JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.212.16

178.20.212.16 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 9%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.212.16

Whois 178.20.212.16

IP Abuse Reports for 178.20.212.16:

This IP address has been reported a total of 20 times from 15 distinct sources. 178.20.212.16 was first reported on July 8th 2021, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 NetGuard	2026-05-27 23:26:54 (3 weeks ago)	#honeypot #netguard247 #ciscoasa Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timest ... show more #honeypot #netguard247 #ciscoasa Captured by NetGuard 24/7 T-Pot honeypot (netguard24-7.com). Timestamp: 2026-05-27T23:26:54.218+00:00 Attacker IP: 178.20.212.16 \| Port: N/A \| Country: Seychelles Honeypot: ciscoasa \| Attack: unknown Source: NetGuard 24/7 (netguard24-7.com) \| PhantomGrid Defense show less	Web App Attack
🇱🇻 garmtech.com	2026-05-23 13:17:23 (3 weeks ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
Anonymous	2026-01-26 18:50:57 (4 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2026-01-26 02:21:10 (4 months ago)	(mod_security) mod_security (id:210350) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 25 21:21:07.034746 2026] [security2:error] [pid 13089:tid 13089] [client 178.20.212.16:10991] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|opennatura.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "opennatura.com"] [uri "/"] [unique_id "aXbPk6-Kn0Hs9UjzOaonGgAAAAM"], referer: https://www.facebook.com/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-12-23 06:13:29 (5 months ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2025-12-05 02:06:00 (6 months ago)	(mod_security) mod_security (id:210350) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Dec 04 21:05:56.030607 2025] [security2:error] [pid 20573:tid 20573] [client 178.20.212.16:45517] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|primelb.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "primelb.com"] [uri "/"] [unique_id "aTI-BOgK9N1MUdfXjPWrkgAAABE"], referer: https://www.google.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇨🇭 backslash	2025-11-19 22:20:06 (6 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
Anonymous	2025-11-10 20:01:07 (7 months ago)	Forum/form spam	Web Spam
🇳🇱 GabrielJST	2025-11-09 21:02:19 (7 months ago)	(wordpress) Failed wordpress login from 178.20.212.16 (SC/Seychelles/-)	Brute-Force
🇺🇸 TPI-Abuse	2025-11-07 05:07:54 (7 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.212.16 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Nov 07 00:07:46.570797 2025] [security2:error] [pid 31603:tid 31603] [client 178.20.212.16:48399] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|bernsteinip.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "bernsteinip.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "aQ1-oraMVoCHbAIVzAtguQAAAA4"], referer: https://bernsteinip.com/wp-json/wp/v2/users/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-10-17 03:23:34 (8 months ago)	Forum/form spam	Web Spam
🇪🇸 10dencehispahard SL	2025-08-22 10:03:40 (9 months ago)	WP probing for vulnerabilities	Hacking Exploited Host
Anonymous	2025-08-15 02:23:43 (10 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-07-18 23:08:48 (11 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇦 wil.com	2024-09-23 14:59:28 (1 year ago)	GlobalProtect login attempts with user rbuckley.	VPN IP Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 216.218.206.81

🇫🇮 147.185.133.223

🇻🇳 103.78.0.229

🇭🇰 2404:6800:4005:c02::12b

🇩🇪 207.154.250.9

🇷🇴 193.32.162.76

🇳🇱 185.223.235.38

🇧🇷 177.173.33.47

🇺🇸 167.99.4.252

🇩🇪 155.117.234.80

🇨🇲 154.70.102.114

🇧🇷 144.22.238.238

🇨🇳 121.224.78.164

🇨🇳 114.103.80.197

🇺🇸 74.125.78.154

🇳🇱 45.148.10.151

🇹🇼 45.43.37.254

🇧🇾 37.214.66.43

🇺🇸 216.25.89.130

🇩🇪 212.227.187.197