JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 193.56.20.56

193.56.20.56 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 3%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 193.56.20.56

Whois 193.56.20.56

IP Abuse Reports for 193.56.20.56:

This IP address has been reported a total of 17 times from 10 distinct sources. 193.56.20.56 was first reported on December 11th 2020, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-10 11:16:56 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 10 07:16:48.637909 2026] [security2:error] [pid 24830:tid 24830] [client 193.56.20.56:38305] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|cityofportales.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "cityofportales.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ailHoL8QIV_Mx6FMogNHjQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-14 09:52:09 (3 months ago)	(mod_security) mod_security (id:210350) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 05:52:02.515525 2026] [security2:error] [pid 27527:tid 27527] [client 193.56.20.56:53523] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|solutiongroove.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "solutiongroove.com"] [uri "/"] [unique_id "abUvwroig2xAuZuFHvthggAAAAk"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-27 20:27:18 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 27 15:27:14.018790 2026] [security2:error] [pid 9936:tid 9936] [client 193.56.20.56:44245] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|rkhindustries.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "rkhindustries.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aaH-IvmS-5UdifhJShFMjwAAAAg"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-02-23 20:32:30 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Feb 23 15:32:26.020556 2026] [security2:error] [pid 19459:tid 19459] [client 193.56.20.56:59157] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|abilityimprinting.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "abilityimprinting.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZy5WpPuO1XdeMrp5MDK0gAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-11-29 02:33:38 (6 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇺🇸 fbarela	2025-10-03 13:00:01 (8 months ago)	FortiGate SSL VPN login failures.	Hacking Brute-Force
🇩🇪 ps-center	2025-09-09 07:32:19 (9 months ago)	MYH: Web Attack GET /index.php/adminpanel/adminhtml_login/index	Web Spam Hacking Bad Web Bot Web App Attack
🇨🇭 backslash	2025-05-24 05:02:02 (1 year ago)		Bad Web Bot
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 193.56.20.56	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 193.56.20.56	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 193.56.20.56	DDoS Attack Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2025-01-16 23:52:10 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210492) triggered by 193.56.20.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 16 18:51:52.125682 2025] [security2:error] [pid 2159145:tid 2159145] [client 193.56.20.56:29061] [client 193.56.20.56] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "engravingbyangela.com"] [uri "/wp-config.php.3"] [unique_id "Z4mbmJFaxKxnAdFSR5lj0wAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇦 wil.com	2024-10-20 02:00:05 (1 year ago)	GlobalProtect login attempts with user public.	VPN IP Brute-Force
🇩🇪 css672	2024-10-17 09:19:43 (1 year ago)	Credential brute-force attacks on webpage logins [18,21]. remote_addr: 193.56.20.56, error_code: 76 ... show more Credential brute-force attacks on webpage logins [18,21]. remote_addr: 193.56.20.56, error_code: 76 username: annashevchuk12ukr-net password: [censored] fruad_score: 0, abuseConfidenceScore: 0 css672: V.4.10.16.1436 show less	Brute-Force Web App Attack
🇩🇪 Sklurk	2022-08-12 06:37:06 (3 years ago)		Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇭 124.217.126.250

🇺🇸 198.62.6.56

🇺🇿 194.107.115.199

🇮🇳 182.95.184.138

🇨🇳 117.35.158.142

🇨🇳 111.30.98.26

🇭🇰 103.153.4.104

🇹🇼 198.235.24.51

🇨🇳 139.170.73.17

🇨🇳 118.196.86.5

🇺🇸 109.105.210.60

🇺🇸 109.105.210.57

🇳🇱 45.148.10.183

🇺🇸 20.98.165.154

🇹🇷 213.43.19.127

🇲🇦 196.64.217.51

🇷🇴 193.46.255.86

🇨🇳 183.66.149.42

🇺🇸 170.106.105.73

🇨🇳 111.229.131.191