AF - AbuseIPDB User Profile

JavaScript is disabled. Some features of this site may not work properly. For a smoother experience, please enable JavaScript in your browser settings.

User AF joined AbuseIPDB in April 2025 and has reported 3,755 IP addresses.

Standing (weight) is good.

INACTIVE USER

IP	Date	Comment	Categories
🇯🇵 106.73.200.65	15 Jul 2025	Invalid user admin from 106.73.200.65 port 61477	Brute-Force SSH
🇰🇷 218.154.220.66	15 Jul 2025	Invalid user admin from 218.154.220.66 port 46120	Brute-Force SSH
🇨🇳 117.50.70.169	15 Jul 2025	Invalid user liamkj from 117.50.70.169 port 54650	Brute-Force SSH
🇨🇳 117.48.157.75	15 Jul 2025	Invalid user highgo from 117.48.157.75 port 56834	Brute-Force SSH
🇦🇷 168.226.214.19	15 Jul 2025	Invalid user admin from 168.226.214.19 port 37627	Brute-Force SSH
🇹🇭 184.22.176.59	15 Jul 2025	Invalid user admin from 184.22.176.59 port 48593	Brute-Force SSH
🇭🇺 188.36.125.45	15 Jul 2025	Invalid user user from 188.36.125.45 port 21963	Brute-Force SSH
🇰🇷 119.203.11.243	15 Jul 2025	Invalid user Admin from 119.203.11.243 port 39359	Brute-Force SSH
🇺🇸 96.73.100.58	15 Jul 2025	Invalid user usr from 96.73.100.58 port 46275	Brute-Force SSH
🇰🇷 121.186.110.136	15 Jul 2025	Invalid user admin from 121.186.110.136 port 53544	Brute-Force SSH
🇰🇷 121.142.56.91	15 Jul 2025	Invalid user NL5xUDpV2xRa from 121.142.56.91 port 25050	Brute-Force SSH
🇯🇵 118.243.84.38	15 Jul 2025	Invalid user ubuntu from 118.243.84.38 port 60762	Brute-Force SSH
🇮🇳 125.17.108.32	18 Jun 2025	Activity: Attempted directory traversal and potential web shell execution (possible web app attack) ... show more Activity: Attempted directory traversal and potential web shell execution (possible web app attack) Action: Blocked by firewall Access Log Entries: • [17/Jun/2025:20:11:43 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" "-" show less	SQL Injection
🇳🇱 89.42.231.140	18 Jun 2025	Activity: Port Scan Action: Blocked by firewall Access Log Entries: • [17/Jun/2025:03:55:48 +0000] ... show more Activity: Port Scan Action: Blocked by firewall Access Log Entries: • [17/Jun/2025:03:55:48 +0000] "GET /cgi-bin/luci/;stok=/locale HTTP/1.1" 400 154 "-" "-" "-" • [17/Jun/2025:14:42:37 +0000] "GET /cgi-bin/luci/;stok=/locale HTTP/1.1" 400 154 "-" "-" "-" show less	Port Scan
🇫🇷 170.39.218.2	18 Jun 2025	Activity: Normal web activity, port scanning attempts, and potential host exploitation attempts Act ... show more Activity: Normal web activity, port scanning attempts, and potential host exploitation attempts Action: Blocked by firewall Access Log Entries: • [17/Jun/2025:02:43:21 +0000] "GET / HTTP/1.1" 400 150 "-" "-" "-" • [17/Jun/2025:02:43:27 +0000] "GET / HTTP/1.1" 400 154 "-" "l9tcpid/v1.1.0" "-" • [17/Jun/2025:12:31:34 +0000] "GET / HTTP/1.1" 400 150 "-" "-" "-" • [17/Jun/2025:12:31:44 +0000] "GET / HTTP/1.1" 400 154 "-" "l9tcpid/v1.1.0" "-" • [17/Jun/2025:12:31:44 +0000] "GET /.git/config HTTP/1.1" 403 118 "-" "l9explore/1.2.2" "-" • [17/Jun/2025:12:46:51 +0000] "GET / HTTP/1.1" 400 150 "-" "-" "-" • [17/Jun/2025:12:46:58 +0000] "GET / HTTP/1.1" 400 154 "-" "l9tcpid/v1.1.0" "-" • [17/Jun/2025:12:46:58 +0000] "GET /.git/config HTTP/1.1" 403 118 "-" "l9explore/1.2.2" "-" • [17/Jun/2025:13:21:41 +0000] "GET / HTTP/1.1" 400 150 "-" "-" "-" • [17/Jun/2025:17:04:44 +0000] "GET / HTTP/1.1" 400 248 "-" "l9tcpid/v1.1.0" "-" • [17/Jun/2025:17:04:44 +0000] "GET /.git/config HTTP/1.1" 400 248 "-" "l9explore/1.2.2" "-" • [ show less	Port Scan Exploited Host
