JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 170.168.240.28

170.168.240.28 was found in our database!

This IP was reported 5 times. Confidence of Abuse is 16%: ?

16%

ISP	Fine Group Servers Solutions LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 170.168.240.28

Whois 170.168.240.28

IP Abuse Reports for 170.168.240.28:

This IP address has been reported a total of 5 times from 5 distinct sources. 170.168.240.28 was first reported on January 16th 2026, and the most recent report was 9 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 oralunal	2026-06-14 09:54:53 (9 hours ago)	IP banned by Fail2Ban in jail ente-suss ente.com-ssl_log mvfnds ...	Bad Web Bot Web App Attack
🇧🇪 voormedia	2026-05-19 17:20:23 (3 weeks ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇺🇸 TPI-Abuse	2026-04-17 12:43:53 (1 month ago)	(mod_security) mod_security (id:210492) triggered by 170.168.240.28 (-): 1 in the last 300 secs; Por ... show more (mod_security) mod_security (id:210492) triggered by 170.168.240.28 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 17 08:43:37.254697 2026] [security2:error] [pid 270826:tid 270826] [client 170.168.240.28:58413] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.bak" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.evolute.io"] [uri "/wp-config.bak"] [unique_id "aeIq-V_oEo9efw-WliUUBAAAAAo"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 graphics-muse.org	2026-01-24 23:45:51 (4 months ago)	Sat Jan 24 16:45:49.931933 2026170.168.240.28 - - [24/Jan/2026:16:45:49 -0700] "POST /xmlrpc.php HTT ... show more Sat Jan 24 16:45:49.931933 2026170.168.240.28 - - [24/Jan/2026:16:45:49 -0700] "POST /xmlrpc.php HTTP/1.1" 404 280 Sat Jan 24 16:45:49.931933 2026170.168.240.28 - - [24/Jan/2026:16:45:49 -0700] "POST /xmlrpc.php HTTP/1.1" 404 3328 "-" "curl/7.88.1" Sat Jan 24 16:45:50.483559 2026170.168.240.28 - - [24/Jan/2026:16:45:50 -0700] "POST /xmlrpc.php HTTP/1.1" 404 280 Sat Jan 24 16:45:50.483559 2026170.168.240.28 - - [24/Jan/2026:16:45:50 -0700] "POST /xmlrpc.php HTTP/1.1" 404 3327 "-" "curl/7.88.1" Sat Jan 24 16:45:51.045116 2026170.168.240.28 - - [24/Jan/2026:16:45:51 -0700] "POST /xmlrpc.php HTTP/1.1" 404 280 Sat Jan 24 16:45:51.045116 2026170.168.240.28 - - [24/Jan/2026:16:45:51 -0700] "POST /xmlrpc.php HTTP/1.1" 404 3328 "-" "curl/7.88.1" ... show less	Brute-Force Web App Attack
🇮🇹 VHosting	2026-01-16 00:30:05 (4 months ago)	Detected WordPress attack from 4 different servers	Brute-Force Web App Attack

Showing 1 to 5 of 5 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇧🇷 191.36.152.28

🇻🇳 171.244.61.79

🇺🇸 157.173.207.21

🇨🇿 103.200.28.214

🇮🇳 49.205.183.78

🇰🇷 211.37.174.62

🇭🇰 199.45.154.190

🇨🇳 117.50.44.85

🇨🇳 101.200.242.201

🇨🇳 58.211.39.86

🇧🇷 45.205.1.5

🇸🇳 41.82.50.218

🇭🇰 34.96.237.187

🇺🇸 20.65.193.183

🇰🇷 14.63.196.175

🇮🇷 5.232.153.2

🇸🇬 2a09:bac5:55fa:25cd::3c4:4f

🇫🇷 85.217.140.35

🇺🇸 35.175.221.232

🇬🇧 193.32.209.254