JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.29.115

178.20.29.115 was found in our database!

This IP was reported 20 times. Confidence of Abuse is 14%: ?

14%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.29.115

Whois 178.20.29.115

IP Abuse Reports for 178.20.29.115:

This IP address has been reported a total of 20 times from 9 distinct sources. 178.20.29.115 was first reported on August 12th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-27 13:43:38 (2 days ago)	Fail2Ban banned 178.20.29.115 for security violations in jail wp-armour. Log: 2026/06/27 13:43:37 [e ... show more Fail2Ban banned 178.20.29.115 for security violations in jail wp-armour. Log: 2026/06/27 13:43:37 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 178.20.29.115 \| Target: wplogin" , client: 178.20.29.115, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇫🇷 tilellit.pro	2026-06-27 05:43:11 (2 days ago)	Fail2Ban banned 178.20.29.115 for security violations in jail wp-armour. Log: 2026/06/27 05:43:11 [e ... show more Fail2Ban banned 178.20.29.115 for security violations in jail wp-armour. Log: 2026/06/27 05:43:11 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 178.20.29.115 \| Target: wplogin" , client: 178.20.29.115, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇩🇪 stinpriza	2026-06-23 22:03:25 (5 days ago)	Web App Attack	Web App Attack
🇺🇸 TPI-Abuse	2026-04-25 16:50:53 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 25 12:50:48.473886 2026] [security2:error] [pid 20762:tid 20762] [client 178.20.29.115:23053] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|marionenv.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "marionenv.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aezw6MrwO2WPgHMW2M5vqAAAAAI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇬🇧 consul.to	2026-04-18 07:04:53 (2 months ago)	Web attack/malicious scanning detected	Web App Attack
🇪🇸 Cognisant-Security	2026-03-16 12:26:00 (3 months ago)	Attempts to login WordPress using invalid User Credentials	Web App Attack Hacking
🇺🇸 TPI-Abuse	2025-03-26 02:17:55 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 25 22:17:45.738721 2025] [security2:error] [pid 8140:tid 8140] [client 178.20.29.115:10889] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "11"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|bickleton.org\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/wp-super-cache/js/cache-loader.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bickleton.org"] [uri "/wp-content/plugins/wp-super-cache/js/cache-loader.php"] [unique_id "Z-NjyZBgkwJS6TP4FCrGeAAAAAs"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-23 08:19:43 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 23 04:19:38.201039 2025] [security2:error] [pid 1655306:tid 1655306] [client 178.20.29.115:20297] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|batesstrategygroup.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/wp-super-cache/js/cache-loader.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "batesstrategygroup.com"] [uri "/wp-content/plugins/wp-super-cache/js/cache-loader.php"] [unique_id "Z9_EGpf7XU9_H3pjKfU2ZgAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-13 00:14:56 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Mar 12 20:14:49.755524 2025] [security2:error] [pid 21404:tid 21404] [client 178.20.29.115:12761] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|akistech.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/w3-total-cache/lib/w3/pager.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "akistech.com"] [uri "/wp-content/plugins/w3-total-cache/lib/W3/Pager.class.php"] [unique_id "Z9IjeVwT_v4jrI__yG5BUwAAAAY"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-03-09 19:20:50 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Mar 09 15:20:45.486425 2025] [security2:error] [pid 12897:tid 12897] [client 178.20.29.115:29029] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|abdulhameeds.art\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "abdulhameeds.art"] [uri "/wp-content/plugins/all-in-one-seo-pack/classes/aiosp.class.php"] [unique_id "Z83qDajy6MVKpyzvOnRkkwAAAAA"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-28 14:17:37 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 28 09:17:33.181626 2025] [security2:error] [pid 21604:tid 21604] [client 178.20.29.115:46617] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|www.ptr.dutchlake.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.ptr.dutchlake.com"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z8HFfTtuZdUEWcytu3vZQgAAABU"] show less	Brute-Force Bad Web Bot Web App Attack
Anonymous	2025-02-28 07:27:46 (1 year ago)	wordpress-trap	Web App Attack
🇺🇸 TPI-Abuse	2025-02-26 17:44:18 (1 year ago)	(mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:211120) triggered by 178.20.29.115 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 26 12:44:10.388907 2025] [security2:error] [pid 23508:tid 23508] [client 178.20.29.115:29779] [client 178.20.29.115] ModSecurity: Access denied with code 403 (phase 2). Match of "endsWith /modules/paypal/express_checkout/payment.php" against "REQUEST_FILENAME" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "29"] [id "211120"] [rev "12"] [msg "COMODO WAF: Remote File Inclusion Attack\|\|www.tallahasseepartybuses.com\|F\|2"] [data "Matched Data: http://adguard.digital/payload/index.php? found within REQUEST_FILENAME: /wp-content/plugins/canto/includes/lib/download.php"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.tallahasseepartybuses.com"] [uri "/wp-content/plugins/canto/includes/lib/download.php"] [unique_id "Z79S6qheXh4PYAXUlnIIPwAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 Yawning Angel	2024-08-27 21:49:53 (1 year ago)	logdesc=SSL VPN login fail user=bruce remip=178.20.29.115 reason=sslvpn_login_permission_denied	Hacking Brute-Force
🇺🇸 Yawning Angel	2024-08-22 18:24:23 (1 year ago)	logdesc=SSL VPN login fail user=blakeley remip=178.20.29.115 reason=sslvpn_login_permission_denied	Hacking Brute-Force

Showing 1 to 15 of 20 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 194.88.98.93

🇳🇱 185.224.128.16

🇵🇰 175.107.0.225

🇷🇺 152.32.227.68

🇺🇸 147.185.132.17

🇰🇷 115.178.75.243

🇩🇪 91.92.240.196

🇺🇸 72.224.100.4

🇨🇳 60.208.125.156

🇨🇳 58.18.80.18

🇳🇱 45.148.10.147

🇺🇸 44.222.49.162

🇸🇬 43.156.228.27

🇸🇬 43.134.56.214

🇮🇩 43.129.44.66

🇮🇳 13.71.92.229

🇳🇱 185.165.242.225

🇺🇸 107.150.103.88

🇺🇸 72.17.34.38

🇺🇸 44.117.131.223