JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.215.212

178.20.215.212 was found in our database!

This IP was reported 14 times. Confidence of Abuse is 23%: ?

23%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇷 France
City	Paris, Ile-de-France

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.215.212

Whois 178.20.215.212

IP Abuse Reports for 178.20.215.212:

This IP address has been reported a total of 14 times from 12 distinct sources. 178.20.215.212 was first reported on June 9th 2024, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 stinpriza	2026-06-22 23:40:19 (2 days ago)	Web App Attack	Web App Attack
🇫🇷 tilellit.pro	2026-05-17 20:39:25 (1 month ago)	Fail2Ban banned 178.20.215.212 for security violations in jail wp-armour. Log: 2026/05/17 20:39:25 [ ... show more Fail2Ban banned 178.20.215.212 for security violations in jail wp-armour. Log: 2026/05/17 20:39:25 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 178.20.215.212 \| Target: wplogin" , client: 178.20.215.212, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇧🇪 voormedia	2026-05-11 10:13:19 (1 month ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-05-10 21:52:06 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 178.20.215.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:225170) triggered by 178.20.215.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 17:51:58.591339 2026] [security2:error] [pid 798:tid 798] [client 178.20.215.212:32489] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|iconbizpromo.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "iconbizpromo.com"] [uri "/wp-json/wp/v2/users"] [unique_id "agD9_luF3UgmMqgTad01_gAAAAU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇮🇱 spd.co.il	2026-05-09 11:01:17 (1 month ago)	Web application attack detected	Hacking Web App Attack
Anonymous	2026-05-07 10:23:40 (1 month ago)		Bad Web Bot Web App Attack
🇵🇱 sefinek.net	2026-03-30 23:22:56 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from FI. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from FI. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: / \| UA: Mozilla/5.0 (Linux x86_64; rv:114.0) Gecko/20100101 Firefox/114.0 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇵🇱 sefinek.net	2026-03-25 08:01:21 (2 months ago)	Triggered Cloudflare WAF (firewallCustom) from FI. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (G ... show more Triggered Cloudflare WAF (firewallCustom) from FI. Action: MANAGED_CHALLENGE \| Protocol: HTTP/1.1 (GET) \| Endpoint: /genshin-stella-mod \| UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Vivaldi/5.3.2679.68 • Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB show less	Bad Web Bot
🇺🇸 interbiznw.com	2026-03-22 01:00:27 (3 months ago)	wordpress-fuzzing	Hacking Brute-Force Exploited Host Web App Attack
🇦🇺 afleventoffice.com.au	2026-03-17 22:47:10 (3 months ago)	GET /.env.example HTTP/1.1	Web App Attack
🇱🇻 garmtech.com	2026-03-06 01:02:01 (3 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-02.178.20.215.212.web-spamm ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 03-02.178.20.215.212.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇮🇩 Burayot	2025-08-15 21:07:26 (10 months ago)	LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 178.20.215.212 (SC/Seychelles/-): 1 ... show more LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 178.20.215.212 (SC/Seychelles/-): 1 in the last 3600 secs show less	Web App Attack
🇺🇸 TPI-Abuse	2025-03-11 05:59:30 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 178.20.215.212 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 178.20.215.212 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 11 01:59:24.211644 2025] [security2:error] [pid 26421:tid 26421] [client 178.20.215.212:35313] [client 178.20.215.212] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "peterjohnsonauthor.com"] [uri "/.env"] [unique_id "Z8_RPF7t7dacopilroDJzgAAAAU"], referer: https://tasamm.com/about/ppp24.html show less	Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2024-06-09 21:23:00 (2 years ago)	DDoS Attack Layer 7 - REQUESTS / HTTP/2.0	DDoS Attack

Showing 1 to 14 of 14 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 91.92.40.41

🇫🇷 185.182.186.243

🇺🇸 172.234.199.75

🇰🇷 112.151.178.49

🇮🇩 103.150.226.59

🇺🇸 20.102.98.235

🇬🇧 193.163.125.158

🇦🇷 186.1.224.88

🇨🇳 103.96.140.181

🇰🇷 103.57.203.254

🇩🇪 69.5.169.157

🇨🇳 61.142.57.14

🇮🇳 198.38.85.149

🇩🇪 136.243.220.214

🇻🇳 103.69.85.64

🇯🇵 43.153.150.130

🇮🇩 36.82.37.177

🇨🇳 223.109.143.238

🇧🇷 201.55.140.180

🇺🇸 191.101.61.186