User Stefan Dreher joined AbuseIPDB in October 2018 and has reported 8,530 IP addresses.
Standing (weight) is good.
ACTIVE USER
IP | Date | Comment | Categories |
---|---|---|---|
4.255.98.197 | Hacking Web App Attack | ||
98.96.253.254 |
Sep 12 03:00:10 mail postfix/smtpd[725508]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5 ... show moreSep 12 03:00:10 mail postfix/smtpd[725508]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]>
Sep 12 03:00:12 mail postfix/smtpd[725508]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]> Sep 12 03:00:16 mail postfix/smtpd[725508]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 450 4.1.8 <[email protected]>: Sender address rejected: Domain not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]> ... show less |
Port Scan Hacking | |
66.240.236.116 | Hacking Web App Attack | ||
104.40.75.109 | Hacking Web App Attack | ||
98.96.253.254 |
Sep 11 20:54:15 mail postfix/smtpd[682407]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5 ... show moreSep 11 20:54:15 mail postfix/smtpd[682407]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]>
Sep 11 20:54:19 mail postfix/smtpd[682407]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 554 5.7.1 <[email protected]>: Relay access denied; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]> Sep 11 20:54:23 mail postfix/smtpd[682407]: NOQUEUE: reject: RCPT from unknown[98.96.253.254]: 450 4.1.8 <[email protected]>: Sender address rejected: Domain not found; from=<[email protected]> to=<[email protected]> proto=ESMTP helo=<[10.137.193.27]> ... show less |
Port Scan Hacking | |
109.74.204.123 |
109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /rest/applinks/1.0/manifest HTTP/1.1" 404 153 " ... show more109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /rest/applinks/1.0/manifest HTTP/1.1" 404 153 "-" "curl/7.54.0"
109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /webui HTTP/1.1" 404 153 "-" "curl/7.54.0" 109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /nmaplowercheck1726079760 HTTP/1.1" 404 153 "-" "curl/7.54.0" 109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /.git/HEAD HTTP/1.1" 404 153 "-" "curl/7.54.0" 109.74.204.123 - - [11/Sep/2024:20:36:00 +0200] "GET /Portal0000.htm HTTP/1.1" 404 153 "-" "curl/7.54.0" ... show less |
Hacking Brute-Force | |
47.254.122.160 |
47.254.122.160 - - [11/Sep/2024:20:32:19 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+a ... show more47.254.122.160 - - [11/Sep/2024:20:32:19 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
8.134.200.99 |
8.134.200.99 - - [11/Sep/2024:20:24:12 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+aut ... show more8.134.200.99 - - [11/Sep/2024:20:24:12 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
45.76.21.47 |
45.76.21.47 - - [11/Sep/2024:13:50:18 +0200] "HEAD /wordpress HTTP/1.1" 404 0 "http://aldin.at/wordp ... show more45.76.21.47 - - [11/Sep/2024:13:50:18 +0200] "HEAD /wordpress HTTP/1.1" 404 0 "http://aldin.at/wordpress" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
45.76.21.47 - - [11/Sep/2024:13:50:18 +0200] "HEAD /wp HTTP/1.1" 404 0 "http://aldin.at/wp" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.76.21.47 - - [11/Sep/2024:13:50:18 +0200] "HEAD /bc HTTP/1.1" 404 0 "http://aldin.at/bc" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.76.21.47 - - [11/Sep/2024:13:50:19 +0200] "HEAD /bk HTTP/1.1" 404 0 "http://aldin.at/bk" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.76.21.47 - - [11/Sep/2024:13:50:19 +0200] "HEAD /backup HTTP/1.1" 404 0 "http://aldin.at/backup" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, show less |
Hacking Brute-Force | |
8.216.88.87 |
8.216.88.87 - - [11/Sep/2024:13:29:01 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto ... show more8.216.88.87 - - [11/Sep/2024:13:29:01 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
104.209.35.76 | Hacking Web App Attack | ||
78.153.140.179 |
78.153.140.179 - - [11/Sep/2024:10:36:34 +0200] "GET /.env HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Linux ... show more78.153.140.179 - - [11/Sep/2024:10:36:34 +0200] "GET /.env HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Linux; Android 7.0; SAMSUNG SM-A520F Build/NRD90M) AppleWebKit/537.36 (KHTML, like Gecko) SamsungBrowser/6.4 Chrome/56.0.2924.87 Mobile Safari/537.36"
