JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.30.119

178.20.30.119 was found in our database!

This IP was reported 11 times. Confidence of Abuse is 3%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS46475
Domain Name	finegroupservers.com
Country	🇸🇪 Sweden
City	Marsta, Stockholm

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.30.119

Whois 178.20.30.119

IP Abuse Reports for 178.20.30.119:

This IP address has been reported a total of 11 times from 9 distinct sources. 178.20.30.119 was first reported on September 29th 2024, and the most recent report was 3 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇫🇷 tilellit.pro	2026-06-27 19:31:05 (3 days ago)	Fail2Ban banned 178.20.30.119 for security violations in jail wp-armour. Log: 2026/06/27 19:31:04 [e ... show more Fail2Ban banned 178.20.30.119 for security violations in jail wp-armour. Log: 2026/06/27 19:31:04 [error] FastCGI sent in stderr: "PHP message: [WP_ARMOUR_BAN] IP: 178.20.30.119 \| Target: wplogin" , client: 178.20.30.119, server: [REDACTED], request: "POST /wp-login.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED], referrer: "https://comerciogallego.es/wp-login.php" ... show less	Web Spam
🇨🇭 backslash	2026-03-29 20:12:00 (3 months ago)	block ruleset bad bot: wordpress scans 82C095539D4FDAF84E2E2FD6B6FC0664645851A8	Bad Web Bot
🇮🇹 VHosting	2026-03-26 20:21:59 (3 months ago)	Detected attack and reported by a human	Brute-Force Web App Attack SSH DDoS Attack Exploited Host Bad Web Bot
🇺🇸 TPI-Abuse	2026-03-25 03:16:24 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 24 23:16:19.207647 2026] [security2:error] [pid 18624:tid 18624] [client 178.20.30.119:17807] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|tduniverse.net\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "tduniverse.net"] [uri "/wp-json/wp/v2/users"] [unique_id "acNTg6SPdrpkZuN7qdouYAAAABU"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 island-freaks.com	2026-03-03 23:53:32 (3 months ago)	Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 178.20.30.119 \| Agent: Mozi ... show more Attack Type: WordPress Exploit Bot attempt on /wp-json/wp/v2/users \| DNS 178.20.30.119 \| Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 show less	Port Scan Hacking Bad Web Bot Exploited Host Web App Attack
🇩🇪 MusicLibrary	2026-03-03 23:07:48 (3 months ago)	Attempted access to non existent wordpress urls	Bad Web Bot
🇩🇪 Packets-Decreaser.NET	2025-09-15 23:57:53 (9 months ago)	Incoming Layer 7 Flood Detected	DDoS Attack Web Spam
🇪🇸 10dencehispahard SL	2025-06-10 07:01:49 (1 year ago)	WP probing for vulnerabilities	Hacking Exploited Host
🇺🇸 TPI-Abuse	2025-03-11 05:55:12 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Mar 11 01:55:04.781193 2025] [security2:error] [pid 28954:tid 28979] [client 178.20.30.119:13027] [client 178.20.30.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "opccentralcoast.oconnorpest.biz"] [uri "/.env"] [unique_id "Z8_QONhSMjNQrCuIa7bXTwAAABc"], referer: https://tasamm.com/about/mmm292.html show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-02-19 20:15:05 (1 year ago)	(mod_security) mod_security (id:210492) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210492) triggered by 178.20.30.119 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 19 15:14:58.159585 2025] [security2:error] [pid 26575:tid 26575] [client 178.20.30.119:49987] [client 178.20.30.119] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "bews.com"] [uri "/.env"] [unique_id "Z7Y7wtS9-UJPVN_9aezKHQAAAA0"], referer: https://tasamm.com/about/bbb41.html show less	Brute-Force Bad Web Bot Web App Attack
🇷🇺 sms.ru	2024-09-29 14:55:05 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack

Showing 1 to 11 of 11 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇬🇧 193.32.209.239

🇺🇸 173.239.254.163

🇫🇷 91.231.89.255

🇫🇷 85.217.140.5

🇦🇺 74.91.200.217

🇺🇸 64.31.53.170

🇳🇱 45.153.34.137

🇨🇳 36.212.208.180

🇮🇳 20.198.5.248

🇸🇬 4.193.171.159

🇰🇷 222.239.251.12

🇰🇿 178.91.16.185

🇱🇰 175.157.23.170

🇩🇪 136.243.8.95

🇺🇸 67.207.93.64

🇳🇱 45.148.10.157

🇺🇸 4.157.250.195

🇮🇳 2404:6800:4000:1001::127

🇺🇸 147.185.132.36

🇨🇳 120.243.40.51