ValtonTahiri - AbuseIPDB User Profile

User ValtonTahiri joined AbuseIPDB in July 2021 and has reported 112,377 IP addresses.

Standing (weight) is good.

ACTIVE USER WEBMASTER SUPPORTER

IP	Date	Comment	Categories
85.209.11.227	30 Nov 2023	MASS SSH BRUTEFORCE	Hacking Brute-Force Exploited Host SSH
85.209.11.227	30 Nov 2023	MASS SSH BRUTEFORCE	Hacking Brute-Force Exploited Host SSH
85.209.11.227	30 Nov 2023	MASS SSH BRUTEFORCE	Hacking Brute-Force Exploited Host SSH
85.209.11.227	30 Nov 2023	Nov 30 11:44:18 lapsi-new sshd[644941]: Failed password for invalid user telecomadmin from 85.209.11 ... show moreNov 30 11:44:18 lapsi-new sshd[644941]: Failed password for invalid user telecomadmin from 85.209.11.227 port 6653 ssh2 Nov 30 11:47:04 lapsi-new sshd[645507]: Invalid user support from 85.209.11.227 port 7886 Nov 30 11:47:04 lapsi-new sshd[645507]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.209.11.227 Nov 30 11:47:04 lapsi-new sshd[645507]: Invalid user support from 85.209.11.227 port 7886 Nov 30 11:47:06 lapsi-new sshd[645507]: Failed password for invalid user support from 85.209.11.227 port 7886 ssh2 ... show less	Hacking Brute-Force SSH
74.125.208.37	30 Nov 2023	74.125.208.37 - 127.0.0.1 - - [30/Nov/2023:12:38:01 +0100] "GET /module/ph_simpleblog/list?sb_catego ... show more74.125.208.37 - 127.0.0.1 - - [30/Nov/2023:12:38:01 +0100] "GET /module/ph_simpleblog/list?sb_category=%27)+OR+true--+- HTTP/1.1" 301 270876 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36,gzip(gfe)" show less	Hacking Web App Attack
77.91.68.249	01 Nov 2023	REDLINE STEALER	Hacking Web App Attack
15.223.76.44	26 Oct 2023	web app attack	Hacking Web App Attack
200.85.194.135	24 Oct 2023	www/delivery/cl.php?bannerid=4539&zoneid=27&sig=947d9f421817451419c22e163fae2268ef3703c59a706bf95b3e ... show morewww/delivery/cl.php?bannerid=4539&zoneid=27&sig=947d9f421817451419c22e163fae2268ef3703c59a706bf95b3ee8e25fde855a&dest=/etc/passwd HTTP/1.1" 404 5 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64; Rv:50.0) Gecko/20100101 Firefox/50.0" show less	Hacking SQL Injection Exploited Host Web App Attack
81.198.241.39	24 Oct 2023	81.198.241.39 - 127.0.0.1 [24/Oct/2023:07:15:35 +0000] "POST /wp-login.php HTTP/1.1" 200 9200 "-" "M ... show more81.198.241.39 - 127.0.0.1 [24/Oct/2023:07:15:35 +0000] "POST /wp-login.php HTTP/1.1" 200 9200 "-" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.0)" "81.198.241.39, 81.198.241.39"... show less	Hacking Brute-Force Web App Attack
43.134.121.212	22 Oct 2023	XSS	Hacking Web App Attack
15.235.202.199	18 Oct 2023	Mass Wordpress Bruteforce	Hacking Brute-Force Web App Attack
68.183.204.158	17 Oct 2023	Blacklisted IP 68.183.204.158, client: 172.69.214.194, server: gazetametro.net, request: "GET //utch ... show moreBlacklisted IP 68.183.204.158, client: 172.69.214.194, server: gazetametro.net, request: "GET //utchiha.php HTTP/1.1", host: "x.net", referrer: "http://x.net//utchiha.php" show less	Hacking Exploited Host Web App Attack
