legitssl - AbuseIPDB User Profile

User legitssl , the webmaster of legitssl.com, joined AbuseIPDB in February 2019 and has reported 299,596 IP addresses.

Standing (weight) is good.

INACTIVE USER WEBMASTER SUPPORTER

IP	Date	Comment	Categories
148.113.208.45	07 Feb 2025	148.113.208.45 - - [07/Feb/2025:12:17:01 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show more148.113.208.45 - - [07/Feb/2025:12:17:01 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
173.182.157.105	07 Feb 2025	2025-02-07T11:32:09.916857-05:00 shotty sshd[114504]: error: PAM: Authentication failure for minecra ... show more2025-02-07T11:32:09.916857-05:00 shotty sshd[114504]: error: PAM: Authentication failure for minecraft from 173.182.157.105 2025-02-07T11:32:15.667412-05:00 shotty sshd[114504]: error: PAM: Authentication failure for minecraft from 173.182.157.105 2025-02-07T11:32:21.399149-05:00 shotty sshd[114504]: error: PAM: Authentication failure for minecraft from 173.182.157.105 ... show less	Brute-Force SSH
172.169.190.75	07 Feb 2025	172.169.190.75 - - [07/Feb/2025:08:51:02 -0500] "GET /manager/html HTTP/1.1" 400 255 "-" "Mozilla/5. ... show more172.169.190.75 - - [07/Feb/2025:08:51:02 -0500] "GET /manager/html HTTP/1.1" 400 255 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
51.8.231.182	07 Feb 2025	51.8.231.182 - - [07/Feb/2025:07:39:33 -0500] "GET / HTTP/1.1" 400 255 "-" "Mozilla/5.0 zgrab/0.x"<b ... show more51.8.231.182 - - [07/Feb/2025:07:39:33 -0500] "GET / HTTP/1.1" 400 255 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
66.240.192.85	07 Feb 2025	66.240.192.85 - - [07/Feb/2025:07:03:52 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x"< ... show more66.240.192.85 - - [07/Feb/2025:07:03:52 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
162.216.150.123	07 Feb 2025	162.216.150.123 - - [07/Feb/2025:06:27:38 -0500] "GET / HTTP/1.1" 302 145 "-" "Expanse, a Palo Alto ... show more162.216.150.123 - - [07/Feb/2025:06:27:38 -0500] "GET / HTTP/1.1" 302 145 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: [email protected]" ... show less	Hacking Web App Attack
172.169.190.143	07 Feb 2025	172.169.190.143 - - [07/Feb/2025:05:40:57 -0500] "GET /autodiscover/autodiscover.json?@zdi/Powershel ... show more172.169.190.143 - - [07/Feb/2025:05:40:57 -0500] "GET /autodiscover/autodiscover.json?@zdi/Powershell HTTP/1.1" 200 562 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
198.235.24.221	07 Feb 2025	198.235.24.221 - - [07/Feb/2025:02:11:54 -0500] "GET / HTTP/1.1" 302 145 "-" "Expanse, a Palo Alto N ... show more198.235.24.221 - - [07/Feb/2025:02:11:54 -0500] "GET / HTTP/1.1" 302 145 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: [email protected]" ... show less	Hacking Web App Attack
13.87.128.32	07 Feb 2025	13.87.128.32 - - [07/Feb/2025:01:46:08 -0500] "GET /version HTTP/1.1" 200 564 "-" "Mozilla/5.0 zgrab ... show more13.87.128.32 - - [07/Feb/2025:01:46:08 -0500] "GET /version HTTP/1.1" 200 564 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
198.235.24.91	07 Feb 2025	198.235.24.91 - - [06/Feb/2025:20:22:41 -0500] "GET / HTTP/1.0" 301 169 "-" "Expanse, a Palo Alto Ne ... show more198.235.24.91 - - [06/Feb/2025:20:22:41 -0500] "GET / HTTP/1.0" 301 169 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: [email protected]" ... show less	Hacking Web App Attack
35.203.211.192	07 Feb 2025	35.203.211.192 - - [06/Feb/2025:19:13:50 -0500] "GET / HTTP/1.1" 200 561 "-" "Expanse, a Palo Alto N ... show more35.203.211.192 - - [06/Feb/2025:19:13:50 -0500] "GET / HTTP/1.1" 200 561 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: [email protected]" ... show less	Hacking Web App Attack
172.206.140.252	06 Feb 2025	172.206.140.252 - - [06/Feb/2025:18:59:51 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x ... show more172.206.140.252 - - [06/Feb/2025:18:59:51 -0500] "GET / HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
134.122.122.31	06 Feb 2025	134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 ... show more134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" 134.122.122.31 - - [06/Feb/2025:17:53:14 -0500] "GET /Agile/default/login-cms.jsp HTTP/1.1" 302 145 "-" "Mozilla ... show less	Hacking Web App Attack
204.188.228.66	06 Feb 2025	204.188.228.66 - - [06/Feb/2025:12:46:56 -0500] "GET /ab2g HTTP/1.1" 200 567 "-" "Mozilla/5.0 zgrab/ ... show more204.188.228.66 - - [06/Feb/2025:12:46:56 -0500] "GET /ab2g HTTP/1.1" 200 567 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
52.226.158.167	06 Feb 2025	52.226.158.167 - - [06/Feb/2025:12:25:59 -0500] "GET /portal/redlion HTTP/1.1" 302 145 "-" "Mozilla/ ... show more52.226.158.167 - - [06/Feb/2025:12:25:59 -0500] "GET /portal/redlion HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
57.151.70.205	06 Feb 2025	57.151.70.205 - - [06/Feb/2025:09:08:36 -0500] "GET /actuator/health HTTP/1.1" 302 145 "-" "Mozilla/ ... show more57.151.70.205 - - [06/Feb/2025:09:08:36 -0500] "GET /actuator/health HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
