JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.212.236

178.20.212.236 was found in our database!

This IP was reported 37 times. Confidence of Abuse is 18%: ?

18%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.212.236

Whois 178.20.212.236

IP Abuse Reports for 178.20.212.236:

This IP address has been reported a total of 37 times from 17 distinct sources. 178.20.212.236 was first reported on November 21st 2021, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 SiliSoftware	2026-05-17 12:35:18 (2 weeks ago)	/backup_2021.bz2	Web App Attack
🇺🇸 TPI-Abuse	2026-05-12 16:12:13 (3 weeks ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 12 12:12:05.778665 2026] [security2:error] [pid 15769:tid 15769] [client 178.20.212.236:10455] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|comitedelafamille.org\|F\|2"] [data ".sql"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "comitedelafamille.org"] [uri "/a.sql"] [unique_id "agNRVVJC7MtQk8cqT8axVwAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-04-27 22:53:25 (1 month ago)	Forum/form spam	Web Spam
🇱🇻 garmtech.com	2026-04-24 02:40:09 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-40.178.20.212.236.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 05-40.178.20.212.236.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇺🇸 TPI-Abuse	2026-04-16 02:38:42 (1 month ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 15 22:38:38.143254 2026] [security2:error] [pid 2316936:tid 2316936] [client 178.20.212.236:25589] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Golden-Technologies/pics/Golden Technologies 2009 Marketing CD/Power Chairs/Compass/Thumbs.db"] [unique_id "aeBLrruZjhM4C7aT-AozbgAAAAE"], referer: https://vitalitywebb.com/backstore/Golden-Technologies/pics/Golden%20Technologies%202009%20Marketing%20CD/Power%20Chairs/Compass/ show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-03-30 23:39:22 (2 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-39.178.20.212.236.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 02-39.178.20.212.236.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇩🇪 HandyTreff.de	2026-03-21 16:48:16 (2 months ago)	Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -49.666 (Bad < -10 / Very Bad < -20 ... show more Bot/Spam/Scrapper attack detected on www.handytreff.de - Score: -49.666 (Bad < -10 / Very Bad < -20 / Extreme < -35) \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/116.0.3709.1 show less	Web App Attack Bad Web Bot
🇨🇭 backslash	2026-03-15 04:27:00 (2 months ago)	block ruleset CC531825F9395F9A07FB06C1247C46770A2690F8	Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-14 10:15:36 (2 months ago)	(mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210730) triggered by 178.20.212.236 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Mar 14 06:14:56.290873 2026] [security2:error] [pid 13218:tid 13218] [client 178.20.212.236:26377] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|vitalitywebb.com\|F\|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "vitalitywebb.com"] [uri "/backstore/Barcalounger/Images/Bristol II/Thumbs.db"] [unique_id "abU1IMe5eDzY8Z6jeNx-tAAAAAA"], referer: https://vitalitywebb.com/backstore/Barcalounger/Images/Bristol%20II/ show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2026-01-29 14:04:42 (4 months ago)	wordpress-trap	Web App Attack
Anonymous	2026-01-23 15:16:14 (4 months ago)	Forum/form spam	Web Spam
Anonymous	2025-11-18 00:00:15 (6 months ago)	Forum/form spam	Web Spam
Anonymous	2025-10-23 19:20:44 (7 months ago)	wordpress-trap	Web App Attack
🇳🇱 WeCloudit-Anti-Abuse	2025-10-15 03:50:50 (7 months ago)	WAF: Old style account creation and modification in Joomla! 2- wsit	Email Spam Brute-Force
🇳🇱 WeCloudit-Anti-Abuse	2025-09-27 07:40:05 (8 months ago)	WAF: Old style account creation and modification in Joomla! 2- wsit	Email Spam Brute-Force

Showing 1 to 15 of 37 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 208.109.38.143

🇺🇸 147.185.132.157

🇺🇸 113.20.0.58

🇷🇺 37.230.113.165

🇵🇦 186.148.99.50

🇦🇷 181.209.75.156

🇺🇸 162.216.150.132

🇮🇩 157.15.40.1

🇸🇬 139.59.230.238

🇨🇳 111.113.89.83

🇷🇴 80.94.92.166

🇸🇬 47.236.184.180

🇦🇪 47.91.125.252

🇴🇲 37.40.239.177

🇬🇧 35.203.210.238

🇧🇪 34.62.196.247

🇺🇸 20.96.179.87

🇺🇸 162.216.149.95

🇻🇳 160.191.88.207

🇵🇰 139.135.41.156