JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.212.197

178.20.212.197 was found in our database!

This IP was reported 25 times. Confidence of Abuse is 16%: ?

16%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.212.197

Whois 178.20.212.197

IP Abuse Reports for 178.20.212.197:

This IP address has been reported a total of 25 times from 11 distinct sources. 178.20.212.197 was first reported on November 30th 2021, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2026-06-11 14:46:01 (1 week ago)	Forum/form spam	Web Spam
🇺🇸 TPI-Abuse	2026-05-22 11:07:20 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 22 07:07:11.966070 2026] [security2:error] [pid 12287:tid 12287] [client 178.20.212.197:41591] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "blublk.com"] [uri "/wp-config.bak"] [unique_id "ahA430qiAZWqFbj_6NBYYAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 mnsf	2026-05-21 07:06:50 (4 weeks ago)	Scanning/Probing (24)	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 20:21:49 (4 weeks ago)	(mod_security) mod_security (id:210492) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 16:21:43.093718 2026] [security2:error] [pid 24834:tid 24834] [client 178.20.212.197:39451] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mkdesignndetailing.com"] [uri "/wp-config.php.dist"] [unique_id "ag4X19LDgANIxdhrBzptQQAAACU"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 13:06:01 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
Anonymous	2025-08-30 17:43:50 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
Anonymous	2025-08-22 01:34:21 (9 months ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇨🇭 backslash	2025-03-22 06:48:19 (1 year ago)		Bad Web Bot
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 178.20.212.197	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 178.20.212.197	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 178.20.212.197	DDoS Attack Brute-Force Web App Attack
🇺🇸 Anonymous	2025-02-28 16:00:00 (1 year ago)	Brute force attack detected from 178.20.212.197	DDoS Attack Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2024-12-01 08:56:13 (1 year ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.197 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 01 03:56:05.013102 2024] [security2:error] [pid 3730922:tid 3730922] [client 178.20.212.197:53657] [client 178.20.212.197] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Lochmere II Recliner/Broughton Saddle/originals/Thumbs.db"] [unique_id "Z0wkpeg1SoOEeHZ7MsCltwAAAAk"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Lochmere%20II%20Recliner/Broughton%20Saddle/originals/ show less	Brute-Force Bad Web Bot Web App Attack
🇭🇰 hkphoto.com	2024-11-30 14:39:41 (1 year ago)	178.20.212.197 - - [30/Nov/2024:22:39:33 +0800] "GET /wp-login.php HTTP/1.1" 444 0 "https://www.goog ... show more 178.20.212.197 - - [30/Nov/2024:22:39:33 +0800] "GET /wp-login.php HTTP/1.1" 444 0 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 178.20.212.197 - - [30/Nov/2024:22:39:34 +0800] "GET /wp-login.php HTTP/1.1" 444 0 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 178.20.212.197 - - [30/Nov/2024:22:39:36 +0800] "POST /xmlrpc.php HTTP/1.1" 444 0 "-" "Apache-HttpClient/4.5.13 (Java/11.0.25)" 178.20.212.197 - - [30/Nov/2024:22:39:38 +0800] "GET /wp-login.php HTTP/1.1" 444 0 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" 178.20.212.197 - - [30/Nov/2024:22:39:40 +0800] "GET /wp-login.php HTTP/1.1" 444 0 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
Anonymous	2024-11-28 03:02:17 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH

Showing 1 to 15 of 25 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇰🇷 115.91.48.142

🇷🇴 80.94.92.182

🇧🇷 35.199.91.89

🇯🇵 18.179.120.232

🇨🇿 2a02:598:64:8a00::302:623

🇮🇳 2401:4900:8899:5654:e18a:b575:57b9:6303

🇬🇧 213.166.84.36

🇷🇴 193.46.255.86

🇫🇷 185.177.72.53

🇮🇳 103.177.204.4

🇺🇸 71.6.134.230

🇺🇸 64.62.156.91

🇩🇪 37.114.33.6

🇺🇸 34.138.198.0

🇨🇳 223.159.80.91

🇨🇳 223.85.251.55

🇳🇱 193.176.31.213

🇬🇧 193.176.29.12

🇧🇷 191.210.73.33

🇻🇳 116.110.212.82