JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.28.55

178.20.28.55 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 9%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Vantaa, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.28.55

Whois 178.20.28.55

IP Abuse Reports for 178.20.28.55:

This IP address has been reported a total of 16 times from 13 distinct sources. 178.20.28.55 was first reported on March 19th 2022, and the most recent report was 3 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 3 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-05-14 06:13:42 (3 weeks ago)	(mod_security) mod_security (id:210350) triggered by 178.20.28.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 178.20.28.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 14 02:13:37.283118 2026] [security2:error] [pid 25780:tid 25780] [client 178.20.28.55:14595] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|virginiajohnstone.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "virginiajohnstone.com"] [uri "/"] [unique_id "agVoETxappL6V4xojGRuxAAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 nyt	2026-05-11 20:50:27 (3 weeks ago)	WP Config Probe	Web App Attack
🇺🇸 mnsf	2026-03-19 16:09:22 (2 months ago)	Scanning/Probing (15)	Brute-Force Web App Attack
🇺🇸 masterguru	2026-01-21 09:59:55 (4 months ago)	xmlrpc request blocked, no referer. Pattern match "xmlrpc.php" at REQUEST_URI. (88010-169)	Hacking
🇺🇸 TPI-Abuse	2025-12-17 18:47:45 (5 months ago)	(mod_security) mod_security (id:210350) triggered by 178.20.28.55 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:210350) triggered by 178.20.28.55 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Dec 17 13:47:39.831411 2025] [security2:error] [pid 7805:tid 7805] [client 178.20.28.55:65129] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|mitnikarch.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "mitnikarch.com"] [uri "/"] [unique_id "aUL6y9McgOdtiCtQv20fGgAAAA4"] show less	Brute-Force Bad Web Bot Web App Attack
🇦🇺 MAGIC	2025-04-03 10:06:02 (1 year ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
🇨🇭 backslash	2025-03-23 20:00:12 (1 year ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
Anonymous	2025-03-21 02:53:15 (1 year ago)	Unauthorized connection attempt	Port Scan Hacking Exploited Host
🇺🇸 www.winos.me	2024-11-19 10:25:33 (1 year ago)	178.20.28.55 - - [19/Nov/2024:18:25:32 +0800] "POST /xmlrpc.php HTTP/1.1" 444 0 "-" "Apache-HttpClie ... show more 178.20.28.55 - - [19/Nov/2024:18:25:32 +0800] "POST /xmlrpc.php HTTP/1.1" 444 0 "-" "Apache-HttpClient/4.5.13 (Java/11.0.24)" ... show less	Web App Attack
🇺🇸 MrDD	2024-07-17 21:38:12 (1 year ago)	Brute Force on Cisco Web VPN	Brute-Force
🇦🇺 MAGIC	2023-12-19 17:06:23 (2 years ago)	VM1 Bad user agents ignoring web crawling rules. Draing bandwidth	DDoS Attack Bad Web Bot
Anonymous	2023-12-11 08:10:48 (2 years ago)	tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:16 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "h ... show more tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:16 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "https://tuetendichter.de/wp-login.php" "Mozilla/5.0 (Linux; Android 12; SM-F926U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36" tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:17 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "https://tuetendichter.de/wp-login.php" "Mozilla/5.0 (Linux; Android 7.1.1; Z839) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36" show less	Web App Attack
🇩🇪 corthorn	2023-12-09 21:20:53 (2 years ago)	178.20.28.55 - - [09/Dec/2023:22:20:51 +0100] "POST /wp-login.php HTTP/1.1" 200 7731 "https://gomist ... show more 178.20.28.55 - - [09/Dec/2023:22:20:51 +0100] "POST /wp-login.php HTTP/1.1" 200 7731 "https://gomisti.al/wp-login.php" "Mozilla/5.0 (Linux; Android 12; SM-G981U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.98 Mobile Safari/537.36" ... show less	Brute-Force
Anonymous	2023-12-08 18:06:18 (2 years ago)	tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:16 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "h ... show more tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:16 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "https://tuetendichter.de/wp-login.php" "Mozilla/5.0 (Linux; Android 12; SM-F926U) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36" tuetendichter.de 178.20.28.55 [08/Dec/2023:19:06:17 +0100] "POST /wp-login.php HTTP/1.1" 200 8658 "https://tuetendichter.de/wp-login.php" "Mozilla/5.0 (Linux; Android 7.1.1; Z839) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.104 Mobile Safari/537.36" show less	Web App Attack
🇵🇱 rafix	2023-10-28 10:15:29 (2 years ago)	Scrapping website, using diffrent useragents, not wait for response, #botnet20231026	DDoS Attack Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇲🇽 187.190.35.163

🇮🇳 65.1.108.146

🇸🇬 54.254.170.172

🇺🇸 44.203.172.34

🇮🇪 2a05:d018:10df:d401:4f28:94a5:5424:8a31

🇭🇰 103.115.56.3

🇻🇳 79.108.218.58

🇺🇸 72.90.84.62

🇮🇳 43.204.233.172

🇺🇸 20.163.2.151

🇺🇸 18.206.224.4

🇯🇵 8.216.12.108

🇮🇳 3.109.158.104

🇰🇷 3.34.194.206

🇺🇸 161.35.181.144

🇹🇭 152.32.245.44

🇮🇪 108.129.233.54

🇮🇪 108.129.121.128

🇨🇳 106.13.98.225

🇩🇪 51.102.140.218