JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

AbuseIPDB » 80.82.68.17

80.82.68.17 was found in our database!

This IP was reported 547 times. Confidence of Abuse is 0%: ?

ISP	FiberXpress BV
Usage Type	Data Center/Web Hosting/Transit
ASN	AS202425
Domain Name	fiberxpress.net
Country	🇳🇱 Netherlands
City	Amsterdam, North Holland

IP info including ISP, Usage Type, and Location provided by IPInfo. Updated weekly.

Report 80.82.68.17

Whois 80.82.68.17

IP Abuse Reports for 80.82.68.17:

This IP address has been reported a total of 547 times from 140 distinct sources. 80.82.68.17 was first reported on November 25th 2020, and the most recent report was 1 year ago.

Old Reports: The most recent abuse report for this IP address is from 1 year ago . It is possible that this IP is no longer involved in abusive activities.

Reporter	IoA Timestamp (UTC)	Comment	Categories
Anonymous	2025-03-01 06:48:08 (1 year ago)	Blocked by UFW (TCP on 1723) Source port: 42819 TTL: 240 Packet length: 40 TOS: 0x14 This report (f ... show more Blocked by UFW (TCP on 1723) Source port: 42819 TTL: 240 Packet length: 40 TOS: 0x14 This report (for 80.82.68.17) was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter show less	Port Scan
Anonymous	2025-03-01 04:44:42 (1 year ago)	Port Scanner	Port Scan
🇧🇾 sashan	2025-03-01 04:36:01 (1 year ago)	2025-03-01T07:36:00.466011+03:00 gate kernel: [19728.768639] nftables: JAIL-TELNET IN=wan OUT= MAC= ... show more 2025-03-01T07:36:00.466011+03:00 gate kernel: [19728.768639] nftables: JAIL-TELNET IN=wan OUT= MAC= SRC=80.82.68.17 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=55464 PROTO=TCP SPT=42819 DPT=23 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
🇧🇾 sashan	2025-02-27 11:00:27 (1 year ago)	2025-02-27T14:00:26.625030+03:00 gate kernel: [357478.499070] nftables: JAIL-SSH IN=wan OUT= MAC= SR ... show more 2025-02-27T14:00:26.625030+03:00 gate kernel: [357478.499070] nftables: JAIL-SSH IN=wan OUT= MAC= SRC=80.82.68.17 DST=xxx.xxx.xxx.xxx LEN=40 TOS=0x00 PREC=0x00 TTL=242 ID=32727 PROTO=TCP SPT=53692 DPT=22 WINDOW=1024 RES=0x00 SYN URGP=0 ... show less	Port Scan
Anonymous	2025-02-15 00:25:26 (1 year ago)	Port Scanner	Port Scan
Anonymous	2025-02-14 13:42:48 (1 year ago)	Port Scanner	Port Scan
🇩🇪 marcel-knorr.de	2025-02-04 00:21:15 (1 year ago)	[headscale] Blocked by UFW	Port Scan Brute-Force
Anonymous	2025-02-02 23:19:54 (1 year ago)	80.82.68.17 - - [02/Feb/2025:23:17:18 +0000] "GET /new/login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Wi ... show more 80.82.68.17 - - [02/Feb/2025:23:17:18 +0000] "GET /new/login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [02/Feb/2025:23:17:18 +0000] "GET /covenantuser/login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [02/Feb/2025:23:17:18 +0000] "GET /admin/console/index.html HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [02/Feb/2025:23:17:18 +0000] "GET /api/panelhash HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [02/Feb/2025:23:17:23 +0000] "GET /login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML ... show less	Brute-Force SSH
Anonymous	2025-02-02 23:06:22 (1 year ago)	80.82.68.17 - - \[03/Feb/2025:07:06:21 +0800\] \"GET /admin/console/index.html HTTP/1.1\" 404 360 \" ... show more 80.82.68.17 - - \[03/Feb/2025:07:06:21 +0800\] \"GET /admin/console/index.html HTTP/1.1\" 404 360 \"-\" \"Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/126.0.0.0 Safari/537.36\" show less	Web App Attack
Anonymous	2025-02-02 22:31:32 (1 year ago)	Brute-Force reported by Fail2Ban	Brute-Force Web App Attack
