JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.29.154

178.20.29.154 was found in our database!

This IP was reported 21 times. Confidence of Abuse is 4%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.29.154

Whois 178.20.29.154

IP Abuse Reports for 178.20.29.154:

This IP address has been reported a total of 21 times from 14 distinct sources. 178.20.29.154 was first reported on August 12th 2022, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇳🇱 GabrielJST	2026-06-26 05:18:44 (2 days ago)	(wordpress) Failed wordpress login from 178.20.29.154 (US/United States/-)	Brute-Force
🇨🇿 ptlab	2026-04-21 02:48:47 (2 months ago)	Detected wp_login attack from WP-host.	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-04-14 00:08:23 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 20:08:19.925750 2026] [security2:error] [pid 1066271:tid 1066271] [client 178.20.29.154:30759] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|owenmail.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "owenmail.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ad2FczhwQ5ASCr6_jP-GtQAAAAE"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-11 16:48:24 (2 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 12:48:16.051897 2026] [security2:error] [pid 1596147:tid 1596147] [client 178.20.29.154:54613] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|sipco.cl\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "sipco.cl"] [uri "/wp-json/wp/v2/users"] [unique_id "adp7UF1-BYeiYsWCkHTGRwAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Hazzard	2026-04-05 10:49:13 (2 months ago)	(wordpress) Failed wordpress login from 178.20.29.154 (US/United States/-/-/-/[redacted]): (CF_ENAB ... show more (wordpress) Failed wordpress login from 178.20.29.154 (US/United States/-/-/-/[redacted]): (CF_ENABLE) show less	Brute-Force
🇺🇸 TPI-Abuse	2026-03-21 03:28:39 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 23:28:31.942281 2026] [security2:error] [pid 12375:tid 12375] [client 178.20.29.154:38165] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|salsberggroup.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "salsberggroup.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ab4QX-gKBj1TbG95VNH8TgAAAAo"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-21 02:48:38 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Mar 20 22:48:34.210043 2026] [security2:error] [pid 25501:tid 25501] [client 178.20.29.154:50771] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|ecomim.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ecomim.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ab4HApRTHP8YDWJOghkiSgAAABk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-03-19 10:19:03 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.154 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Mar 19 06:18:55.403060 2026] [security2:error] [pid 31868:tid 31868] [client 178.20.29.154:19857] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|randebrewer.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "randebrewer.com"] [uri "/wp-json/wp/v2/users"] [unique_id "abvNj1NMnP4mknbAhEwyBAAAAA0"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇵🇪 Smart Code Lab And Services	2026-03-11 16:24:00 (3 months ago)	Wordpress brute force attack	Brute-Force
🇩🇪 kjaerulff	2026-03-11 14:52:02 (3 months ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇫🇷 tilellit.pro	2026-01-25 02:34:55 (5 months ago)	Fail2Ban banned 178.20.29.154 for security violations in jail wp-armour. Log: 2026/01/25 02:34:54 [e ... show more Fail2Ban banned 178.20.29.154 for security violations in jail wp-armour. Log: 2026/01/25 02:34:54 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 178.20.29.154 \| Target: wplogin" , client: 178.20.29.154, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED] ... show less	Web Spam
🇬🇧 relianoid.com	2025-10-06 03:23:21 (8 months ago)	POST Abuse detected by Relianoid OSS Load Balancer - relianoid.com	Web Spam
🇱🇻 garmtech.com	2025-09-11 19:04:51 (9 months ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-04.178.20.29.154.web-spamme ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 22-04.178.20.29.154.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇨🇿 lp	2025-03-23 07:21:08 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 178.20.29.154 2025-03-23T06:59:14+01: ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 178.20.29.154 2025-03-23T06:59:14+01:00 vpn Access-Reject 'Carsten' station: 178.20.29.154 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-03-23T07:17:59+01:00 vpn Access-Reject 'sanhedrin' station: 178.20.29.154 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-07 01:21:35 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.29.154 2025-03-07T01:46:50+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.29.154 2025-03-07T01:46:50+01:00 vpn Access-Reject 'showme' station: 178.20.29.154 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack

Showing 1 to 15 of 21 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇮🇩 202.152.201.166

🇦🇷 186.148.224.83

🇸🇬 94.231.206.128

🇫🇷 85.217.140.25

🇳🇱 45.156.87.254

🇺🇸 43.224.66.196

🇰🇷 121.184.144.232

🇯🇵 104.46.228.53

🇩🇪 92.215.175.9

🇮🇹 84.247.195.250

🇨🇳 220.178.246.43

🇲🇴 182.93.50.90

🇩🇪 159.65.120.213

🇺🇸 107.150.101.57

🇱🇻 81.30.98.62

🇳🇱 45.156.87.34

🇳🇱 45.148.10.141

🇺🇸 44.16.156.249

🇨🇳 43.226.37.33

🇺🇸 20.127.170.172