RF68 - AbuseIPDB User Profile

Check an IP Address, Domain Name, or Subnet

e.g. 3.215.77.193, microsoft.com, or 5.188.10.0/24

User RF68 joined AbuseIPDB in August 2020 and has reported 9,589 IP addresses.

Standing (weight) is good.

ACTIVE USER WEBMASTER

IP	Date	Comment	Categories
176.67.0.18	39 minutes ago	IP hidden:80 176.67.0.18 - - [19/Apr/2021:05:09:02 +0200] "GET / HTTP/1.0" 403 363 "-" "-" IP ... show moreIP hidden:80 176.67.0.18 - - [19/Apr/2021:05:09:02 +0200] "GET / HTTP/1.0" 403 363 "-" "-" IP hidden:80 176.67.0.18 - - [19/Apr/2021:05:11:01 +0200] "GET / HTTP/1.0" 403 363 "-" "-" ... show less	Exploited Host Web App Attack
192.241.215.61	57 minutes ago	IP hidden:80 192.241.215.61 - - [19/Apr/2021:04:51:10 +0200] "GET /login HTTP/1.1" 403 3368 "-" "Moz ... show moreIP hidden:80 192.241.215.61 - - [19/Apr/2021:04:51:10 +0200] "GET /login HTTP/1.1" 403 3368 "-" "Mozilla/5.0 zgrab/0.x" IP hidden:80 192.241.215.61 - - [19/Apr/2021:04:52:47 +0200] "GET /login HTTP/1.1" 403 3335 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Exploited Host Web App Attack
192.241.218.49	1 hour ago	IP hidden:80 192.241.218.49 - - [19/Apr/2021:04:30:29 +0200] "GET /ReportServer HTTP/1.1" 403 3368 " ... show moreIP hidden:80 192.241.218.49 - - [19/Apr/2021:04:30:29 +0200] "GET /ReportServer HTTP/1.1" 403 3368 "-" "Mozilla/5.0 zgrab/0.x" IP hidden:80 192.241.218.49 - - [19/Apr/2021:04:30:46 +0200] "GET /ReportServer HTTP/1.1" 403 3335 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Exploited Host Web App Attack
61.242.54.194	1 hour ago	Apr 19 04:04:53 [2084927.763517] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=61.242.54.194 DS ... show moreApr 19 04:04:53 [2084927.763517] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=61.242.54.194 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=34588 DF PROTO=TCP SPT=21601 DPT=23 WINDOW=14520 RES=0x00 SYN URGP=0 Apr 19 04:04:54 [2084928.764303] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=61.242.54.194 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=34589 DF PROTO=TCP SPT=21601 DPT=23 WINDOW=14520 RES=0x00 SYN URGP=0 ... show less	Port Scan
5.188.206.162	2 hours ago	Apr 19 03:49:39 postfix/smtpd[19343]: connect from unknown[5.188.206.162] ...	Email Spam Brute-Force
134.209.240.22	2 hours ago	--IP hidden--:80 134.209.240.22 - - [19/Apr/2021:03:42:00 +0200] "POST /_ignition/execute-solution H ... show more--IP hidden--:80 134.209.240.22 - - [19/Apr/2021:03:42:00 +0200] "POST /_ignition/execute-solution HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0" --IP hidden--:80 134.209.240.22 - - [19/Apr/2021:03:42:00 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0" ... show less	Exploited Host Web App Attack
5.188.206.166	2 hours ago	Apr 19 03:18:16 postfix/smtpd[19063]: connect from unknown[5.188.206.166] ...	Email Spam Brute-Force
51.38.40.95	2 hours ago	--IP hidden--:80 51.38.40.95 - - [19/Apr/2021:03:06:01 +0200] "POST /_ignition/execute-solution HTTP ... show more--IP hidden--:80 51.38.40.95 - - [19/Apr/2021:03:06:01 +0200] "POST /_ignition/execute-solution HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0" --IP hidden--:80 51.38.40.95 - - [19/Apr/2021:03:06:01 +0200] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:78.0) Gecko/20100101 Firefox/78.0" ... show less	Exploited Host Web App Attack
165.227.87.60	2 hours ago	IP hidden:80 165.227.87.60 - - [19/Apr/2021:03:02:54 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozill ... show moreIP hidden:80 165.227.87.60 - - [19/Apr/2021:03:02:54 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" IP hidden:80 165.227.87.60 - - [19/Apr/2021:03:02:54 +0200] "POST / HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Exploited Host Web App Attack
45.144.214.3	4 hours ago	Apr 18 22:58:21 [2066536.298735] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=45.144.214.3 DST ... show moreApr 18 22:58:21 [2066536.298735] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=45.144.214.3 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=247 ID=21224 PROTO=TCP SPT=44136 DPT=23022 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 19 00:27:04 [2071859.136739] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=45.144.214.3 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=246 ID=3370 PROTO=TCP SPT=44136 DPT=58722 WINDOW=1024 RES=0x00 SYN URGP=0 A ... show less	Port Scan
