Light Theme · Dark Theme
Facebook Share Button Twitter Share Button Reddit Share Button

As an Amazon Associate I earn from qualifying purchases. All product links on this page are monetized.
Get a free trial of Backblaze Unlimited Online Backup.
Backup and sync your files with a free trial of Goodsync.

Worst Recent Malicious IP Addresses

 

Backup your employees laptops and desktops. Unlimited data backup for sixty dollars a year

Here are the IP addresses of up to 15 of the worst recent attackers on the servers from which my blocklists are compiled, sorted in order of number of attacks over the past three to six days, without regard to the specific type of malicious attack. The time refers to the most recent attack by the IP. All times are expressed in America / New York time, adjusted for DST when applicable.

These IP addresses were gathered from block reports issued by firewalls running on servers that the author of this site personally owns or manages, and from hacker honeypots installed on sites that the author owns or manages.

A * in the ports column means that the port(s) has/have been redacted to protect non-standard port assignments.

You can check AbuseIPDB's current reports on the IP addresses by clicking the IP address links. Please note, however, that the owner of the IP address probably is not the party responsible for the malicious acts. Most Internet hackers, crackers, spammers, and scammers use either public proxy services, TOR, hacked servers, or infected or otherwise compromised personal computers to launch their attacks. Infected or compromised "Internet of Things" devices like routers, security cameras, and even thermostats also are being increasingly used for malicious Internet activity.

 

Oct 14, 2021 11:05:36 pm
23.228.109.147
Ports 80, 443
GET /templates/index.html HTTP/1.1
Oct 18, 2021 07:20:39 am
34.146.173.151
Ports 80, 443
GET /blog/ HTTP/1.1
Oct 14, 2021 05:29:46 pm
85.203.46.238
Ports 80, 443
HEAD /old/backup.tar HTTP/1.1
Oct 16, 2021 01:48:36 am
198.98.51.189
Ports 80, 443
GET /.git/config HTTP/1.1
Oct 14, 2021 05:59:04 pm
79.101.44.3
Ports 80, 443
GET /wp-login.php HTTP/1.1
Oct 14, 2021 05:46:51 pm
85.203.45.79
Ports 80, 443
HEAD /old/website.tar.gz HTTP/1.1
Oct 14, 2021 05:20:06 pm
178.17.168.133
Ports 80, 443
HEAD /old/website.rar HTTP/1.1
Oct 14, 2021 05:13:12 pm
87.106.193.85
Ports 80, 443
GET /wp-login.php HTTP/1.1
Oct 14, 2021 05:04:48 pm
203.26.81.26
Ports 80, 443
HEAD /old/.well-known.zip HTTP/1.1
Oct 20, 2021 09:42:17 am
45.134.225.229
Ports 80, 443
GET /wp-login.php HTTP/1.1
Oct 20, 2021 10:22:41 am
159.203.176.82
Ports 80, 443
GET /wp-login.php HTTP/1.1
Oct 17, 2021 10:33:06 am
164.68.99.251
Ports 80, 443
GET /wp-login.php HTTP/1.1
Oct 18, 2021 11:48:37 pm
209.141.58.105
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services
Oct 17, 2021 01:24:41 am
222.186.43.74
Ports 80, 443
GET /data/admin/allowurl.txt HTTP/1.1
Oct 17, 2021 05:35:23 am
182.180.126.7
Ports 22, 1433, 1434, 3389, 8443, 10000, 17500
Probing for vulnerable services

 

Are you in business? Create an Amazon Business Account.