JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 77.48.28.239

77.48.28.239 was found in our database!

This IP was reported 499 times. Confidence of Abuse is 35%: ?

35%

ISP	Zdenek Klauda - FinalTek.com
Usage Type	Fixed Line ISP
ASN	AS16019
Hostname(s)	239.192-26.28.48.77.in-addr.arpa www.tor-exitnode-read-this-html.epizy.com
Domain Name	finaltek.com
Country	🇨🇿 Czechia
City	Prague, Prague

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 77.48.28.239

Whois 77.48.28.239

IP Abuse Reports for 77.48.28.239:

This IP address has been reported a total of 499 times from 136 distinct sources. 77.48.28.239 was first reported on August 29th 2022, and the most recent report was 4 days ago.

Recent Reports: We have received reports of abusive activity from this IP address within the last week. It is potentially still actively engaged in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇩🇪 netclix.gr	2026-06-06 14:53:21 (4 days ago)	(bot_qv) Bot Scraping QuickView 77.48.28.239 (CZ/Czechia/www.tor-exitnode-read-this-html.epizy.com): ... show more (bot_qv) Bot Scraping QuickView 77.48.28.239 (CZ/Czechia/www.tor-exitnode-read-this-html.epizy.com): 1 in the last 4600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 77.48.28.239 - - [06/Jun/2026:17:53:16 +0300] "GET /index.php?dispatch=products.quick_view&product_id=15660&prev_url=index.php%3Fdispatch%3Dcategories.view%26category_id%3D1386&n_items=15661%2C15660%2C15659%2C15658%2C15657%2C15652%2C15651%2C15649%2C15647%2C15643%2C15641%2C15638 HTTP/1.1" 302 5 "-" "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com)" show less	Port Scan
🇺🇸 Victor López	2026-06-04 23:41:04 (6 days ago)	buscaempresas.co 77.48.28.239 - - [04/Jun/2026:18:40:59 -0500] "GET /wp-login.php HTTP/1.1" 404 7699 ... show more buscaempresas.co 77.48.28.239 - - [04/Jun/2026:18:40:59 -0500] "GET /wp-login.php HTTP/1.1" 404 7699 "-" "Mozilla/5.0 (Linux; Android 13; SM-A135F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36" buscaempresas.co 77.48.28.239 - - [04/Jun/2026:18:41:01 -0500] "GET /wp-login.php HTTP/1.1" 404 7699 "-" "Mozilla/5.0 (Linux; Android 13; SM-A135F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36" buscaempresas.co 77.48.28.239 - - [04/Jun/2026:18:41:03 -0500] "GET /wp-login.php HTTP/1.1" 404 7699 "-" "Mozilla/5.0 (Linux; Android 13; SM-A135F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Mobile Safari/537.36" ... show less	Hacking Web App Attack
Anonymous	2026-06-03 02:00:40 (1 week ago)	2026-06-02 17:00:05,815 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 2026-06-02 ... show more 2026-06-02 17:00:05,815 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 2026-06-02 20:00:05,713 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 2026-06-02 23:00:13,801 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 2026-06-03 02:00:22,918 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 2026-06-03 05:00:39,845 fail2ban.actions [3625835]: NOTICE [tor] Ban 77.48.28.239 show less	Brute-Force
🇨🇦 leithzz	2026-05-23 04:38:52 (2 weeks ago)	Report by Cloudflare.Time: 2026-05-23T04:37:02Z	DDoS Attack