Anonymous	2025-02-02 21:53:45 (1 year ago)	80.82.68.17 - - [02/Feb/2025:21:53:07 +0000] "GET /new/login HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Win ... show more 80.82.68.17 - - [02/Feb/2025:21:53:07 +0000] "GET /new/login HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 80.82.68.17 - - [02/Feb/2025:21:53:08 +0000] "GET /covenantuser/login HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 80.82.68.17 - - [02/Feb/2025:21:53:08 +0000] "GET /admin/console/index.html HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 80.82.68.17 - - [02/Feb/2025:21:53:08 +0000] "GET /api/panelhash HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" 80.82.68.17 - - [02/Feb/2025:21:53:10 +0000] "GET /login HTTP/1.1" 404 197 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari ... show less	FTP Brute-Force Port Scan Hacking Brute-Force Bad Web Bot Web App Attack SSH
🇮🇳 Manoj Joshi	2025-02-01 05:17:00 (1 year ago)	80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xFE\x01\x00\x00\xFA\x03\x03\xDD\xE9n^ ... show more 80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xFE\x01\x00\x00\xFA\x03\x03\xDD\xE9n^\xDE\xB9h\x8E\x04\xB41\x06\xE7\xB0\xE3\xBFm\x92\xD6{\xE9\xF5\xD66\xFAj\x00\xD3" 400 157 "-" "-" "-" 80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xDF\x01\x00\x00\xDB\x03\x03\x19\x91\x9A\x15\x80\xE8" 400 157 "-" "-" "-" 80.82.68.17 - - [01/Feb/2025:02:58:12 +0000] "\x16\x03\x01\x00\xCD\x01\x00\x00\xC9\x03\x03K\x93U\xEE5\x0E\xEA" 400 157 "-" "-" "-" The request line ("\x16\x03\x01\x00\xFE\x01\x00\x00\xFA...") contains non-ASCII characters, which is unusual in legitimate HTTP requests. These characters suggest an attempt to communicate using TLS (Transport Layer Security) handshake messages. The same IP (80.82.68.17) made multiple malformed requests within 1 second. This is typical of automated vulnerability scanners or bot-driven brute-force attempts. show less	DDoS Attack Port Scan Bad Web Bot Exploited Host Web App Attack
🇺🇸 mnsf	2025-01-31 18:03:07 (1 year ago)	Too many Status 40X (11)	Brute-Force Web App Attack
Anonymous	2025-01-31 08:17:31 (1 year ago)	80.82.68.17 - - [31/Jan/2025:08:14:50 +0000] "GET /covenantuser/login HTTP/1.1" 400 666 "-" "Mozill ... show more 80.82.68.17 - - [31/Jan/2025:08:14:50 +0000] "GET /covenantuser/login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [31/Jan/2025:08:14:50 +0000] "GET /new/login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [31/Jan/2025:08:14:51 +0000] "GET /api/panelhash HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [31/Jan/2025:08:14:51 +0000] "GET /admin/console/index.html HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36" "-" "-" 80.82.68.17 - - [31/Jan/2025:08:14:56 +0000] "GET /login HTTP/1.1" 400 666 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML ... show less	Brute-Force SSH
Anonymous	2025-01-31 08:05:00 (1 year ago)	80.82.68.17 - - \[31/Jan/2025:16:04:59 +0800\] \"GET /admin/console/index.html HTTP/1.1\" 404 360 \" ... show more 80.82.68.17 - - \[31/Jan/2025:16:04:59 +0800\] \"GET /admin/console/index.html HTTP/1.1\" 404 360 \"-\" \"Mozilla/5.0 \(Windows NT 10.0\; Win64\; x64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/126.0.0.0 Safari/537.36\" show less	Web App Attack

Showing 1 to 15 of 547 reports

Think this IP has been falsely reported? You may request to have the associated reports reviewed and removed. Request Takedown 🚩

Recently Reported IPs:

🇵🇱 194.180.48.31

🇲🇽 187.189.84.231

🇷🇺 176.14.208.244

🇺🇸 64.62.156.46

🇻🇪 200.82.239.248

🇮🇱 176.229.118.69

🇨🇻 165.90.110.1

🇺🇸 104.168.99.198

🇯🇵 35.243.84.14

🇰🇷 211.197.12.104

🇩🇪 195.230.103.250

🇳🇱 195.178.110.30

🇪🇨 193.30.14.163

🇺🇸 192.186.143.131

🇦🇷 186.22.70.57

🇨🇱 181.162.76.16

🇨🇳 116.179.32.207

🇧🇩 103.174.23.116

🇮🇹 87.2.255.203

🇺🇸 64.62.156.77