78.153.140.179 - - [11/Sep/2024:10:36:34 +0200] "GET /staging/.env HTTP/1.1" 400 255 "-" "Mozilla/5.0 (X11; U; Linux i586; de; rv:5.0) Gecko/20100101 Firefox/5.0" 78.153.140.179 - - [11/Sep/2024:10:36:34 +0200] "GET /.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_8; en-US) AppleWebKit/532.8 (KHTML, like Gecko) Chrome/4.0.302.2 Safari/532.8" 78.153.140.179 - - [11/Sep/2024:10:36:35 +0200] "GET /backend/.env HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/58.0.3029.96 Safari/537.36" 78.153.140.179 - - [11/Sep/2024:10:36:35 +0200] "GET /staging/.env HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2490.22 Safari/537.36" ... show less |
Hacking Brute-Force | |
20.236.249.48 | Hacking Web App Attack | ||
47.236.156.253 |
47.236.156.253 - - [11/Sep/2024:09:54:02 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+a ... show more47.236.156.253 - - [11/Sep/2024:09:54:02 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
172.169.3.202 | Hacking Web App Attack | ||
52.160.82.247 | Hacking Web App Attack | ||
47.245.117.221 |
47.245.117.221 - - [11/Sep/2024:08:36:46 +0200] "GET /dns-query?dns=HpwBAAABAAAAAAAAB2V4YW1wbGUDY29t ... show more47.245.117.221 - - [11/Sep/2024:08:36:46 +0200] "GET /dns-query?dns=HpwBAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE HTTP/1.1" 404 153 "-" "Go-http-client/1.1"
47.245.117.221 - - [11/Sep/2024:08:36:47 +0200] "POST /dns-query HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 47.245.117.221 - - [11/Sep/2024:08:36:47 +0200] "GET /dns-query?name=example.com&type=A HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 47.245.117.221 - - [11/Sep/2024:08:36:47 +0200] "GET /dns-query?dns=DcMBAAABAAAAAAAAB2V4YW1wbGUDY29tAAABAAE HTTP/1.1" 404 153 "-" "Go-http-client/1.1" 47.245.117.221 - - [11/Sep/2024:08:36:47 +0200] "POST /dns-query HTTP/1.1" 404 153 "-" "Go-http-client/1.1" ... show less |
Hacking Brute-Force | |
77.91.78.132 |
77.91.78.132 - - [11/Sep/2024:05:46:59 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+aut ... show more77.91.78.132 - - [11/Sep/2024:05:46:59 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
8.216.89.78 |
8.216.89.78 - - [11/Sep/2024:05:08:46 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto ... show more8.216.89.78 - - [11/Sep/2024:05:08:46 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
62.138.18.253 |
62.138.18.253 - - [11/Sep/2024:03:07:28 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+au ... show more62.138.18.253 - - [11/Sep/2024:03:07:28 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
144.22.151.82 |
144.22.151.82 - - [11/Sep/2024:03:06:23 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+au ... show more144.22.151.82 - - [11/Sep/2024:03:06:23 +0200] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 404 153 "-" "Custom-AsyncHttpClient"
... show less |
Hacking Web App Attack | |
78.153.140.151 |
78.153.140.151 - - [11/Sep/2024:00:20:03 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Linux ... show more78.153.140.151 - - [11/Sep/2024:00:20:03 +0200] "GET /.env HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Linux; U; Android 4.1.2; ru-ru; GT-S5282 Build/JZO54K) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30"
78.153.140.151 - - [11/Sep/2024:00:20:04 +0200] "GET /.config.yaml HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Linux; U; Android 2.3.3; en-us; HTC-A9192/1.0 Build/GRI40) AppleWebKit/533.1 (KHTML, like Gecko) Version/4.0 Mobile Safari/533.1" 78.153.140.151 - - [11/Sep/2024:00:20:04 +0200] "GET /.env.bak HTTP/1.1" 404 153 "-" "Mozilla/5.0 (X11; U; Linux x86_64; de-AT; rv:1.8.0.2) Gecko/20060422 Firefox/1.5.0.2" 78.153.140.151 - - [11/Sep/2024:00:20:05 +0200] "GET /.env.example HTTP/1.1" 404 153 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; zh-CN; rv:1.9.2.15) Gecko/20110303 Firefox/3.6.15" 78.153.140.151 - - [11/Sep/2024:00:20:05 +0200] "GET /.env.prod HTTP/1.1" 404 153 "-" "Mozilla/5.0 (X11; U; Linux i686; en-GB; rv:1.9.2.16) Gecko/20110319 Firefox/3.6.16" ... show less |
Hacking Brute-Force | |
172.168.40.210 | Hacking Web App Attack | ||
2.57.122.161 | Hacking Web App Attack | ||
172.206.143.222 | Hacking Web App Attack |