🇫🇷 ✨	2026-05-22 23:14:18 (2 weeks ago)	Rule : PLESK BOT 2026-05-23 01:12:55 Unauthorized login attempt to Plesk Panel from IP 77.48.28.239 ... show more Rule : PLESK BOT 2026-05-23 01:12:55 Unauthorized login attempt to Plesk Panel from IP 77.48.28.239 with username administrator show less	Hacking Brute-Force Web App Attack
🇷🇴 Fn4ticHz	2026-05-09 14:14:47 (1 month ago)	Repeated DDoS targeted -- ZeroGuard X ManagedSRV	DDoS Attack Exploited Host
🇨🇭 YF	2026-04-27 23:05:07 (1 month ago)	Environment file probe	Web App Attack
🇱🇻 garmtech.com	2026-04-25 22:15:07 (1 month ago)	IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-15.77.48.28.239.web-spammer ... show more IM360 WAF: Block IP which is in the web-spammers RBL MV:RBL lookup of 01-15.77.48.28.239.web-spammers.v2.rbl.imunify.com._v4 succeeded. show less	Web App Attack
🇫🇮 nNordic	2026-04-24 06:59:45 (1 month ago)	Connection attempt blocked by IDS/IPS from 77.48.28.239/32	Hacking
🇫🇷 ✨	2026-04-18 02:34:11 (1 month ago)	Rule : PLESK BOT 2026-04-17 17:39:39 Unauthorized login attempt to Plesk Panel from IP 77.48.28.239 ... show more Rule : PLESK BOT 2026-04-17 17:39:39 Unauthorized login attempt to Plesk Panel from IP 77.48.28.239 with username administrator show less	Hacking Brute-Force Web App Attack
🇩🇪 LRob.fr	2026-04-07 21:45:16 (2 months ago)	Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk- ... show more Plesk panel login attempt with forbidden username (root/admin), blocked by Fail2Ban in custom-plesk-login jail show less	Brute-Force Web App Attack
🇺🇸 TPI-Abuse	2026-04-06 12:36:30 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 77.48.28.239 (239.192-26.28.48.77.in-addr.arpa) ... show more (mod_security) mod_security (id:210492) triggered by 77.48.28.239 (239.192-26.28.48.77.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 06 08:36:20.659499 2026] [security2:error] [pid 19738:tid 19738] [client 77.48.28.239:7213] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "register-yacht-gibraltar.com"] [uri "/.git/config"] [unique_id "adOoxFUXp3ymSW5W_mmGqQAAABk"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-04-01 08:01:21 (2 months ago)	(mod_security) mod_security (id:210492) triggered by 77.48.28.239 (239.192-26.28.48.77.in-addr.arpa) ... show more (mod_security) mod_security (id:210492) triggered by 77.48.28.239 (239.192-26.28.48.77.in-addr.arpa): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed Apr 01 04:01:14.497405 2026] [security2:error] [pid 28134:tid 28134] [client 77.48.28.239:35905] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "cpanel.wisk.org"] [uri "/.git/config"] [unique_id "aczQykBWbd20DYmGwrqW2AAAABM"] show less	Brute-Force Bad Web Bot Web App Attack
🇩🇪 MF Network	2026-04-01 07:52:31 (2 months ago)	Bad Calls: Webpage scraping, Web App Attack	Bad Web Bot Exploited Host Web App Attack
🇺🇸 nyt	2026-04-01 06:50:51 (2 months ago)	SQLi	SQL Injection Web App Attack

Showing 1 to 15 of 499 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇩🇪 167.94.145.20

🇨🇦 85.217.149.0

🇺🇸 45.61.184.21

🇷🇴 2.57.121.112

🇮🇩 2406:da19:776:6e00:d7bb:56d3:ca35:98d2

🇳🇱 195.178.110.199

🇬🇧 195.96.139.223

🇫🇷 187.124.51.94

🇨🇳 180.76.245.60

🇧🇷 168.231.93.124

🇧🇷 103.199.186.152

🇫🇷 92.112.192.47

🇬🇧 87.106.65.126

🇩🇪 84.32.10.175

🇧🇪 66.249.78.7

🇩🇪 57.129.41.233

🇺🇸 52.70.139.85

🇫🇷 51.77.213.239

🇧🇷 45.205.1.246

🇳🇱 45.148.10.141