🇬🇧 87.236.176.26	15 Jun 2025	Activity: Port Scan Action: Blocked by firewall Access Log Entries: • [14/Jun/2025:04:10:49 +0000] ... show more Activity: Port Scan Action: Blocked by firewall Access Log Entries: • [14/Jun/2025:04:10:49 +0000] "x12x01x00x1Ax00x00x00x00x00x00x0Bx00x06x01x00x11x00x01xFFx08x00x01Ux00x00x01" 400 150 "-" "-" "-" show less	Port Scan
🇨🇳 117.48.157.75	13 Jun 2025	Activity: Port scanning attempts and potential SQL injection attempts Action: Blocked by firewall ... show more Activity: Port scanning attempts and potential SQL injection attempts Action: Blocked by firewall Access Log Entries: • [12/Jun/2025:17:08:42 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" "-" • [12/Jun/2025:17:08:43 +0000] "POST /cgi-bin/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/%%32%65%%32%65/bin/sh HTTP/1.1" 400 150 "-" "-" "-" • [12/Jun/2025:17:08:43 +0000] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 403 146 "-" "Custom-AsyncHttpClient" "-" show less	Port Scan SQL Injection
🇺🇸 45.55.202.3	13 Jun 2025	Activity: Normal web request and a potential port scan or probing attempt Action: Blocked by firewa ... show more Activity: Normal web request and a potential port scan or probing attempt Action: Blocked by firewall Access Log Entries: • [12/Jun/2025:16:49:37 +0000] "x16x03x01x00ux01x00x00qx03x03x80MxC2xF9F3x9Ex95xD5ixAF<xF1TJXzx1Bx9AxAFx95xF5-*%xEDxB1xCApx88jxF3x00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" show less	Port Scan
🇮🇳 139.59.36.73	13 Jun 2025	Activity: Normal browsing, port scan attempt, and potential SQL injection attempt Action: Blocked b ... show more Activity: Normal browsing, port scan attempt, and potential SQL injection attempt Action: Blocked by firewall Access Log Entries: • [12/Jun/2025:03:11:51 +0000] "x16x03x01x00ux01x00x00qx03x03x10<xABxBD3x19xDDx10x5C5?x91Fv`x9AMxBBxF1x92jBlx9B]*x14xB9x03qexD4x00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" show less	Port Scan SQL Injection
🇺🇸 138.197.105.180	12 Jun 2025	Activity: Normal web browsing, port scanning, and hacking attempts (including potential exploits and ... show more Activity: Normal web browsing, port scanning, and hacking attempts (including potential exploits and attack payloads) Action: Blocked by firewall Access Log Entries: • [11/Jun/2025:14:44:51 +0000] "x16x03x01x00ux01x00x00qx03x03xDD,x81xD7xCASx90xC3x9BxEAxB9x09xDDx8ARxC9Px09x90x09_xDC$x02x01x97xA2xB7/xAFx01xD6x00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" • [11/Jun/2025:14:44:51 +0000] "GET /form.html HTTP/1.1" 400 150 "-" "curl/8.1.2" "-" • [11/Jun/2025:14:44:51 +0000] "x16x03x01x00ux01x00x00qx03x03=\|x99x9Eix084<x90:Hx18Ix02xE4xF8^xA3x99x04x7FxF1xB1`xB4xB2OZ8xB0x04x9Ex00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" • [11/Jun/2025:14:44:51 +0000] "x16x03x01x00ux01x00x00qx03x03x95xE3[BxF7xEAxF8x07xB6xFBxAE'fx8D'wx1Bx11xB9x8DxCFVx9D(xFAx9Fx0BxB4=mxEAxC4x00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" show less	Port Scan Hacking
