Light Theme · Dark Theme
Facebook Share Button Twitter Share Button Reddit Share Button

As an Amazon Associate I earn from qualifying purchases. All product links on this page are monetized.
Get a free trial of Backblaze Unlimited Online Backup.
Backup and sync your files with a free trial of Goodsync.

Most Recent Malicious IP Addresses

 

A hard drive crashes every 20 seconds. Backup and or synchronize your important files...

Here are the 25 most recent attacks on the servers from which my blocklists are compiled, sorted in order of recency without regard to the type of malicious attack. These IP's are literally up to the second because this list is generated when the page is requested. All times are expressed in America / New York time, adjusted for DST when applicable.

These IP addresses were gathered from block reports issued by firewalls running on servers that the author of this site personally owns or manages, and from hacker honeypots installed on sites that the author owns or manages.

A * in the ports column means that the port(s) has/have been redacted to protect non-standard port assignments.

You can check AbuseIPDB's current reports on the IP addresses by clicking the IP address links. Please note, however, that the owner of the IP address probably is not the party responsible for the malicious acts. Most Internet hackers, crackers, spammers, and scammers use either public proxy services, TOR, hacked servers, or infected or otherwise compromised personal computers to launch their attacks. Infected or compromised "Internet of Things" devices like routers, security cameras, and even thermostats also are being increasingly used for malicious Internet activity.

 

May 21, 2022 07:55:40 am
199.21.113.68
Ports 80, 443
GET /fckeditor/editor/filemanager/connectors/php/connector.php?Command=GetFoldersAndFiles
May 21, 2022 07:25:04 am
190.140.224.241
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services
May 21, 2022 07:22:36 am
121.145.211.80
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services
May 21, 2022 06:56:21 am
46.161.11.37
Ports 80, 443
Web form spam
May 21, 2022 06:41:32 am
139.59.118.231
Ports 80, 443
GET /index.php/xmlrpc.php?rsd HTTP/1.1
May 21, 2022 06:38:05 am
5.157.23.124
Ports 80, 443
Web form spam
May 21, 2022 06:32:52 am
104.129.3.216
Ports 80, 443
Web form spam
May 21, 2022 05:29:31 am
36.137.157.218
Ports 25, 465, 587
Multiple failed SASL logins
May 21, 2022 05:19:50 am
121.183.0.205
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services
May 21, 2022 04:55:30 am
179.42.252.167
Ports *
Distributed brute force attack
May 21, 2022 04:55:29 am
95.108.30.198
Ports *
Distributed brute force attack
May 21, 2022 04:55:28 am
223.197.134.182
Ports *
Distributed brute force attack
May 21, 2022 04:55:27 am
118.41.204.18
Ports *
Distributed brute force attack
May 21, 2022 04:55:25 am
92.101.176.73
Ports *
Distributed brute force attack
May 21, 2022 04:47:13 am
45.133.1.13
Ports 80, 443
GET /index.php/xmlrpc.php?rsd HTTP/1.1
May 21, 2022 04:17:29 am
20.253.177.71
Ports *
Botnet: Credential stuffing targeting dovecot
May 21, 2022 04:17:27 am
88.82.208.190
Ports *
Botnet: Credential stuffing targeting dovecot
May 21, 2022 04:17:15 am
113.177.115.108
Ports *
Botnet: Credential stuffing targeting dovecot
May 21, 2022 04:12:48 am
36.133.127.123
Ports 25, 465, 587
Multiple failed SASL logins
May 21, 2022 07:52:37 am
168.90.199.169
Ports 80, 443
Web form spam (honeypot)
May 21, 2022 03:51:21 am
190.32.127.74
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services
May 21, 2022 03:48:07 am
77.51.27.234
Ports 80, 443
Web form spam
May 21, 2022 03:48:04 am
46.161.11.37
Ports 80, 443
Web form spam
May 21, 2022 03:33:03 am
217.160.145.62
Ports 80, 443
GET /wp-admin/admin-ajax.php HTTP/1.1
May 21, 2022 03:31:33 am
123.193.227.137
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services

 

Are you in business? Create an Amazon Business Account.