142.93.223.34	4 hours ago	IP hidden:80 142.93.223.34 - - [19/Apr/2021:00:47:53 +0200] "GET /_ignition/execute-solution HTTP/1. ... show moreIP hidden:80 142.93.223.34 - - [19/Apr/2021:00:47:53 +0200] "GET /_ignition/execute-solution HTTP/1.1" 403 400 "-" "python-requests/2.18.4" IP hidden:80 142.93.223.34 - - [19/Apr/2021:00:51:45 +0200] "GET /_ignition/execute-solution HTTP/1.1" 403 400 "-" "python-requests/2.18.4" ... show less	Exploited Host Web App Attack
161.117.177.173	5 hours ago	Apr 18 21:42:41 -- [1798869.241469] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=161.117.177. ... show moreApr 18 21:42:41 -- [1798869.241469] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=161.117.177.173 DST=--IP hidden-- LEN=40 TOS=0x08 PREC=0x40 TTL=229 ID=53431 PROTO=TCP SPT=54845 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 21:47:13 -*- [1799141.732348] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=161.117.177.173 DST=--IP hidden-- LEN=40 TOS=0x08 PREC=0x40 TTL=229 ID=18161 PROTO=TCP SPT=55164 DPT=2376 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 19 0 ... show less	Port Scan
222.138.190.18	5 hours ago	Apr 19 00:09:17 [2070791.552121] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=222.138.190.18 D ... show moreApr 19 00:09:17 [2070791.552121] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=222.138.190.18 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=36451 DF PROTO=TCP SPT=35790 DPT=8080 WINDOW=29040 RES=0x00 SYN URGP=0 Apr 19 00:09:18 [2070792.554423] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=222.138.190.18 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=50 ID=36452 DF PROTO=TCP SPT=35790 DPT=8080 WINDOW=29040 RES=0x00 SYN ... show less	Port Scan
192.241.214.170	6 hours ago	IP hidden:80 192.241.214.170 - - [18/Apr/2021:23:46:28 +0200] "GET /ecp/Current/exporttool/microsoft ... show moreIP hidden:80 192.241.214.170 - - [18/Apr/2021:23:46:28 +0200] "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 403 3335 "-" "Mozilla/5.0 zgrab/0.x" IP hidden:80 192.241.214.170 - - [18/Apr/2021:23:48:03 +0200] "GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1" 403 3368 "-" "Mozilla/5.0 zgrab/0.x" ... show less	Exploited Host Web App Attack
5.188.206.164	6 hours ago	Apr 18 23:46:57 postfix/smtpd[5850]: connect from unknown[5.188.206.164] ...	Email Spam Brute-Force
3.136.85.249	6 hours ago	IP hidden:80 3.136.85.249 - - [18/Apr/2021:23:27:43 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla ... show moreIP hidden:80 3.136.85.249 - - [18/Apr/2021:23:27:43 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" IP hidden:80 3.136.85.249 - - [18/Apr/2021:23:27:43 +0200] "GET /.env HTTP/1.1" 403 400 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36" ... show less	Exploited Host Web App Attack
120.85.199.235	6 hours ago	Apr 18 22:59:46 [2066620.936415] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=120.85.199.235 D ... show moreApr 18 22:59:46 [2066620.936415] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=120.85.199.235 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=46500 DF PROTO=TCP SPT=49545 DPT=8080 WINDOW=14520 RES=0x00 SYN URGP=0 Apr 18 22:59:47 [2066621.937368] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=120.85.199.235 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=51 ID=46501 DF PROTO=TCP SPT=49545 DPT=8080 WINDOW=14520 RES=0x00 SYN ... show less	Port Scan
159.75.140.80	6 hours ago	Apr 18 22:46:43 [2065837.795985] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=159.75.140.80 DS ... show moreApr 18 22:46:43 [2065837.795985] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=159.75.140.80 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=45073 PROTO=TCP SPT=58725 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 22:54:39 [2066314.150652] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=159.75.140.80 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=236 ID=3093 PROTO=TCP SPT=59248 DPT=2376 WINDOW=1024 RES=0x00 SYN URGP=0 A ... show less	Port Scan