88.202.203.82	17 Oct 2023	ANTIDDOS: Blacklisted this Address: 2023/10/17 13:26:14 [error] 2359102#2359102: 35587908 [l ... show moreANTIDDOS: Blacklisted this Address: 2023/10/17 13:26:14 [error] 2359102#2359102: 35587908 [lua] main.lua:292: Blacklisted IP 88.202.203.82, client: x, server: kallxo.com, request: "GET /x/x-ne-xx/ HTTP/2.0", host: "x", referrer: "https://x.xxx/" show less	DDoS Attack Hacking Exploited Host Web App Attack
2607:fb90:93a3:8d4c:615d:622e:cdc2:9b5f	16 Oct 2023	ANTIDDOS: Blacklisted this Address: 2023/10/16 15:21:28 [error] 2359102#2359102: 35325953 [l ... show moreANTIDDOS: Blacklisted this Address: 2023/10/16 15:21:28 [error] 2359102#2359102: 35325953 [lua] main.lua:292: Blacklisted IP 2607:fb90:93a3:8d4c:615d:622e:cdc2:9b5f, client: xx, server: removed.com, request: "GET / HTTP/2.0", host: "www.removed.com", referrer: "https://www.removed.com/" show less	DDoS Attack Hacking Web App Attack
37.139.129.36	16 Oct 2023	XSS (Cross Site Scripting) attempt. US - 181.214.173.75 - 172.70.46.186 - 127.0.0.1 - - [16/O ... show moreXSS (Cross Site Scripting) attempt. US - 181.214.173.75 - 172.70.46.186 - 127.0.0.1 - - [16/Oct/2023:14:32:29 +0200] "GET /index.jsp?operatorlocale=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 301 270732 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36,gzip(gfe)" "181.214.173.75" show less	Hacking SQL Injection Brute-Force Web App Attack
178.222.245.76	16 Oct 2023	DDoS Attack	DDoS Attack Hacking Web App Attack
82.157.16.11	16 Oct 2023	82.157.16.11 - 162.158.187.55 [16/Oct/2023:10:00:16 +0200] "POST /wp-login.php HTTP/1.1" 200 3477 "- ... show more82.157.16.11 - 162.158.187.55 [16/Oct/2023:10:00:16 +0200] "POST /wp-login.php HTTP/1.1" 200 3477 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.67 Safari/537.36" "82.157.16.11" show less	Hacking Exploited Host Web App Attack
193.34.212.240	16 Oct 2023	web app attack sql injection	Hacking SQL Injection Web App Attack
206.189.204.202	10 Oct 2023	Shellshock attack detected	Hacking SQL Injection Bad Web Bot Exploited Host Web App Attack
138.199.63.109	10 Oct 2023	webops: Blacklisted this Address: 2023/10/10 13:28:08 [error] 4115#4115: 3892581 [lua] main. ... show morewebops: Blacklisted this Address: 2023/10/10 13:28:08 [error] 4115#4115: 3892581 [lua] main.lua:292: Blacklisted IP 138.199.63.109, client: 172.70.91.61, server: removed.com, request: "GET //cgi-bin/wp-content/wp-admin.php HTTP/2.0", host: "removed.com" show less	Open Proxy Hacking Exploited Host Web App Attack
18.188.133.71	10 Oct 2023	Attack on jenkins/config/jenkins.properties	Hacking Bad Web Bot Exploited Host Web App Attack
18.218.17.154	09 Oct 2023	ANTIDDOS: Blacklisted this Address: 2023/10/09 10:58:50 [error] 104280#104280: 18479563 [lua ... show moreANTIDDOS: Blacklisted this Address: 2023/10/09 10:58:50 [error] 104280#104280: 18479563 [lua] main.lua:292: Blacklisted IP 18.218.17.154, client: 172.70.127.54, server: 123 request: "GET /var/data/config.json show less	DDoS Attack Open Proxy Hacking SQL Injection Brute-Force Bad Web Bot Exploited Host Web App Attack
93.180.217.20	09 Oct 2023	/?q=abc DDoS attac	Hacking Web App Attack
185.139.56.133	09 Oct 2023	DDoS attack	Web App Attack
4.228.17.97	09 Oct 2023	DDoS Attacks	DDoS Attack Hacking Web App Attack