JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 77.220.192.96

77.220.192.96 was found in our database!

This IP was reported 9 times. Confidence of Abuse is 0%: ?

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS26548
Domain Name	finegroupservers.com
Country	🇺🇸 United States of America
City	Seattle, Washington

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 77.220.192.96

Whois 77.220.192.96

IP Abuse Reports for 77.220.192.96:

This IP address has been reported a total of 9 times from 4 distinct sources. 77.220.192.96 was first reported on March 5th 2024, and the most recent report was 1 month ago.

Old Reports: The most recent abuse report for this IP address is from 1 month ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇪🇸 el-brujo	2026-04-27 03:17:38 (1 month ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Apache-HttpC ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: elhacker.net userAgent: Apache-HttpClient/4.5.13 (Java/11.0.30) Action: managed_challenge Source: firewallManaged ASN Description: PureVoltage Hosting Inc. Country: US Method: POST Timestamp: 2026-04-27T03:17:38Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇪🇸 el-brujo	2026-04-27 03:17:34 (1 month ago)	[Mon Apr 27 05:17:31.911075 2026] [proxy_fcgi:error] [pid 1800511:tid 1800546] [remote 77.220.192.96 ... show more [Mon Apr 27 05:17:31.911075 2026] [proxy_fcgi:error] [pid 1800511:tid 1800546] [remote 77.220.192.96:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com [Mon Apr 27 05:17:33.729449 2026] [proxy_fcgi:error] [pid 1815919:tid 1816087] [remote 77.220.192.96:0] AH01071: Got error 'Primary script unknown\n', referer: https://www.google.com ... show less	Hacking Web App Attack
🇺🇸 TPI-Abuse	2026-02-18 08:15:48 (3 months ago)	(mod_security) mod_security (id:225170) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:225170) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Feb 18 03:15:32.254016 2026] [security2:error] [pid 13694:tid 13694] [client 77.220.192.96:56279] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)\|\|www.csm-dtc.com\|F\|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.csm-dtc.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZV1JG67_gG_POfIUXRVCwAAABc"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2025-09-01 13:45:56 (9 months ago)	(mod_security) mod_security (id:210350) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210350) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Sep 01 09:45:48.376518 2025] [security2:error] [pid 10409:tid 10409] [client 77.220.192.96:51453] ModSecurity: Access denied with code 403 (phase 2). Pattern match "\\\\b(close\|keep-alive),[\\\\t\\\\n\\\\r ]{0,1}(close\|keep-alive)\\\\b" at REQUEST_HEADERS:Connection. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/12_HTTP_Protocol.conf"] [line "70"] [id "210350"] [rev "1"] [msg "COMODO WAF: Multiple/Conflicting Connection Header Data Found\|\|gonzalez.com\|F\|4"] [data "keep-alive, close"] [severity "WARNING"] [tag "CWAF"] [tag "Protocol"] [hostname "gonzalez.com"] [uri "/"] [unique_id "aLWjjADIcSDiP2w7Uzx-BwAAAB4"] show less	Brute-Force Bad Web Bot Web App Attack
🇨🇿 lp	2025-03-20 16:26:42 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-20T16:12:56+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-20T16:12:56+01:00 vpn Access-Reject 'Administrator' station: 77.220.192.96 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-15 01:24:00 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-15T01:54:24+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-15T01:54:24+01:00 vpn Access-Reject 'oooo' station: 77.220.192.96 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
🇨🇿 lp	2025-03-13 13:26:34 (1 year ago)	Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-13T13:07:43+01: ... show more Unauthorized VPN login attempts: 1 attempts were recorded from 77.220.192.96 2025-03-13T13:07:43+01:00 vpn Access-Reject 'CLIFF' station: 77.220.192.96 auth-type: - realm: vse.cz nas: <redacted> called: <redacted> => address-pool: - msg: '<redacted>' show less	Brute-Force Web App Attack
Anonymous	2025-02-26 12:30:26 (1 year ago)	Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER	Brute-Force SSH
🇺🇸 TPI-Abuse	2024-03-05 00:23:36 (2 years ago)	(mod_security) mod_security (id:210730) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Port ... show more (mod_security) mod_security (id:210730) triggered by 77.220.192.96 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Mar 04 19:23:27.932853 2024] [security2:error] [pid 5171] [client 77.220.192.96:27663] [client 77.220.192.96] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|kingstoneproperties.com\|F\|2"] [data ".com"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "kingstoneproperties.com"] [uri "/[email protected]"] [unique_id "ZeZl_79IyI-sSaiW78FKdQAAAAc"] show less	Brute-Force Bad Web Bot Web App Attack

Showing 1 to 9 of 9 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇺🇿 194.107.115.199

🇳🇱 192.42.116.12

🇨🇳 47.99.197.248

🇱🇹 45.227.254.170

🇲🇦 81.192.46.29

🇺🇸 45.33.12.231

🇹🇼 220.129.129.174

🇵🇦 201.218.125.149

🇨🇳 180.116.162.41

🇻🇳 116.110.154.182

🇨🇳 58.50.201.144

🇮🇳 43.227.185.238

🇺🇸 2a02:4780:b:964:0:fae:3e48:2

🇧🇪 198.235.24.227

🇹🇼 198.235.24.99

🇰🇷 118.37.214.187

🇷🇺 94.159.116.130

🇺🇸 54.240.3.16

🇺🇸 45.156.129.173

🇳🇱 45.148.10.147