JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 197.211.52.78

197.211.52.78 was found in our database!

This IP was reported 162 times. Confidence of Abuse is 71%: ?

71%

ISP	ENTERPRISE-BENIN
Usage Type	Fixed Line ISP
ASN	AS37148
Domain Name	08vicenterprises.com
Country	🇳🇬 Nigeria
City	Lagos, Lagos

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 197.211.52.78

Whois 197.211.52.78

IP Abuse Reports for 197.211.52.78:

This IP address has been reported a total of 162 times from 82 distinct sources. 197.211.52.78 was first reported on August 12th 2022, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-01-15 21:23:03 (4 months ago)	(mod_security) mod_security (id:210730) triggered by 197.211.52.78 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 197.211.52.78 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 15 16:22:55.853761 2026] [security2:error] [pid 2955689:tid 2955689] [client 197.211.52.78:6320] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|www.williamfitzsimmons.com\|F\|2"] [data ".bensollee.com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.williamfitzsimmons.com"] [uri "/www.bensollee.com"] [unique_id "aWlar2_9kciislms7aC4XAAAAAE"], referer: http://www.williamfitzsimmons.com/ show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 bigscoots.com	2026-01-14 19:33:42 (4 months ago)	(smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2026-01-14 14:33:28 dovecot_login authenticator failed for H=(o0yxp2B) [197.211.52.78]:2842: 535 Incorrect authentication data ([email protected]) 2026-01-14 14:33:28 dovecot_login authenticator failed for H=(3ya8PGd9Sc) [197.211.52.78]:2841: 535 Incorrect authentication data ([email protected]) 2026-01-14 14:33:35 dovecot_login authenticator failed for H=(0RaPFqn3D) [197.211.52.78]:2843: 535 Incorrect authentication data ([email protected]) 2026-01-14 14:33:36 dovecot_login authenticator failed for H=(Oks00yXylU) [197.211.52.78]:2844: 535 Incorrect authentication data ([email protected]) 2026-01-14 14:33:38 dovecot_login authenticator failed for H=(D6xSJvjTF8) [197.211.52.78]:2845: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH
🇺🇸 gui-ying233	2026-01-14 18:23:08 (4 months ago)	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 ... show more Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.93 Safari/537.36 show less	Bad Web Bot
🇩🇪 IP Analyzer	2026-01-14 12:30:12 (4 months ago)	Unauthorized connection attempt from IP address 197.211.52.78 on Port 445(SMB)	Port Scan
🇫🇷 Coco Bongo	2026-01-13 10:50:16 (4 months ago)	1768301416 - 01/13/2026 11:50:16 Host: 197.211.52.78/197.211.52.78 Port: 445 TCP Blocked ...	Port Scan
🇬🇧 Birdo	2026-01-13 08:58:28 (4 months ago)	[Birdo SMB Honeypot] SMB unauthorized attempt	Port Scan Hacking Brute-Force Exploited Host
🇨🇳 ThreatBook.io	2026-01-11 22:47:30 (4 months ago)	ThreatBook Intelligence: Zombie,Spam more details on https://threatbook.io/ip/197.211.52.78	SSH
🇧🇷 SOC Blue Team	2026-01-10 23:26:40 (4 months ago)	IPs get by Hunting on SIEM	Phishing Web Spam Port Scan Hacking
🇳🇱 donarev419	2026-01-08 06:58:25 (4 months ago)	Abused smb on 445 2026-01-08T06:58:25Z client "00000054ff534d42720000000018012800000000000000000000 ... show more Abused smb on 445 2026-01-08T06:58:25Z client "00000054ff534d42720000000018012800000000000000000000000000002f4b0000c55e003100024c414e4d414e312e3000024c4d312e325830303200024e54204c414e4d414e20312e3000024e54204c4d20302e313200" 2026-01-08T06:58:25Z server "00000090fe534d420000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000" show less	Hacking Brute-Force