173.249.14.251	06 Feb 2025	173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watch ... show more173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map HTTP/1.1" 302 145 "-" "-" 173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map HTTP/1.1" 302 145 "-" "-" 173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map HTTP/1.1" 302 145 "-" "-" 173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map HTTP/1.1" 302 145 "-" "-" 173.249.14.251 - - [06/Feb/2025:05:09:19 -0500] "POST /php/utils/createRemoteAppwebSession.php/watchTowr.js.map HTTP/1.1" 302 145 "-" "-" ... show less	Hacking Web App Attack
204.188.228.170	06 Feb 2025	204.188.228.170 - - [06/Feb/2025:03:45:39 -0500] "GET /ab2g HTTP/1.1" 200 561 "-" "Mozilla/5.0 zgrab ... show more204.188.228.170 - - [06/Feb/2025:03:45:39 -0500] "GET /ab2g HTTP/1.1" 200 561 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack
175.107.1.29	06 Feb 2025	175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTT ... show more175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0" 301 169 "-" "-" 175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0" 301 169 "-" "-" 175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0" 301 169 "-" "-" 175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0" 301 169 "-" "-" 175.107.1.29 - - [06/Feb/2025:02:16:42 -0500] "GET /boaform/admin/formLogin?username=ec8&psd=ec8 HTTP/1.0" 301 169 "-" "-" ... show less	Hacking Web App Attack
47.254.251.235	06 Feb 2025	47.254.251.235 - - [06/Feb/2025:00:51:27 -0500] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+a ... show more47.254.251.235 - - [06/Feb/2025:00:51:27 -0500] "POST /hello.world?%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input HTTP/1.1" 200 983 "-" "Custom-AsyncHttpClient" ... show less	Hacking Web App Attack
185.208.156.160	06 Feb 2025	185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 ... show more185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 (X11; Linux i686) Presto/2.12.388 Version/12.16" 185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 (X11; Linux i686) Presto/2.12.388 Version/12.16" 185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 (X11; Linux i686) Presto/2.12.388 Version/12.16" 185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 (X11; Linux i686) Presto/2.12.388 Version/12.16" 185.208.156.160 - - [05/Feb/2025:23:22:15 -0500] "GET /.git/config HTTP/1.1" 302 145 "-" "Opera/9.80 (X11; Linux i686) Presto/2.12.388 Version/12.16" ... show less	Hacking Web App Attack
5.255.118.183	06 Feb 2025	5.255.118.183 - - [05/Feb/2025:22:39:16 -0500] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D ... show more5.255.118.183 - - [05/Feb/2025:22:39:16 -0500] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D%22%22+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 302 145 "-" "python-requests/2.32.3" 5.255.118.183 - - [05/Feb/2025:22:39:16 -0500] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D%22%22+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 302 145 "-" "python-requests/2.32.3" 5.255.118.183 - - [05/Feb/2025:22:39:16 -0500] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D%22%22+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 302 145 "-" "python-requests/2.32.3" 5.255.118.183 - - [05/Feb/2025:22:39:16 -0500] "POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3D0+%ADd+disable_functions%3D%22%22+%ADd+allow_url_include%3D1+%ADd+auto_prepend_file%3Dphp://input HTTP/1.1" 302 145 "-" "python-requests/2.32.3" 5.255.118.183 - - [0 ... show less	Hacking Web App Attack
78.153.140.224	06 Feb 2025	78.153.140.224 - - [05/Feb/2025:21:35:06 -0500] "GET /../.env HTTP/1.1" 400 157 "-" "-" 78.153 ... show more78.153.140.224 - - [05/Feb/2025:21:35:06 -0500] "GET /../.env HTTP/1.1" 400 157 "-" "-" 78.153.140.224 - - [05/Feb/2025:21:35:28 -0500] "GET /temp/.env HTTP/1.1" 400 255 "-" "Mozilla/5.0 (Maemo; Linux; U; Sailfish; Mobile; rv:38.0) Gecko/38.0 Firefox/38.0 SailfishBrowser/1.0" 78.153.140.224 - - [05/Feb/2025:21:35:28 -0500] "GET /logs/.env HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36" 78.153.140.224 - - [05/Feb/2025:21:35:30 -0500] "GET /setup/.env HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.97 Safari/537.11" 78.153.140.224 - - [05/Feb/2025:21:35:35 -0500] "GET /wwwroot/.env HTTP/1.1" 400 255 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.10; rv:47.0) Gecko/20100101 Firefox/47.0" ... show less	Hacking Web App Attack
147.185.132.51	06 Feb 2025	147.185.132.51 - - [05/Feb/2025:20:47:28 -0500] "GET / HTTP/1.0" 301 169 "-" "Expanse, a Palo Alto N ... show more147.185.132.51 - - [05/Feb/2025:20:47:28 -0500] "GET / HTTP/1.0" 301 169 "-" "Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: [email protected]" ... show less	Hacking Web App Attack
2.57.122.161	06 Feb 2025	2.57.122.161 - - [05/Feb/2025:20:21:22 -0500] "GET /3/3/3/3/3/3/3/3/3/3/3/3/3/3/3/3 HTTP/1.1" 302 14 ... show more2.57.122.161 - - [05/Feb/2025:20:21:22 -0500] "GET /3/3/3/3/3/3/3/3/3/3/3/3/3/3/3/3 HTTP/1.1" 302 145 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Hacking Web App Attack