π«π·
tavis.page
2026-05-18 07:50:58
(1 month ago)
Blocked by UFW on server [443/tcp]
Source port: 11012
TTL: 50
Packet length: 60
TOS: 0x00
This repo ...
show more
Blocked by UFW on server [443/tcp]
Source port: 11012
TTL: 50
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
π§π·
SOC Blue Team
2025-12-01 12:40:52
(7 months ago)
Tatic: TA0006 | Technique: T1110 | Source: TAP | Country Destination: BR
Brute-Force
π§π·
SOC Blue Team
2025-11-29 17:30:13
(7 months ago)
Tatic: TA0006 | Technique: T1110 | Source: TAP | Country Destination: BR
Brute-Force
πΊπΈ
TPI-Abuse
2025-01-12 08:06:40
(1 year ago)
(mod_security) mod_security (id:225170) triggered by 172.68.26.58 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:225170) triggered by 172.68.26.58 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jan 12 03:06:33.767420 2025] [security2:error] [pid 740564:tid 740564] [client 172.68.26.58:48532] [client 172.68.26.58] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||newmanwood.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "newmanwood.com"] [uri "/wp-json/wp/v2/users/"] [unique_id "Z4N4CVU4uNhF_KSdm4FT5gAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πͺπΈ
robotstxt
2024-11-12 10:41:46
(1 year ago)
172.68.26.58 - - [12/Nov/2024:10:41:01 +0000] "POST /wp-admin/admin-ajax.php HTTP/2.0" 400 1 "https: ...
show more
172.68.26.58 - - [12/Nov/2024:10:41:01 +0000] "POST /wp-admin/admin-ajax.php HTTP/2.0" 400 1 "https://economipedia.com/definiciones/contabilidad.html" rt="0.288" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.69 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "66.249.73.132" h="economipedia.com" sn="economipedia.com" ru="/wp-admin/admin-ajax.php" u="/wp-admin/admin-ajax.php" ucs="-" ua="unix:/var/run/php/economipedia74.sock" us="400" uct="0.000" urt="0.288"
172.68.26.58 - - [12/Nov/2024:10:41:05 +0000] "POST /wp-admin/admin-ajax.php HTTP/2.0" 400 1 "https://economipedia.com/definiciones/grafico-de-columnas.html" rt="0.241" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.6723.69 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "66.249.73.132" h="economipedia.com" sn="economipedia.com" ru="
...
show less
Web Spam
Web App Attack
πΊπΈ
thefoofighter
2024-11-04 00:19:19
(1 year ago)
[Mon Nov 04 00:18:50.626306 2024] [:error] [pid 3288683] [client 172.68.26.58:45734] [client 172.68. ...
show more
[Mon Nov 04 00:18:50.626306 2024] [:error] [pid 3288683] [client 172.68.26.58:45734] [client 172.68.26.58] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "93"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.2"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "www.cathalmcnally.com"] [uri "/"] [unique_id "ZygS6qWocChvd5ocGNADtAAAAAU"], referer: https://www.cathalmcnally.com/?rest_route=%2Fjetpack%2Fv4%2Fconnection%2F&_for=jetpack&token=%28rXC1K%5EsfQ7%5EC%29Ss8lHR9%250%21k%26lRMnEm%3A1%3A0×tamp=1730679530&nonce=z5MbbpkPMC&body-hash&signature=XBn%2BRgHvswhSP9l6av%2FJiIbl1M8%3D
[Mon Nov 04 00:18:51.637645 2024] [:error] [pid 3288683] [client 172.68.26.58:45734] [client 172.68.26.58] ModSecurity: Access denied with code 403 (phase 2).
...
show less
Bad Web Bot
Web App Attack
πΈπ¬
oncord
2024-10-01 04:14:41
(1 year ago)
Form spam
Web Spam
Anonymous
2024-08-01 00:13:30
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-07-08 08:35:24
(1 year ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-29 17:59:32
(2 years ago)
[Sat Jun 29 19:59:30.840906 2024] [authz_core:error] [pid 27952] [client 172.68.26.58:40736] AH01630 ...
show more
[Sat Jun 29 19:59:30.840906 2024] [authz_core:error] [pid 27952] [client 172.68.26.58:40736] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Jun 29 19:59:30.984132 2024] [authz_core:error] [pid 27952] [client 172.68.26.58:40736] AH01630: client denied by server configuration: /etc/httpd/htdocs
[Sat Jun 29 19:59:31.126813 2024] [authz_core:error] [pid 27952] [client 172.68.26.58:40736] AH01630: client denied by server configuration: /etc/httpd/htdocs
...
show less
Web App Attack
Anonymous
2024-06-24 09:05:29
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-06-19 00:32:57
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπ¦
URAN Publishing Service
2024-06-04 18:34:25
(2 years ago)
172.68.26.58 - - [04/Jun/2024:21:34:19 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php ...
show more
172.68.26.58 - - [04/Jun/2024:21:34:19 +0300] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 280 "-" "-"
172.68.26.58 - - [04/Jun/2024:21:34:24 +0300] "GET /wp-content/plugins/pwnd-1/pwnd.php HTTP/1.1" 404 196 "-" "-"
...
show less
Web App Attack
Anonymous
2024-05-31 04:04:06
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
Anonymous
2024-05-30 02:39:23
(2 years ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH