JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 178.20.30.13

178.20.30.13 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 22%: ?

22%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇬🇧 United Kingdom of Great Britain and Northern Ireland
City	London, England

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 178.20.30.13

Whois 178.20.30.13

IP Abuse Reports for 178.20.30.13:

This IP address has been reported a total of 16 times from 12 distinct sources. 178.20.30.13 was first reported on March 19th 2022, and the most recent report was 1 week ago.

Old Reports: The most recent abuse report for this IP address is from 1 week ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇺🇸 kosada.com	2026-06-09 22:07:55 (1 week ago)	Web password guessing	Brute-Force
🇫🇷 Sklurk	2026-06-09 07:34:18 (1 week ago)	Web App Attack	Web App Attack
🇺🇸 kosada.com	2026-05-24 20:01:25 (3 weeks ago)	Web password guessing	Brute-Force
🇺🇸 kosada.com	2026-05-13 05:15:02 (1 month ago)	Web password guessing	Brute-Force
🇺🇸 TPI-Abuse	2026-05-03 12:35:58 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 178.20.30.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 178.20.30.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 03 08:35:55.052117 2026] [security2:error] [pid 21219:tid 21219] [client 178.20.30.13:20251] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|fitzmail.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "fitzmail.com"] [uri "/wp-json/wp/v2/users"] [unique_id "afdBK_MBzbux9N7IxpWEPAAAAAk"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NicoID	2026-04-28 00:14:58 (1 month ago)	178.20.30.13 - - [27/Apr/2026:05:36:31 -0600] "GET /wp-login.php HTTP/1.1" 200 4885 "https://www.goo ... show more 178.20.30.13 - - [27/Apr/2026:05:36:31 -0600] "GET /wp-login.php HTTP/1.1" 200 4885 "https://www.google.com" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36" ... show less	Brute-Force
🇺🇸 TPI-Abuse	2026-04-19 09:40:08 (1 month ago)	(mod_security) mod_security (id:225170) triggered by 178.20.30.13 (-): 1 in the last 300 secs; Ports ... show more (mod_security) mod_security (id:225170) triggered by 178.20.30.13 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Apr 19 05:40:01.609944 2026] [security2:error] [pid 2725215:tid 2725215] [client 178.20.30.13:24373] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|vonkugelgen.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "vonkugelgen.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aeSi8bCTptAG0Il_NYboPQAAAAg"], referer: https://www.google.com show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-08-11 10:51:10 (10 months ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.30.13 2025-08-11T11:34:53+02:0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.30.13 2025-08-11T11:34:53+02:00 vpn Access-Reject 'organizacion' station: 178.20.30.13 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇪🇸 masterguru	2025-06-16 08:52:11 (1 year ago)	HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /con ... show more HTTP header is restricted by policy (/content-encoding/). String match within "/accept-charset/ /content-encoding/ /proxy/ /lock-token/ /content-range/ /if/" at TX:header_name_content-encoding. (920450-123) show less	Bad Web Bot
🇨🇦 wil.com	2025-04-05 11:16:40 (1 year ago)	GlobalProtect login attempts with user smcleod.	VPN IP Brute-Force
🇨🇿 lp	2025-03-06 11:50:31 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.30.13 2025-03-06T11:58:37+01:0 ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 178.20.30.13 2025-03-06T11:58:37+01:00 vpn Access-Reject 'fingers' station: 178.20.30.13 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇷🇺 sms.ru	2024-09-23 12:45:04 (1 year ago)	SMS pumping attack from foreign country	DDoS Attack
🇪🇸 el-brujo	2024-06-09 21:23:00 (2 years ago)	DDoS Attack Layer 7 - REQUESTS / HTTP/2.0	DDoS Attack
🇺🇸 mnsf	2024-01-12 05:04:29 (2 years ago)	Request Overload (103)	Brute-Force Web App Attack
🇵🇱 rafix	2023-10-28 10:16:30 (2 years ago)	Scrapping website, using diffrent useragents, not wait for response, #botnet20231026	DDoS Attack Bad Web Bot

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇭🇰 119.236.112.220

🇮🇩 103.77.206.202

🇬🇧 86.151.45.53

🇲🇾 72.62.195.104

🇯🇵 62.106.70.38

🇰🇷 183.109.153.173

🇨🇳 175.151.152.52

🇨🇳 112.103.130.21

🇷🇺 109.174.104.74

🇺🇸 70.190.211.237

🇩🇪 69.5.169.55

🇺🇸 52.234.42.36

🇩🇪 46.249.99.46

🇮🇩 36.73.37.7

🇻🇳 222.254.97.54

🇨🇳 180.141.30.223

🇮🇳 168.144.118.250

🇺🇸 165.154.135.27

🇺🇸 162.216.150.163

🇨🇳 121.14.17.55