🇫🇷 170.39.218.2	12 Jun 2025	Activity: Port scanning and probing for sensitive files Action: Blocked by firewall Access Log Ent ... show more Activity: Port scanning and probing for sensitive files Action: Blocked by firewall Access Log Entries: • [11/Jun/2025:10:47:48 +0000] "GET / HTTP/1.1" 400 154 "-" "l9tcpid/v1.1.0" "-" • [11/Jun/2025:10:47:49 +0000] "GET /.git/config HTTP/1.1" 403 118 "-" "l9explore/1.2.2" "-" • [11/Jun/2025:10:47:50 +0000] "GET / HTTP/1.1" 400 150 "-" "-" "-" show less	Port Scan Exploited Host
🇨🇦 159.203.24.189	12 Jun 2025	Activity: Normal web browsing, port scanning, and potential exploitation attempts Action: Blocked b ... show more Activity: Normal web browsing, port scanning, and potential exploitation attempts Action: Blocked by firewall Access Log Entries: • [11/Jun/2025:01:53:07 +0000] "x16x03x01x00ux01x00x00qx03x03]xA4x92C" 400 150 "-" "-" "-" • [11/Jun/2025:01:53:07 +0000] "x16x03x01x00ux01x00x00qx03x03yxAAxE3Bx7FxAAxAFxCF1y9xD9JxB9x7F9x94YMxBCOxB9x9DxAAxB0xE6xADxD8x91xB5u%x00x00x1AxC0/xC0+xC0x11xC0x07xC0x13xC0x09xC0x14xC0" 400 150 "-" "-" "-" • [11/Jun/2025:01:53:07 +0000] "x16x03x01x00ux01x00x00qx03x03xB9x8F[xDBx18x22ex8F8sxA26*ex0FC}0m-,(R" 400 150 "-" "-" "-" • [11/Jun/2025:01:53:07 +0000] "GET /form.html HTTP/1.1" 400 150 "-" "curl/8.1.2" "-" show less	Port Scan Exploited Host
🇨🇦 148.113.208.45	11 Jun 2025	Activity: Normal web activity, port scanning, and hacking attempts Action: Blocked by firewall Acc ... show more Activity: Normal web activity, port scanning, and hacking attempts Action: Blocked by firewall Access Log Entries: • [10/Jun/2025:18:00:40 +0000] "GET / HTTP/1.1" 400 154 "http://<host_IP>/" "Mozilla/5.0 (compatible; ModatScanner/1.0; +https://modat.io/)" "-" • [10/Jun/2025:18:21:44 +0000] "x16x03x03x01xA5x01x00x01xA1x03x03/xCF;x82x8CxBD{%x94x12rxC3xE0x14x1CxBC" 400 150 "-" "-" "-" • [10/Jun/2025:18:21:44 +0000] "x16x03x03x01xA5x01x00x01xA1x03x03Fg#x06xE5xC1ZxFBGx9BxC2kqxF3x0CxF9KxF95xA1xA5xB3x07xFFgkxF5xED6jxE6x02 ixDExE7xE8xCC_ x8BxD6xEB8x84qJxBE[~xB6xE87x18x15Bx1Bx7Fvx0C?x88xACx9CxAFx00x8Ax00x05x00x04x00x07x00xC0x00x84x00xBAx00Ax00x9DxC0xA1xC0x9Dx00=x005x00x9CxC0xA0xC0x9Cx00<x00/x00" 400 150 "-" "-" "-" • [10/Jun/2025:18:21:44 +0000] "x16x03x03x01Vx01x00x01Rx03x03BxA0xDBpx9C9GxF6x98xF9x0CxDDxD1x92s" 400 150 "-" "-" "-" • [10/Jun/2025:18:21:44 +0000] "x16x03x03x01Hx01x00x01Dx03x03axB1xCExE6x04x89x1Cx9Dx17x22Rx0ExC2dHxADxCBx09x02gxDDxFC2x00x8DxB6qxECxB9Y^W xC8uTx22" 400 150 "-" "-" "-" • [10/Jun/2025:18:21 show less	Port Scan Hacking
🇹🇼 114.43.135.154	11 Jun 2025	Activity: Attempted directory traversal and command execution (possible web shell or exploit attempt ... show more Activity: Attempted directory traversal and command execution (possible web shell or exploit attempt) Action: Blocked by firewall Access Log Entries: • [10/Jun/2025:12:27:31 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 150 "-" "-" "-" show less	SQL Injection
🇦🇺 209.38.80.157	11 Jun 2025	Activity: Normal web browsing, port scanning attempts, and potential exploitation attempts Action: ... show more Activity: Normal web browsing, port scanning attempts, and potential exploitation attempts Action: Blocked by firewall Access Log Entries: • [10/Jun/2025:12:23:43 +0000] "x16x03x01x00ux01x00x00qx03x03x1B" 400 150 "-" "-" "-" • [10/Jun/2025:12:23:43 +0000] "x16x03x01x00ux01x00x00qx03x03xA5xBCexBBx04" 400 150 "-" "-" "-" show less	Port Scan Exploited Host