๐บ๐ฆ
URAN Publishing Service
2026-06-28 14:46:54
(1 week ago)
172.70.246.244 - - [28/Jun/2026:17:46:47 +0300] "GET /wp-admin/js/widgets/ HTTP/1.1" 404 684 "-" "Mo ...
show more
172.70.246.244 - - [28/Jun/2026:17:46:47 +0300] "GET /wp-admin/js/widgets/ HTTP/1.1" 404 684 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
172.70.246.244 - - [28/Jun/2026:17:46:54 +0300] "GET /wp-admin/user/ HTTP/1.1" 404 684 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
๐ฉ๐ช
Bedios GmbH
2026-06-18 15:50:36
(2 weeks ago)
Login credentials theft attempt
Hacking
๐ฉ๐ช
febrian.de
2026-06-17 15:45:46
(2 weeks ago)
Malicious HTTP(S) probing detected by Fail2Ban
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-05 19:45:09
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 05 15:45:04.329406 2026] [security2:error] [pid 4019:tid 4019] [client 172.70.246.244:10707] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "k0cgy.net"] [uri "/.git/config"] [unique_id "aiMnQLPdbEO7FhO7LnWVYAAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-04 06:37:09
(1 month ago)
172.70.246.244 - - [04/Jun/2026:09:37:08 +0300] "GET /wp-content/plugins/filester/assets/css/404.php ...
show more
172.70.246.244 - - [04/Jun/2026:09:37:08 +0300] "GET /wp-content/plugins/filester/assets/css/404.php HTTP/1.1" 404 767 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
172.70.246.244 - - [04/Jun/2026:09:37:08 +0300] "GET /wp-includes/blocks/latest-comments/template-loader.php HTTP/1.1" 404 767 "-" "Mozilla/5.0 (Linux x86_64; rv:79.0) Gecko/20100101 Firefox/79.0"
...
show less
Web App Attack
๐ท๐บ
DZBOT
2026-06-04 01:17:38
(1 month ago)
DZBOT: Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
mnsf
2026-06-02 18:05:12
(1 month ago)
Abuse Detected (1)
Brute-Force
Web App Attack
๐ซ๐ท
tavis.page
2026-05-18 06:22:37
(1 month ago)
Blocked by UFW on server [443/tcp]
Source port: 14160
TTL: 56
Packet length: 60
TOS: 0x00
This repo ...
show more
Blocked by UFW on server [443/tcp]
Source port: 14160
TTL: 56
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฉ๐ช
2048
2026-05-11 18:58:26
(1 month ago)
2026-05-11T20:58:23.331356+02:00 machodeer kernel: [1233819.794595] [UFW BLOCK] IN=ens3 OUT= MAC=RED ...
show more
2026-05-11T20:58:23.331356+02:00 machodeer kernel: [1233819.794595] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=13422 DF PROTO=TCP SPT=13564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
2026-05-11T20:58:24.355242+02:00 machodeer kernel: [1233820.818611] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=13423 DF PROTO=TCP SPT=13564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
2026-05-11T20:58:25.379173+02:00 machodeer kernel: [1233821.842565] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=13424 DF PROTO=TCP SPT=13564 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-05-10 19:02:56
(1 month ago)
(mod_security) mod_security (id:210730) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun May 10 15:02:46.514334 2026] [security2:error] [pid 1691:tid 1691] [client 172.70.246.244:12862] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||stenbot.com|F|2"] [data ".db"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "stenbot.com"] [uri "/.config/gcloud/credentials.db"] [unique_id "agDWVglCTzfkkyMXdQw0-wAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-01 04:40:24
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri May 01 00:40:18.109322 2026] [security2:error] [pid 4565:tid 4669] [client 172.70.246.244:9515] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "disability-blog.com"] [uri "/.git/config"] [unique_id "afQuslqrD39Zq5njWEObYAAAAkA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
2048
2026-04-28 10:20:00
(2 months ago)
2026-04-28T12:19:57.184468+02:00 machodeer kernel: [79511.820981] [UFW BLOCK] IN=ens3 OUT= MAC=REDAC ...
show more
2026-04-28T12:19:57.184468+02:00 machodeer kernel: [79511.820981] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=19056 DF PROTO=TCP SPT=11750 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
2026-04-28T12:19:58.247345+02:00 machodeer kernel: [79512.883988] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=19057 DF PROTO=TCP SPT=11750 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
2026-04-28T12:19:59.269330+02:00 machodeer kernel: [79513.906171] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=172.70.246.244 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=58 ID=19058 DF PROTO=TCP SPT=11750 DPT=80 WINDOW=65535 RES=0x00 SYN URGP=0
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-04-24 21:21:19
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Apr 24 17:21:14.427869 2026] [security2:error] [pid 5195:tid 5195] [client 172.70.246.244:10427] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "jacquelineperriam.com"] [uri "/.git/config"] [unique_id "aeveyjdWelXL_0cuH6Bj0wAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-23 07:31:25
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Apr 23 03:31:18.805520 2026] [security2:error] [pid 26218:tid 26218] [client 172.70.246.244:13971] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "aarentes.com"] [uri "/.git/config"] [unique_id "aenKxtbaN8Lc8qSuQtCU2wAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-04-13 16:30:51
(2 months ago)
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 172.70.246.244 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Apr 13 12:30:47.191924 2026] [security2:error] [pid 2488795:tid 2488795] [client 172.70.246.244:9323] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.markshvarts.com"] [uri "/.git/config"] [unique_id "ad0aNymE7pi9t-3rBoysFAAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack