Manoj Joshi - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User Manoj Joshi joined AbuseIPDB in January 2025 and has reported 18 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇺🇸 192.133.77.17	01 Feb 2025	2025/01/29 14:26:01 [info] 8#8: 23 client sent invalid header line: "Finagle-Ctx-com.twitter.finagl ... show more 2025/01/29 14:26:01 [info] 8#8: 23 client sent invalid header line: "Finagle-Ctx-com.twitter.finagle.Retries: 0" while reading client request headers, client: 192.133.77.17, server: aipolls.net, request: "GET /robots.txt HTTP/1.1", host: "www.aipolls.net" show less	Hacking
🇪🇪 194.106.118.84	01 Feb 2025	2025/01/30 07:29:13 [error] 8#8: 71 open() "/var/www/poll_author/static/.vscode/ftp-sync.json" fail ... show more 2025/01/30 07:29:13 [error] 8#8: 71 open() "/var/www/poll_author/static/.vscode/ftp-sync.json" failed (2: No such file or directory), client: 194.106.118.84, server: aipolls.net, request: "GET //static/.vscode/ftp-sync.json HTTP/1.1", host: "3.215.200.112" show less	Hacking
🇺🇸 108.174.5.113	01 Feb 2025	2025/01/30 09:03:16 [info] 8#8: 82 client sent invalid header line: "X-LI-R2-W-IC-1-com.linkedin.co ... show more 2025/01/30 09:03:16 [info] 8#8: 82 client sent invalid header line: "X-LI-R2-W-IC-1-com.linkedin.container.rpc.trace.rpcTrace: (ltx1-app80323.prod.linkedin.com,l1proxy,voyager/api/graphql,AAYs6LJT2t5hlJgBmPC90g==,2025/01/30 09:03:16.139)[ltx1-app86052,voyager-api-feed,/graphql?includeWebMetadata=&variables=&queryId=voyagerContentcreationDashUpdateUrlPreview.4c01ebdb1fc5b68466e28e4b4aff0fb9 GET][ltx1-app130700,babylonia-ingestion,/contentIngestionTasks/ PUT]" while reading client request headers, client: 108.174.5.113, server: aipolls.net, request: "GET / HTTP/1.1" show less	Hacking
🇨🇳 39.82.51.42	01 Feb 2025	2025/01/30 13:54:50 [info] 8#8: 65 client sent invalid request while reading client request line, c ... show more 2025/01/30 13:54:50 [info] 8#8: 65 client sent invalid request while reading client request line, client: 39.82.51.42, server: aipolls.net, request: "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" show less	Hacking
🇸🇬 152.42.232.253	01 Feb 2025	152.42.232.253 - - [01/Feb/2025:05:29:51 +0000] "GET /teorema505?t=1 HTTP/1.1" 200 780 "-" "Mozilla/ ... show more 152.42.232.253 - - [01/Feb/2025:05:29:51 +0000] "GET /teorema505?t=1 HTTP/1.1" 200 780 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" show less	Hacking
🇬🇧 80.85.85.152	01 Feb 2025	80.85.85.152 - - [31/Jan/2025:09:15:40 +0000] "\x16\x03\x01\x00\xFC\x01\x00\x00\xF8\x03\x03\xF5\xF8\ ... show more 80.85.85.152 - - [31/Jan/2025:09:15:40 +0000] "\x16\x03\x01\x00\xFC\x01\x00\x00\xF8\x03\x03\xF5\xF8\xCA\x12\xE9\x5C\xD4\xB4\x8Fx\xAE\xC7d\x8D\xE4\xDD\xE2J\xBE,\xF5\xFE\x99\xB3\xF2<F\xBC5\x8E]t \xA1y\x98\x0C?\x81\xD0\x82\xC3\x22\xA5\xE5 l;\xB7\xB3\x01\xA7\xF0d\xF8(\x88@\xD2\xAD\xD7]\x5C\x97\xC9\x00$\x13\x02\x13\x03\x13\x01\xC0,\xC00\xC0+\xC0/\xCC\xA9\xCC\xA8\xC0$\xC0(\xC0#\xC0'\x00\x9F\x00\x9E\x00k\x00g\x00\xFF\x01\x00\x00\x8B\x00\x0B\x00\x04\x03\x00\x01\x02\x00" 400 157 "-" "-" "-" 80.85.85.152 - - [31/Jan/2025:09:15:40 +0000] "GET / HTTP/1.1" 200 780 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0" 80.85.85.152 - - [31/Jan/2025:09:15:40 +0000] "\x16\x03\x01\x00\xFC\x01\x00\x00\xF8\x03\x03!\xD94\x8C\x1E0\xEAr:\x9E;K?\x09\xCC1\x0F4\x0C\x81\xFD\xAA[H\xB3(\x1D\xD1\x0C\xF2]\xD7 \xBC\x81G\xA1\xA0\xAEF\x13\x5C=\xA4N\x02\x95\x19\x852F\x227\xEFe[\x16zQ\x14<uF\x1D" 400 157 "-" "-" "-" show less	Hacking
🇺🇸 64.62.197.230	01 Feb 2025	64.62.197.230 - - [31/Jan/2025:10:24:12 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x1Cs\xA1\xA1\ ... show more 64.62.197.230 - - [31/Jan/2025:10:24:12 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\x1Cs\xA1\xA1\xFA\x13\x02*W\xC0d\x95D7\x9A" 400 157 "-" "-" "-" show less	Hacking
🇸🇬 178.128.48.219	01 Feb 2025	178.128.48.219 - - [31/Jan/2025:10:28:13 +0000] "" 400 0 "-" "-" "-" 178.128.48.219 - - [31/Jan/202 ... show more 178.128.48.219 - - [31/Jan/2025:10:28:13 +0000] "" 400 0 "-" "-" "-" 178.128.48.219 - - [31/Jan/2025:10:28:17 +0000] "GET //wp-includes/ID3/license.txt HTTP/1.1" 200 1877 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 178.128.48.219 - - [31/Jan/2025:10:28:18 +0000] "GET //feed/ HTTP/1.1" 200 1877 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 178.128.48.219 - - [31/Jan/2025:10:28:18 +0000] "GET //xmlrpc.php?rsd HTTP/1.1" 200 1877 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" 178.128.48.219 - - [31/Jan/2025:10:28:20 +0000] "GET //blog/wp-includes/wlwmanifest.xml HTTP/1.1" 200 1877 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36" show less	Hacking
🇺🇸 134.209.73.122	01 Feb 2025	134.209.73.122 - - [31/Jan/2025:12:00:41 +0000] "\x00\x0E8\x01\x01\x01\x01\x01\x01\x01\x01\x00\x00\x ... show more 134.209.73.122 - - [31/Jan/2025:12:00:41 +0000] "\x00\x0E8\x01\x01\x01\x01\x01\x01\x01\x01\x00\x00\x00\x00\x00" 400 157 "-" "-" show less	Hacking
🇺🇸 206.189.186.40	01 Feb 2025	206.189.186.40 - - [31/Jan/2025:13:15:32 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xAF\xC6,\x12 ... show more 206.189.186.40 - - [31/Jan/2025:13:15:32 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xAF\xC6,\x12\xB7\xE9\xD1" 400 157 "-" "-" "-" 206.189.186.40 - - [31/Jan/2025:13:15:32 +0000] "\x16\x03\x01\x00{\x01\x00\x00w\x03\x03\xEC\xCE4\xF6B9\xCC\xDF\xBB\xAF\xD18\xAD\x93f\xD4\xCE\xCF:\x09u\xB59\xC7_\xC2\xDE\xFCG\xDF\xC5\xF9\x00\x00\x1A\xC0/\xC0+\xC0\x11\xC0\x07\xC0\x13\xC0\x09\xC0\x14\xC0" 400 157 "-" "-" "-" show less	Hacking
