JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.28.150

178.20.28.150 was found in our database!

This IP was reported 29 times. Confidence of Abuse is 12%: ?

12%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.28.150

Whois 178.20.28.150

IP Abuse Reports for 178.20.28.150:

This IP address has been reported a total of 29 times from 13 distinct sources. 178.20.28.150 was first reported on November 28th 2023, and the most recent report was 6 hours ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-24 23:51:33 (6 hours ago)	(mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Jun 24 19:51:30.180085 2026] [security2:error] [pid 13215:tid 13232] [client 178.20.28.150:53825] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|faimreps.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "faimreps.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ajxtggeGq2wX9wlrmlXnoAAAAA8"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-06-20 07:21:49 (4 days ago)	(mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Jun 20 03:21:45.196141 2026] [security2:error] [pid 27733:tid 27733] [client 178.20.28.150:41029] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|carterindustries.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "carterindustries.net"] [uri "/wp-json/wp/v2/users"] [unique_id "ajY_idtC7eiFRky-ICgiVwAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇱🇻 garmtech.com	2026-05-14 10:24:25 (1 month ago)	IM360 WAF: SQL Injection Attack: Common DB Names Detected	SQL Injection
🇮🇹 VHosting	2026-03-26 19:57:26 (2 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇨🇭 backslash	2026-03-15 03:36:01 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2026-02-04 06:46:41 (4 months ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2026-01-23 04:46:21 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 23:46:13.648512 2026] [security2:error] [pid 14820:tid 14820] [client 178.20.28.150:17033] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|guldunyayayinlari.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "guldunyayayinlari.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXL9FT-8fPkHO_Gd9EG_8AAAAAw"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 13:28:54 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 08:28:46.545562 2026] [security2:error] [pid 5697:tid 5697] [client 178.20.28.150:43957] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|knowyourcode.us\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "knowyourcode.us"] [uri "/wp-json/wp/v2/users/1"] [unique_id "aXImDrTWfDuhYbJwiJ2VAAAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-01-22 12:51:11 (5 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.28.150 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jan 22 07:51:06.008550 2026] [security2:error] [pid 26435:tid 26435] [client 178.20.28.150:34539] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|dianamead.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "dianamead.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aXIdOlcrANQ4nNGYOXUsvwAAAAM"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 myagent.site	2026-01-21 10:13:40 (5 months ago)	Blocking for trying to access an exploit file: /xmlrpc.php	Hacking
🇩🇪 Packets-Decreaser.NET	2025-12-29 13:06:00 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 masterguru	2025-06-17 23:10:12 (1 year ago)	HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /con ... show more HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_content-encoding. (920450-123) show less	Bad Web Bot
🇦🇺 MAGIC	2023-12-18 15:04:03 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇳🇱 maxxsense	2023-12-16 18:21:06 (2 years ago)	(wordpress) Failed wordpress login from 178.20.28.150 (RU/Russia/-)	Brute-Force
🇦🇺 MAGIC	2023-12-16 13:05:40 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot

Showing 1 to 15 of 29 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 202.71.141.170

🇳🇱 185.242.226.91

🇫🇷 185.177.72.17

🇨🇳 182.43.242.192

🇻🇳 171.244.201.80

🇩🇪 165.227.159.13

🇺🇸 159.26.98.242

🇮🇳 117.221.137.168

🇳🇴 93.89.113.60

🇺🇸 66.132.172.39

🇧🇭 46.184.215.26

🇺🇸 43.162.114.69

🇮🇪 20.190.159.128

🇵🇰 14.1.104.87

🇩🇪 192.178.183.154

🇧🇷 179.111.185.65

🇸🇬 84.75.155.67

🇺🇸 66.132.172.42

🇧🇷 45.205.1.241

🇺🇸 45.156.129.174