16.904742 2026] [security2:error] [pid 11493:tid 11493] [client 193.56.20.48:41439] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/apache2/conf.d/modsec_vendor_configs/OWASP3/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "30"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "delcano.org"] [uri "/wp-config.php~"] [unique_id "ag4m-AZizldSHsAiDGYZawAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 13:28:18 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 09:28:12.893821 2026] [security2:error] [pid 28448:tid 28448] [client 193.56.20.48:52325] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.txt" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bolivarbulletintimes.com"] [uri "/wp-config.txt"] [unique_id "ag227EBvPVNzvQHNp1fIPgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇮🇩 zam	2026-04-17 11:22:47 (1 month ago)	193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /.env.backup HTTP/1.1" 404 82108 193.56.20.48 - - ... show more 193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /.env.backup HTTP/1.1" 404 82108 193.56.20.48 - - [17/Apr/2026:11:22:42 +0000] "GET /.well-known/security.txt HTTP/1.1" 404 82108 193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /wp-content/uploads/wc-logs/ HTTP/1.1" 404 82108 193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /info.php HTTP/1.1" 404 82108 193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /wp-content/debug.log HTTP/1.1" 404 82108 {"log":"193.56.20.48 - - [17/Apr/2026:11:22:43 +0000] "GET /.env.local show less	Web App Attack
🇫🇷 masterguru	2026-04-15 03:11:44 (1 month ago)	Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-201)	Hacking
🇩🇪 HandyTreff.de	2025-11-25 08:51:46 (6 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -45.719 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -45.719 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.737.4 show less	Bad Web Bot Web App Attack
🇨🇭 backslash	2025-05-24 05:02:02 (1 year ago)		Bad Web Bot
Anonymous	2024-12-21 09:00:38 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
Anonymous	2024-12-20 01:47:45 (1 year ago)	Attempted brute force login to web vpn	Hacking Brute-Force
🇺🇸 TPI-Abuse	2024-12-01 08:08:54 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210730) triggered by 193.56.20.48 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 03:08:50.171446 2024] [security2:error] [pid 3700923:tid 3700923] [client 193.56.20.48:24875] [client 193.56.20.48] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Steelcase/pics/Criterion/Thumbs.db"] [unique_id "Z0wZkoA8lxZJ9U7LlxtiyQAAACA"], referer: https://vitalitywebb.com/backstore/Steelcase/pics/Criterion/ show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-23 04:50:06 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
Anonymous	2024-09-10 12:35:36 (1 year ago)	Malicious activity detected	Hacking Web App Attack
🇨🇭 backslash	2024-05-23 02:20:08 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2024-04-15 17:04:57 (2 years ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 209.90.232.26

🇩🇪 95.81.118.55

🇦🇪 46.245.238.18

🇰🇷 211.228.218.47

🇻🇳 171.250.167.29

🇻🇳 118.70.182.193

🇨🇳 61.136.246.87

🇨🇳 60.166.83.13

🇫🇷 2a02:4780:27:1145:0:825:16d3:1

🇳🇱 195.178.110.26

🇰🇭 124.248.177.189

🇷🇴 92.118.39.236

🇷🇺 37.23.204.51

🇨🇳 139.170.73.43

🇮🇳 128.185.249.46

🇨🇳 106.117.110.104

🇮🇳 103.176.16.111

🇺🇸 66.132.172.235

🇺🇸 63.135.161.89

🇳🇱 45.148.10.141