🇺🇸 MPL	2025-12-31 16:24:00 (5 months ago)	tcp/445 (2 or more attempts)	Port Scan
Anonymous	2025-12-28 11:34:21 (5 months ago)	(smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-)	Brute-Force
🇫🇷 Campus France	2025-12-28 02:53:02 (5 months ago)	2025-12-28T03:50:54.297222+01:00 server9 dovecot[1394]: submission-login: Disconnected: Connection c ... show more 2025-12-28T03:50:54.297222+01:00 server9 dovecot[1394]: submission-login: Disconnected: Connection closed (auth failed, 1 attempts in 2 secs): user=<[email protected]>, method=LOGIN, rip=197.211.52.78, lip=62.210.65.21, TLS, session=<IdnYMfpGH2DF0zRO> 2025-12-28T03:51:01.401795+01:00 server9 dovecot[1394]: submission-login: Disconnected: Connection closed (auth failed, 1 attempts in 6 secs): user=<[email protected]>, method=LOGIN, rip=197.211.52.78, lip=62.210.65.21, TLS, session=<95kIMvpGIGDF0zRO> 2025-12-28T03:51:13.466995+01:00 server9 dovecot[1394]: submission-login: Disconnected: Connection closed (auth failed, 1 attempts in 10 secs): user=<[email protected]>, method=LOGIN, rip=197.211.52.78, lip=62.210.65.21, TLS, session=<2AyEMvpGIWDF0zRO> 2025-12-28T03:51:31.542170+01:00 server9 dovecot[1394]: submission-login: Disconnected: Connection closed (auth failed, 1 attempts in 17 secs): user=<[email protected]>, method=LOGIN, rip=197.211.52.78, lip=62.210.65.21, TLS, session=<YJcrM/pGImDF0zRO ... show less	Brute-Force Exploited Host
Anonymous	2025-12-27 14:57:30 (5 months ago)	18x Postfix SASL LOGIN authentication failed	Brute-Force
Anonymous	2025-12-27 14:30:07 (5 months ago)	(smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-): 6 in the last 3600 secs	Brute-Force
🇺🇸 bigscoots.com	2025-12-27 09:03:24 (5 months ago)	(smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-): 5 in the last 3600 secs; Ports: ... show more (smtpauth) Failed SMTP AUTH login from 197.211.52.78 (NG/Nigeria/-): 5 in the last 3600 secs; Ports: 25,465,587; Direction: 0; Trigger: LF_SMTPAUTH; Logs: 2025-12-27 04:02:18 dovecot_login authenticator failed for (i0j4IItUpA) [197.211.52.78]:37318: 535 Incorrect authentication data ([email protected]) 2025-12-27 04:02:26 dovecot_login authenticator failed for (PIVuFLl8B) [197.211.52.78]:37319: 535 Incorrect authentication data ([email protected]) 2025-12-27 04:02:40 dovecot_login authenticator failed for (TC95VTAf8X) [197.211.52.78]:37320: 535 Incorrect authentication data ([email protected]) 2025-12-27 04:02:58 dovecot_login authenticator failed for (ti58LsG) [197.211.52.78]:37321: 535 Incorrect authentication data ([email protected]) 2025-12-27 04:03:20 dovecot_login authenticator failed for (qvFzC7) [197.211.52.78]:37322: 535 Incorrect authentication data ([email protected]) show less	Brute-Force SSH

Showing 61 to 75 of 162 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇸 150.107.38.137

🇻🇳 113.161.222.150

🇫🇷 104.253.74.93

🇷🇺 88.84.209.146

🇺🇸 70.95.51.230

🇳🇱 45.148.10.157

🇭🇰 165.154.23.36

🇩🇰 158.173.74.237

🇵🇰 103.35.213.17

🇿🇦 102.251.69.5

🇰🇷 59.25.31.152

🇯🇵 52.102.194.12

🇨🇳 36.7.128.56

🇬🇧 35.203.211.195

🇸🇬 23.97.62.114

🇨🇳 14.218.58.61

🇧🇷 216.234.208.17

🇺🇸 216.25.89.139

🇨🇦 207.219.221.101

🇫🇮 185.148.3.54