JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 77.83.27.49

77.83.27.49 was found in our database!

This IP was reported 16 times. Confidence of Abuse is 18%: ?

18%

ISP	FINE GROUP SERVERS SOLUTIONS LLC
Usage Type	Data Center/Web Hosting/Transit
ASN	AS59651
Domain Name	finegroupservers.com
Country	🇫🇮 Finland
City	Helsinki, Uusimaa

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 77.83.27.49

Whois 77.83.27.49

IP Abuse Reports for 77.83.27.49:

This IP address has been reported a total of 16 times from 12 distinct sources. 77.83.27.49 was first reported on November 3rd 2023, and the most recent report was 2 weeks ago.

Old Reports: The most recent abuse report for this IP address is from 2 weeks ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
🇱🇻 garmtech.com	2026-05-21 15:56:29 (2 weeks ago)	IM360 WAF: Information Disclosure Attempt in WordPress MV:/.wp-config.php.swp	Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 19:30:31 (2 weeks ago)	(mod_security) mod_security (id:210492) triggered by 77.83.27.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210492) triggered by 77.83.27.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 15:30:26.911948 2026] [security2:error] [pid 25724:tid 25724] [client 77.83.27.49:59731] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "wp-config.php" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "robinsnestingplace.net"] [uri "/wp-config.php.bak"] [unique_id "ag4L0lmuCWwCzvjzcSw4dQAAAAI"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 TPI-Abuse	2026-05-20 14:50:47 (2 weeks ago)	(mod_security) mod_security (id:210730) triggered by 77.83.27.49 (-): 1 in the last 300 secs; Ports: ... show more (mod_security) mod_security (id:210730) triggered by 77.83.27.49 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 20 10:50:40.045229 2026] [security2:error] [pid 16122:tid 16122] [client 77.83.27.49:14211] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy\|\|coolcustomweddingproducts.com\|F\|2"] [data ".inc"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "coolcustomweddingproducts.com"] [uri "/wp-config.inc"] [unique_id "ag3KQKfUIBYjezcrJhDtawAAAAQ"] show less	Brute-Force Bad Web Bot Web App Attack
🇺🇸 NicoID	2026-05-02 00:10:11 (1 month ago)	77.83.27.49 - - [01/May/2026:00:30:40 -0600] "GET /wp-login.php?action=register HTTP/1.1" 302 3713 " ... show more 77.83.27.49 - - [01/May/2026:00:30:40 -0600] "GET /wp-login.php?action=register HTTP/1.1" 302 3713 "https://nicohd.com/wp-signup.php?new=blog" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36" ... show less	Brute-Force
Anonymous	2026-04-17 01:46:56 (1 month ago)	Excessive 404 Traffic Wordpress	Web App Attack
🇧🇪 voormedia	2026-02-09 05:09:22 (4 months ago)	Accessed trap at '/xmlrpc.php'	Web App Attack
🇮🇩 sockominfo	2026-02-08 18:00:11 (4 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-08 16:56:24 (4 months ago)	[WAZUH] Mixed case extension detected (case variation bypass)	Hacking Web App Attack
🇺🇸 Penny Packer	2026-02-08 11:46:19 (4 months ago)	Fail2Ban apache-tripwires	Web App Attack
Anonymous	2026-02-07 14:00:08 (4 months ago)		Brute-Force Bad Web Bot Web App Attack
🇪🇸 el-brujo	2026-02-05 13:35:47 (4 months ago)	Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla ... show more Cloudflare WAF: Request Path: /xmlrpc.php Request Query: Host: foro.elhacker.net userAgent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:146.0) Gecko/20100101 Firefox/146.0 Action: managed_challenge Source: firewallManaged ASN Description: AS-QUALITYNETWORK Country: FI Method: POST Timestamp: 2026-02-05T13:35:47Z ruleId: 5de7edfa648c4d6891dc3e7f84534ffa. Report generated by Cloudflare-WAF-to-AbuseIPDB (https://github.com/MHG-LAB/Cloudflare-WAF-to-AbuseIPDB). show less	Hacking SQL Injection Web App Attack
🇮🇩 sockominfo	2026-02-05 08:00:31 (4 months ago)	Reported by TangerangKota-CSIRT. Status: MALICIOUS	Hacking Web App Attack
🇮🇩 sockominfo	2026-02-05 07:39:14 (4 months ago)	[WAZUH] Mixed case extension detected (case variation bypass)	Hacking Web App Attack
Anonymous	2026-01-25 07:01:05 (4 months ago)	wordpress-trap	Web App Attack
🇺🇸 nowyouknow	2025-12-19 11:00:21 (5 months ago)	(From [email protected]) Hello Team, I typed your main service keywords into Google ... show more (From [email protected]) Hello Team, I typed your main service keywords into Google today, and I noticed something frustrating. Your website is professionally designed, but it’s buried on Page 2. Meanwhile, 2 or 3 of your direct competitors, who frankly have weaker websites than you—are sitting at the top of Page 1. They are effectively "stealing" leads that were looking for you. They aren't better than you; they just have better SEO signals. I’ve already analyzed exactly what they are doing differently. If you want to see the comparison report, just reply "Yes" and I’ll send it over. Cheers, QIK show less	Phishing Web Spam

Showing 1 to 15 of 16 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇨🇳 220.197.78.96

🇩🇪 217.154.95.139

🇺🇸 135.119.88.104

🇨🇳 114.104.153.51

🇬🇧 216.226.76.10

🇩🇪 209.38.244.178

🇺🇸 195.184.76.23

🇪🇨 181.112.9.165

🇱🇾 102.38.3.184

🇩🇪 94.16.17.139

🇷🇺 81.24.95.33

🇵🇰 58.181.115.251

🇮🇷 37.32.26.36

🇶🇦 2600:1900:4260:40e::161

🇮🇩 2001:448a:2050:3434:4946:385c:a693:794d

🇮🇳 210.212.28.137

🇺🇸 195.184.76.183

🇺🇸 184.83.177.177

🇧🇷 177.200.248.44

🇺🇸 162.216.149.251