🇯🇵 164.52.24.188	01 Feb 2025	164.52.24.188 - - [31/Jan/2025:18:35:14 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x07cM\x ... show more 164.52.24.188 - - [31/Jan/2025:18:35:14 +0000] "\x16\x03\x01\x02\x00\x01\x00\x01\xFC\x03\x03\x07cM\xDC%A\x08O\xCA\xD9V\x11\xE8k\xA3\xF2\x81\xF2\x81\xF6\x1A\xB7\x8E5\xC0d\x0F)\xC1\x01G/ \x05\x15\x13\x98\xF8h\xDAe\xD6\xA8\x08Q\x00w1\x8C\x18\x96y^\x0E\x88\x8D\xF1y\x8F\x8C\x02\x920\xF1\x9A\x00>\x13\x02\x13\x03\x13\x01\xC0,\xC00\x00\x9F\xCC\xA9\xCC\xA8\xCC\xAA\xC0+\xC0/\x00\x9E\xC0$\xC0(\x00k\xC0#\xC0'\x00g\xC0" 400 157 "-" "-" "-" show less	Hacking
🇺🇸 18.208.154.164	01 Feb 2025	18.208.154.164 - - [31/Jan/2025:19:06:59 +0000] "GET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/ji ... show more 18.208.154.164 - - [31/Jan/2025:19:06:59 +0000] "GET /s/lkx/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1" 200 780 "-" "l9explore/1.2.2" 18.208.154.164 - - [31/Jan/2025:19:07:02 +0000] "GET /api/geojson?url=file:///etc/hosts HTTP/1.1" 404 232 "-" "l9explore/1.2.2" show less	Exploited Host Web App Attack
🇺🇸 45.79.181.251	01 Feb 2025	45.79.181.251 - - [31/Jan/2025:21:21:17 +0000] "\x16\x03\x01\x01" 400 157 "-" "-" "-"	Port Scan
🇳🇱 80.82.68.17	01 Feb 2025	80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xFE\x01\x00\x00\xFA\x03\x03\xDD\xE9n^ ... show more 80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xFE\x01\x00\x00\xFA\x03\x03\xDD\xE9n^\xDE\xB9h\x8E\x04\xB41\x06\xE7\xB0\xE3\xBFm\x92\xD6{\xE9\xF5\xD66\xFAj\x00\xD3" 400 157 "-" "-" "-" 80.82.68.17 - - [01/Feb/2025:02:58:11 +0000] "\x16\x03\x01\x00\xDF\x01\x00\x00\xDB\x03\x03\x19\x91\x9A\x15\x80\xE8" 400 157 "-" "-" "-" 80.82.68.17 - - [01/Feb/2025:02:58:12 +0000] "\x16\x03\x01\x00\xCD\x01\x00\x00\xC9\x03\x03K\x93U\xEE5\x0E\xEA" 400 157 "-" "-" "-" The request line ("\x16\x03\x01\x00\xFE\x01\x00\x00\xFA...") contains non-ASCII characters, which is unusual in legitimate HTTP requests. These characters suggest an attempt to communicate using TLS (Transport Layer Security) handshake messages. The same IP (80.82.68.17) made multiple malformed requests within 1 second. This is typical of automated vulnerability scanners or bot-driven brute-force attempts. show less	DDoS Attack Port Scan Bad Web Bot Exploited Host Web App Attack
🇳🇴 185.12.59.118	01 Feb 2025	2025/01/31 06:05:31 [info] 8#8: 2994 client sent invalid method while reading client request line, ... show more 2025/01/31 06:05:31 [info] 8#8: 2994 client sent invalid method while reading client request line, client: 185.12.59.118, server: aipolls.net, request: "SSH-2.0-OpenSSH_0.3xxAAAAAAAAAAAAAAAAAAAABBBBBBBBBBBBBBBBBBBB;_¼cÓü^Aç^WzOy¨Ì/N¾7lëyR" Invalid Method - SSH Request on HTTP(S) Port: The log entry (client sent invalid method while reading client request line) shows that a client at 185.12.59.118 sent an unexpected request to your Nginx server, resembling an SSH handshake (SSH-2.0-OpenSSH_0.3xx...). show less	Port Scan SSH