๐บ๐ธ
Affection8003
2026-07-03 03:24:50
(6 hours ago)
Detected and blocked by UniFi IDS/IPS (Pifer-Home). Signature: ET TOR Known Tor Relay/Router (Not Ex ...
show more
Detected and blocked by UniFi IDS/IPS (Pifer-Home). Signature: ET TOR Known Tor Relay/Router (Not Exit) Node Traffic group 368 (SID 2522367). Threat list: TOR. Protocol: TCP 54442->51879.
show less
Hacking
๐ฌ๐ง
jboy89
2026-06-24 10:20:07
(1 week ago)
Blocked by os-abuseipdb; 4 hits, proto=udp, ports=33948
Port Scan
Hacking
๐ซ๐ท
matthieul.dev
2026-06-24 03:40:21
(1 week ago)
Blocked by os-abuseipdb; 6 hits, proto=tcp, ports=46516
Port Scan
Brute-Force
๐จ๐ณ
pengpeng
2026-06-19 23:03:50
(1 week ago)
monitor: on VM-0-7-ubuntu | port: 46516 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporte ...
show more
monitor: on VM-0-7-ubuntu | port: 46516 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ซ๐ท
matthieul.dev
2026-06-19 09:55:19
(1 week ago)
Blocked by os-abuseipdb; 9 hits, proto=tcp,udp, ports=59542
Port Scan
Brute-Force
๐บ๐ธ
xmission.com
2026-06-18 14:23:59
(2 weeks ago)
Blocked by UFW (TCP on 37888)
Source port: 33044
TTL: 52
Packet length: 60
TOS: 0x08
This report (f ...
show more
Blocked by UFW (TCP on 37888)
Source port: 33044
TTL: 52
Packet length: 60
TOS: 0x08
This report (for 198.54.129.60) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Anonymous
2026-06-13 02:57:01
(2 weeks ago)
2026-06-13 02:57:01 warning[1797961]: host static-198-54-129-60.cust.tzulo.com[198.54.129. ...
show more
2026-06-13 02:57:01 warning[1797961]: host static-198-54-129-60.cust.tzulo.com[198.54.129.60]: unauthorized access attempted: tcp/9010
show less
Port Scan
Brute-Force
๐จ๐ณ
pengpeng
2026-06-12 20:20:48
(2 weeks ago)
monitor: on VM-0-7-ubuntu | port: 2660 | ttl: 251 script: github.com/sefinek/UFW-AbuseIPDB-Reporter
Port Scan
๐ซ๐ท
matthieul.dev
2026-06-11 22:35:12
(3 weeks ago)
Blocked by os-abuseipdb; 8 hits, proto=tcp, ports=46516
Port Scan
Brute-Force
๐ท๐บ
punctualsuspension968
2026-06-06 23:58:33
(3 weeks ago)
blocked by ufw on TCP 6881
Port Scan
๐บ๐ธ
etu brutus
2026-05-28 02:27:27
(1 month ago)
198.54.129.60 has been banned for [WebApp Attack]
...
Hacking
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 02:27:24
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo. ...
show more
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 22:27:19.030953 2026] [security2:error] [pid 19543:tid 19543] [client 198.54.129.60:64776] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 198.54.129.60 (+1 hits since last alert)|computerizer.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "computerizer.org"] [uri "/xmlrpc.php"] [unique_id "aheoB3mgtyOGM4XLWVVYvAAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
WellSpring
2026-05-28 01:39:17
(1 month ago)
xmlrpc exploit on wellspr.ing/xmlrpc.php โ WellSpr.ing/NetSentinel civic-AI security layer
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-28 00:02:51
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo. ...
show more
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 20:02:46.211910 2026] [security2:error] [pid 17089:tid 17089] [client 198.54.129.60:50688] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 198.54.129.60 (+1 hits since last alert)|turtlehill.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "turtlehill.org"] [uri "/xmlrpc.php"] [unique_id "aheGJgpgENxN_E9A5BfR-QAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-05-27 22:05:18
(1 month ago)
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo. ...
show more
(mod_security) mod_security (id:240335) triggered by 198.54.129.60 (static-198-54-129-60.cust.tzulo.com): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Wed May 27 18:05:10.297809 2026] [security2:error] [pid 12658:tid 12658] [client 198.54.129.60:51055] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5965"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 198.54.129.60 (+1 hits since last alert)|butterfly-storm.org|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "butterfly-storm.org"] [uri "/xmlrpc.php"] [unique_id "ahdqlvZHKlt9fSc7_8aEGwAAAB8"]
show less
Brute-Force
Bad Web Bot
Web App Attack