JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.212.143

178.20.212.143 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.212.143

Whois 178.20.212.143

IP Abuse Reports for 178.20.212.143:

This IP address has been reported a total of 14 times from 11 distinct sources. 178.20.212.143 was first reported on December 12th 2022, and the most recent report was 7 months ago.

Old Reports: The most recent abuse report for this IP address is from 7 months ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 agenciahypelab.com.br	2025-11-08 16:02:48 (7 months ago)	WordPress login brute-force detectado e bloqueado pelo CSF/LFD. Trigger: LF_TRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2025-11-07 05:48:13 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.212.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 178.20.212.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 00:48:04.888264 2025] [security2:error] [pid 9822:tid 9822] [client 178.20.212.143:19285] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ2IFOXBFNpU6vgXQcdxEAAAACU"], referer: https://bernsteinip.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-08-21 22:34:59 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 backslash	2025-05-06 04:55:03 (1 year ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇺🇸 TPI-Abuse	2024-02-08 22:23:42 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.143 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.143 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Feb 08 17:23:36.958763 2024] [security2:error] [pid 6523] [client 178.20.212.143:26807] [client 178.20.212.143] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Catnapper/images/Omni/Thumbs.db"] [unique_id "ZcVUaNTn7xLu9U5OK50rfQAAABY"], referer: https://vitalitywebb.com/backstore/Catnapper/images/Omni/ show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Vegascosmetics	2024-01-13 06:00:47 (2 years ago)	Potential Dangerous Requests Sucker	Bad Web Bot
🇺🇸 ChamberofCommerce.com	2023-10-27 18:24:23 (2 years ago)	Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested ... show more Unauthorized Scraping Attempt - More then 225 Pages Requested in a 24 hour period - Total Requested Before Block:226 show less	Bad Web Bot
🇨🇭 backslash	2023-10-07 06:00:37 (2 years ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇨🇭 backslash	2023-09-06 13:26:46 (2 years ago)	honeypot	Bad Web Bot
🇨🇦 electronico	2023-05-16 10:22:32 (3 years ago)	178.20.212.143 - - [16/May/2023:21:22:29 1100] "POST /wp-login.php HTTP/1.1" 200 9113 "-" "Mozilla/ ... show more 178.20.212.143 - - [16/May/2023:21:22:29 1100] "POST /wp-login.php HTTP/1.1" 200 9113 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 178.20.212.143 - - [16/May/2023:21:22:29 1100] "POST /wp-login.php HTTP/1.1" 200 9122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 178.20.212.143 - - [16/May/2023:21:22:30 1100] "POST /wp-login.php HTTP/1.1" 200 9122 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 178.20.212.143 - - [16/May/2023:21:22:31 1100] "POST /wp-login.php HTTP/1.1" 200 9114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" 178.20.212.143 - - [16/May/2023:21:22:31 1100] "POST /wp-login.php HTTP/1.1" 200 9114 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:102.0) Gecko/20100101 Firefox/102.0" show less	Brute-Force Web App Attack
🇪🇸 10dencehispahard SL	2023-05-08 15:32:38 (3 years ago)	Unauthorized login attempts [{'wordpress'}]	Brute-Force Web App Attack
🇿🇦 Birdflew	2023-04-28 11:54:31 (3 years ago)	Wordpress attack	Web App Attack
Anonymous	2023-04-27 20:30:21 (3 years ago)	HACK	Brute-Force
🇩🇪 Ray Gläske	2022-12-12 23:19:28 (3 years ago)	DDoS Attack on versus.com	DDoS Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 213.166.84.39

🇺🇸 172.171.3.232

🇷🇺 45.195.221.26

🇩🇪 185.242.3.195

🇮🇳 182.78.67.22

🇨🇳 118.196.86.5

🇬🇧 89.37.172.147

🇫🇷 85.217.140.23

🇨🇳 61.191.145.123

🇩🇪 217.86.134.147

🇺🇸 172.172.237.68

🇺🇸 65.49.1.158

🇺🇸 43.130.57.76

🇸🇬 15.235.167.25

🇺🇸 135.237.126.204

🇦🇺 134.199.173.94

🇨🇳 113.31.103.129

🇸🇬 103.134.154.138

🇺🇸 96.78.175.41

🇭🇰 220.246.42.212