๐ช๐ธ
gnom4ik
2026-07-12 20:16:24
(1 day ago)
ban-reviewer auto report; ip=121.41.166.225; scenario=ssh:bruteforce; scenario_context=ssh:bruteforc ...
show more
ban-reviewer auto report; ip=121.41.166.225; scenario=ssh:bruteforce; scenario_context=ssh:bruteforce,firehol_greensnow; verdict=valid_ban; confidence=0.92; categories=18,22; active_decisions=2; lookback_decisions=2; nginx_requests=0; appsec_matches=0; auth_events=0; kernel_events=0; signals=ip_decision_count_high
show less
Brute-Force
SSH
๐บ๐ธ
cazae
2026-07-12 15:15:59
(1 day ago)
Unauthorized attempt on debian [8012/tcp]
Source port: 49293
TTL: 235
Packet length: 40
TOS: 0x08
h ...
show more
Unauthorized attempt on debian [8012/tcp]
Source port: 49293
TTL: 235
Packet length: 40
TOS: 0x08
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ซ๐ท
Fasetech
2026-07-10 08:08:47
(3 days ago)
SecLedge detected suspicious activity. Score: 2766.48. Sensor: T-Pot.
Brute-Force
๐ญ๐ฐ
pengpeng
2026-07-07 11:41:41
(6 days ago)
monitor: on ser162528253480 | port: 50943 | ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Repor ...
show more
monitor: on ser162528253480 | port: 50943 | ttl: 127 script: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฉ๐ช
acadeova
2026-07-06 03:25:37
(1 week ago)
๐จ Recon detected (nft drop)
SRC=121.41.166.225
Observed=TCP dpt=10124 in=enp0s6 ttl=241
Time=recent( ...
show more
๐จ Recon detected (nft drop)
SRC=121.41.166.225
Observed=TCP dpt=10124 in=enp0s6 ttl=241
Time=recent(journalctl: 10 minutes ago)
Assessment=Generic scanning / reconnaissance (PORT_SCAN)
show less
Port Scan
๐ซ๐ท
Little Iguana
2026-07-05 16:02:30
(1 week ago)
trying to access non-authorized port
Port Scan
๐ฉ๐ช
DAUGDE
2026-07-02 19:24:03
(1 week ago)
2026-07-02T21:23:57.752536+02:00 v2202104133598150667 9275893e7080[3576376]: Jul 2 21:23:57 9275893 ...
show more
2026-07-02T21:23:57.752536+02:00 v2202104133598150667 9275893e7080[3576376]: Jul 2 21:23:57 9275893e7080 postfix/smtps/smtpd[46330]: lost connection after CONNECT from unknown[121.41.166.225]
2026-07-02T21:24:02.705511+02:00 v2202104133598150667 9275893e7080[3576376]: Jul 2 21:24:02 9275893e7080 postfix/submission/smtpd[46335]: lost connection after CONNECT from unknown[121.41.166.225]
2026-07-02T21:24:02.949465+02:00 v2202104133598150667 9275893e7080[3576376]: Jul 2 21:24:02 9275893e7080 postfix/submission/smtpd[46335]: improper command pipelining after CONNECT from unknown[121.41.166.225]: EHLO\r\n
...
show less
Email Spam
Spoofing
Brute-Force
Anonymous
2026-07-01 02:58:31
(1 week ago)
fail2ban:piguard:14,18
Port Scan
Brute-Force
๐บ๐ธ
LockBlock
2026-06-26 13:37:17
(2 weeks ago)
2026-06-26 13:37:17: Port scan detected from 121.41.166.225 on port 2000 of racknerd-e7e1a9
Port Scan
Anonymous
2026-06-26 01:09:01
(2 weeks ago)
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-bad-user-agent; Action=ban; Events ...
show more
IncogNET WAF local CrowdSec decision. Scenario=crowdsecurity/http-bad-user-agent; Action=ban; Events=2; Hosts=45.137.198.87; Paths=/nmaplowercheck1782434360,/sdk; Country=CN; ASN=37963 Hangzhou Alibaba Advertising Co.,Ltd.
show less
Hacking
๐ซ๐ท
Fasetech
2026-06-24 10:29:37
(2 weeks ago)
SecLedge detected suspicious activity. Score: 2766.48. Sensor: T-Pot.
Brute-Force
๐ฌ๐ง
PeravixGroup
2026-06-22 02:59:34
(3 weeks ago)
Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. ...
show more
Honeypot detection: Remote Desktop Protocol (RDP) brute-force attempt on port 3389. Severity: HIGH. Aaran.cloud
show less
Brute-Force
Hacking
๐จ๐ฆ
smithoo4
2026-06-21 04:32:10
(3 weeks ago)
121.41.166.225 - - [21/Jun/2026:00:32:08 -0400] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT ...
show more
121.41.166.225 - - [21/Jun/2026:00:32:08 -0400] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
121.41.166.225 - - [21/Jun/2026:00:32:09 -0400] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.115 Safari/537.36"
...
show less
Port Scan
Bad Web Bot
๐บ๐ธ
sandra361
2026-06-06 23:33:01
(1 month ago)
Port scan detected: 37 attempts across 37 ports (11308,11701,11810,12061,12600,13455,16378,18600,187 ...
show more
Port scan detected: 37 attempts across 37 ports (11308,11701,11810,12061,12600,13455,16378,18600,1871,19024,19166,20047,20101,28012,2810,28801,30066,30607,31050,32022,42002,4705,49214,51372,51397,5580,58182,59032,5926,61144,6806,7867,8194,8847,9108,9403,9904). | Evidence: GHOST_SCAN:IN=enp1s0 OUT= SRC=121.41.166.225 LEN=40 TOS=0x00 PREC=0x00 TTL=232 ID=2415 PROTO=TCP SPT=48735 DPT=28012 WINDOW=1024 RES=0x00 SYN URGP=0
show less
Port Scan
๐ญ๐ฐ
PingMeMaybe
2026-06-05 19:15:58
(1 month ago)
Blocked by UFW on hk [39994/tcp]
Source port: 46892
TTL: 236
Packet length: 40
TOS: 0x00
This repor ...
show more
Blocked by UFW on hk [39994/tcp]
Source port: 46892
TTL: 236
Packet length: 40
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan