JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.212.101

178.20.212.101 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.212.101

Whois 178.20.212.101

IP Abuse Reports for 178.20.212.101:

This IP address has been reported a total of 16 times from 10 distinct sources. 178.20.212.101 was first reported on October 31st 2022, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-04-15 01:52:26 (1 month ago)	(mod_security) mod_security (id:210350) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210350) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Apr 14 21:52:20.389907 2026] [security2:error] [pid 2517571:tid 2517571] [client 178.20.212.101:18441] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|dodojuice.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "dodojuice.com"] [uri "/"] [unique_id "ad7vVOxUwgbUqtAChMjg1AAAAAQ"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 Audir8 \| RRHosting	2026-03-03 21:42:42 (3 months ago)	Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET metho ... show more Triggered Cloudflare WAF (firewallCustom) from US. Action taken: BLOCK Protocol: HTTP/1.1 (GET method) Endpoint: / UA: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/118.0.0.0 Safari/537.36 This report is using Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
Anonymous	2026-01-21 14:29:21 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2025-12-21 17:38:44 (5 months ago)	Forum/form spam	Web Spam
Anonymous	2025-12-07 21:10:51 (6 months ago)	wordpress-trap	Web App Attack
🇳🇱 exxos	2025-10-30 12:03:01 (7 months ago)	HTTP1.x attacks	DDoS Attack
🇬🇧 relianoid.com	2025-10-25 06:27:14 (7 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
Anonymous	2025-10-11 10:22:59 (8 months ago)	Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.11 is noted in report tim ... show more Attempted brute force login to web vpn 1 time(s); last attempt for 2025.10.11 is noted in report timestamp show less	Hacking Brute-Force
🇺🇸 TPI-Abuse	2025-09-06 19:43:37 (9 months ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Sep 06 15:43:31.070783 2025] [security2:error] [pid 30943:tid 30943] [client 178.20.212.101:63781] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Kristin/Thumbs.db"] [unique_id "aLyO43Rol9MgGKUKtH4ecgAAAAg"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Kristin/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-05-24 05:01:53 (1 year ago)		Bad Web Bot
🇺🇸 TPI-Abuse	2024-08-07 16:39:10 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.101 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Aug 07 12:39:04.505439 2024] [security2:error] [pid 20299:tid 20299] [client 178.20.212.101:52191] [client 178.20.212.101] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Cedar Hill/Thumbs.db"] [unique_id "ZrOjKJZFjzbO-vtSmwY2ogAAAAY"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Cedar%20Hill/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2024-05-15 15:35:02 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇭 backslash	2024-04-11 19:05:06 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2024-03-27 20:57:54 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:227 show less	Bad Web Bot
🇳🇱 Savvii	2022-11-06 03:02:09 (3 years ago)	20 attempts against mh-misbehave-ban on pluto	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 176.65.132.129

🇺🇸 64.62.156.184

🇳🇱 204.76.203.206

🇵🇪 200.106.49.149

🇺🇸 195.184.76.162

🇫🇮 193.160.100.52

🇮🇷 188.213.176.169

🇧🇷 187.50.194.182

🇨🇭 179.43.186.231

🇺🇸 162.216.150.219

🇮🇳 122.177.165.17

🇮🇳 103.163.178.5

🇧🇬 79.124.62.230

🇧🇷 43.164.195.69

🇺🇸 35.196.125.188

🇺🇸 18.221.179.104

🇺🇸 4.154.236.9

🇯🇵 210.156.0.132

🇲🇽 201.161.46.131

🇺🇸 137.184.141.220