JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.29.51

178.20.29.51 was found in our database!

This IP was reported 17 times. Confidence of Abuse is 24%: ?

24%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.29.51

Whois 178.20.29.51

IP Abuse Reports for 178.20.29.51:

This IP address has been reported a total of 17 times from 14 distinct sources. 178.20.29.51 was first reported on February 23rd 2023, and the most recent report was 2 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 TPI-Abuse	2026-06-04 14:43:32 (2 days ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 04 10:43:25.470817 2026] [security2:error] [pid 26832:tid 26832] [client 178.20.29.51:19809] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fiberscribe.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fiberscribe.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aiGPDVwq__2Yagt7IoMblgAAABc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-28 23:50:30 (1 week ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu May 28 19:50:25.364725 2026] [security2:error] [pid 24499:tid 24525] [client 178.20.29.51:9775] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|callaplusfirst.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "callaplusfirst.com"] [uri "/wp-json/wp/v2/users"] [unique_id "ahjUwfb9IMIpFCuI-iNpTQAAANc"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 ambor	2026-05-21 21:58:26 (2 weeks ago)	Honeypot access: WordPress admin access attempt. Path: /wp-login.php	Brute-Force Web App Attack
🇺🇸 Jason Howell	2026-05-20 20:44:05 (2 weeks ago)	178.20.29.51 - - [20/May/2026:15:44:01 -0500] "GET /wp-login.php HTTP/1.1" 301 570 "-" "Mozilla/5.0 ... show more 178.20.29.51 - - [20/May/2026:15:44:01 -0500] "GET /wp-login.php HTTP/1.1" 301 570 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.20.29.51 - - [20/May/2026:15:44:02 -0500] "GET /wp-login.php HTTP/1.1" 200 4971 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.20.29.51 - - [20/May/2026:15:44:03 -0500] "POST /wp-login.php HTTP/1.1" 200 2979 "https://lhrareenacting.com/wp-login.php" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.20.29.51 - - [20/May/2026:15:44:04 -0500] "GET /wp-login.php HTTP/1.1" 301 570 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/534.10 (KHTML, like Gecko) Chrome/8.0.552.224 Safari/534.10" 178.20.29.51 - - [20/May/2026:15:44:05 -0500] "GET /wp-login.php HTTP/1.1" 200 2619 "-" "Mozilla/5.0 (Windows; U; Windows N ... show less	Web App Attack
🇩🇪 kjaerulff	2026-05-19 13:37:58 (2 weeks ago)	Failed Wordpress login using wp-login.php	Web App Attack
🇺🇸 TPI-Abuse	2026-04-12 00:15:27 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 178.20.29.51 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sat Apr 11 20:15:21.586800 2026] [security2:error] [pid 1528551:tid 1528551] [client 178.20.29.51:54167] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|varalla.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "varalla.com"] [uri "/wp-json/wp/v2/users"] [unique_id "adrkGTfkqdX70mCi4aR9aQAAABI"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 Packets-Decreaser.NET	2025-12-29 14:02:17 (5 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 masterguru	2025-06-17 17:22:27 (11 months ago)	HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /con ... show more HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_content-encoding. (920450-123) show less	Bad Web Bot
🇨🇿 lp	2025-05-10 15:20:57 (1 year ago)	Unauthorized VPN login attempts: 2 attempts were recorded from 178.20.29.51 2025-05-10T15:56:17+02:0 ... show more Unauthorized VPN login attempts: 2 attempts were recorded from 178.20.29.51 2025-05-10T15:56:17+02:00 vpn Access-Reject 'bonspells' station: 178.20.29.51 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' 2025-05-10T16:15:40+02:00 vpn Access-Reject 'hearts' station: 178.20.29.51 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇩🇪 SCHAPPY	2024-12-03 16:05:17 (1 year ago)	Wordpress attack using blacklisted username detected.	Web App Attack
🇺🇸 hostseries	2024-07-14 19:02:13 (1 year ago)	Trigger: LF_DISTATTACK	Brute-Force
🇪🇸 10dencehispahard SL	2024-05-03 16:00:02 (2 years ago)	Unauthorized login attempts [ accesslogs]	Brute-Force
🇪🇸 10dencehispahard SL	2023-03-25 13:25:41 (3 years ago)	Unauthorized login attempts [{'wordpress'}]	Brute-Force Web App Attack
🇦🇺 MAGIC	2023-03-24 16:00:24 (3 years ago)	Distributed DDOS attempts for multiple sites	DDoS Attack Bad Web Bot
🇺🇸 mnsf	2023-03-17 15:04:33 (3 years ago)	Login Too Frequent (6)	Brute-Force Web App Attack

Showing 1 to 15 of 17 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇳🇱 194.26.192.168

🇺🇸 178.156.146.23

🇮🇩 163.7.3.154

🇭🇰 156.245.239.180

🇨🇳 106.13.114.161

🇭🇷 82.24.232.249

🇭🇰 45.116.78.92

🇮🇷 5.114.222.67

🇲🇽 201.170.74.221

🇬🇧 195.206.182.218

🇭🇰 139.198.113.29

🇮🇩 103.165.206.238

🇭🇰 103.20.223.56

🇳🇱 45.198.224.5

🇮🇷 2.188.33.253

🇺🇸 2620:171:f2:f001:9999::242

🇵🇰 182.191.77.164

🇷🇺 178.185.136.57

🇧🇷 160.238.109.252

🇷🇺 79.143.29.28