Table of contents
Origin server only shows Cloudflare IP's so I decided to add this UA to my WAF with a Managed Challenge. After roughly 30 minutes and almost 100 hits on it CSR was 0%. Looking at the CF logs for the specific WAF shows IP's and locations from everywhere(US, UK, India, China, Nigeria, etc) and when I check IP's at abuseipdb.com they're all clean but none of them seem to get through the managed challenge. I removed... Source: 8 months ago
Switched to Maspik Anti-Spam, with a manually curated list of keywords, and integration with abuseipdb.com and proxycheck.io. But both of those were also causing false positives, especially from my co-worker who uses a virtual machine, so upped the tolerance to 70 on both. Source: 12 months ago
This install of Docker is only a few days old. Most of the IPs associated are showing "banned" on abuseipdb.com. Source: 12 months ago
People build lists like OP is all the time, have you seen https://abuseipdb.com/? Source: about 1 year ago
To keep your Synology safe, regularly update list of blocked ip addresses. I'm using this script, which takes list of ip addresses from blocklist.de and abuseipdb.com and add them to my block list. I keep them blocked forever. Source: about 1 year ago
I am seeing the same activity with Rich Client 1.2.7, lots of reports of credential stuffing from the related IP's on abuseipdb.com whenever I check. Source: about 1 year ago
These are the kind of IPs that tries to bruteforce my SSH everyday, go checkout abuseipdb, they are from all over the world, either infected devices or proxy servers. Source: over 1 year ago
Anyone ever use abuseipdb.com before to check on hostnames and ip addresses? I keep seeing mixed reviews on it but seems legit for most part. Source: over 1 year ago
Firstly I'd enter all suspicious IPs into abuseipdb.com. Source: almost 2 years ago
Https://abuseipdb.com/ = legit, free, community-driven. Source: about 2 years ago
Ran a malwarebytes and windows defender scan and both came back fine. I don't see any suspicious processes or anything. Sfc /scannow comes back fine. Checked all connections shown by netstat /ano on abuseipdb.com and they were all non-suspicious seeming ( Microsoft, cloudflare, facebook, google, and akamai IP's ). Used autoruns from sysinternals and checked anything I didn't recognize on virustotal. So hopefully... Source: about 2 years ago
Thanks, H-E-C! I forgot all about the POP relationship. I heard Starlink folks here in Italy are showing up as being in Rome, which is quite ok. Nice tip with abuseipdb.com as well :). Source: over 2 years ago
My current ever expanding list. You all should use fail2ban and abuseipdb. Source: about 3 years ago
Do you know an article comparing AbuseIPDB to other products?
Suggest a link to a post with product alternatives.
This is an informative page about AbuseIPDB. You can review and discuss the product here. The primary details have not been verified within the last quarter, and they might be outdated. If you think we are missing something, please use the means on this page to comment or suggest changes. All reviews and comments are highly encouranged and appreciated as they help everyone in the community to make an informed choice. Please always be kind and objective when evaluating a product and sharing your opinion.