101.37.28.27	7 hours ago	Apr 18 17:54:53 -- [1785201.052388] [UFW BLOCK] OUT= MAC=00:26:51:cb:6d:c4:08:00 SRC=101.37.28.27 ... show moreApr 18 17:54:53 -- [1785201.052388] [UFW BLOCK] OUT= MAC=00:26:51:cb:6d:c4:08:00 SRC=101.37.28.27 DST=--IP hidden-- LEN=40 TOS=0x08 PREC=0x20 TTL=236 ID=48226 PROTO=TCP SPT=41076 DPT=2376 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 22:22:14 -*- [1801242.116178] [UFW BLOCK] OUT= MAC=00:26:51:cb:6d:c4:08:00 SRC=101.37.28.27 DST=--IP hidden-- LEN=40 TOS=0x08 PREC=0x20 TTL=236 ID=39064 PROTO=TCP SPT=57113 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 22:42:4 ... show less	Port Scan
106.14.8.1	7 hours ago	Apr 18 22:34:27 [2065101.703924] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=106.14.8.1 DST=I ... show moreApr 18 22:34:27 [2065101.703924] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=106.14.8.1 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=52219 PROTO=TCP SPT=58039 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 22:34:50 [2065124.904579] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=106.14.8.1 DST=IP hidden LEN=40 TOS=0x00 PREC=0x00 TTL=235 ID=47898 PROTO=TCP SPT=58039 DPT=2375 WINDOW=1024 RES=0x00 SYN URGP=0 Apr 18 ... show less	Port Scan
90.217.75.19	7 hours ago	Apr 18 21:45:16 [2062151.192066] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=90.217.75.19 DST ... show moreApr 18 21:45:16 [2062151.192066] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=90.217.75.19 DST=IP hidden LEN=44 TOS=0x00 PREC=0x00 TTL=56 ID=35293 PROTO=TCP SPT=50596 DPT=23 WINDOW=63525 RES=0x00 SYN URGP=0 Apr 18 21:45:38 [2062173.197760] [UFW BLOCK] OUT= MAC=00:01:e8:d8:94:d8:08:00 SRC=90.217.75.19 DST=IP hidden LEN=44 TOS=0x00 PREC=0x00 TTL=56 ID=35293 PROTO=TCP SPT=50596 DPT=23 WINDOW=63525 RES=0x00 SYN URGP=0 Apr 18 ... show less	Port Scan
111.229.105.44	8 hours ago	IP hidden:80 111.229.105.44 - - [18/Apr/2021:21:39:52 +0200] "GET /index.php HTTP/1.1" 403 400 "-" " ... show moreIP hidden:80 111.229.105.44 - - [18/Apr/2021:21:39:52 +0200] "GET /index.php HTTP/1.1" 403 400 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" IP hidden:80 111.229.105.44 - - [18/Apr/2021:21:39:53 +0200] "GET /phpmyadmin/index.php HTTP/1.1" 403 344 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0" ... show less	Exploited Host Web App Attack
115.231.144.4	8 hours ago	Apr 18 21:20:23 [2060657.584114] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=115.231.144.4 DS ... show moreApr 18 21:20:23 [2060657.584114] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=115.231.144.4 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=34 ID=32692 DF PROTO=TCP SPT=25028 DPT=8080 WINDOW=14520 RES=0x00 SYN URGP=0 Apr 18 21:20:24 [2060658.583374] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=115.231.144.4 DST=IP hidden LEN=60 TOS=0x00 PREC=0x00 TTL=34 ID=32693 DF PROTO=TCP SPT=25028 DPT=8080 WINDOW=14520 RES=0x00 SYN UR ... show less	Port Scan
122.228.19.80	9 hours ago	Apr 18 19:48:03 [2055117.348943] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=122.228.19.80 DS ... show moreApr 18 19:48:03 [2055117.348943] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=122.228.19.80 DST=IP hidden LEN=44 TOS=0x00 PREC=0x00 TTL=108 ID=21569 PROTO=TCP SPT=31761 DPT=22648 WINDOW=29200 RES=0x00 SYN URGP=0 Apr 18 20:13:38 [2056653.257412] [UFW BLOCK] OUT= MAC=00:01:e8:d8:95:35:08:00 SRC=122.228.19.80 DST=IP hidden LEN=44 TOS=0x00 PREC=0x00 TTL=107 ID=18305 PROTO=TCP SPT=64794 DPT=2213 WINDOW=29200 RES=0x00 SYN URGP= ... show less	Port Scan
104.41.130.130	9 hours ago	Apr 18 20:24:04 -- [1794152.593695] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=104.41.130.1 ... show moreApr 18 20:24:04 -- [1794152.593695] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=104.41.130.130 DST=--IP hidden-- LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=30194 PROTO=TCP SPT=27657 DPT=23 WINDOW=16673 RES=0x00 SYN URGP=0 Apr 18 20:24:05 -*- [1794153.393805] [UFW BLOCK] OUT= MAC=00:26:51:c9:0d:c4:08:00 SRC=104.41.130.130 DST=--IP hidden-- LEN=40 TOS=0x00 PREC=0x00 TTL=46 ID=30194 PROTO=TCP SPT=27657 DPT=23 WINDOW=16673 RES=0x00 SYN URGP=0 Apr 18 20:24:0 ... show less	Port Scan