πͺπΈ
librebit
2026-05-17 07:13:15
(3 weeks ago)
Brute force
Brute-Force
2026-05-11 13:29:28
(4 weeks ago)
RdpGuard detected brute-force attempt on RD-WEB
Brute-Force
π΅π±
cheatmaster.store
2026-02-25 23:08:00
(3 months ago)
Automated report: This IP address has been identified as an active public open proxy.
Classification ...
show more
Automated report: This IP address has been identified as an active public open proxy.
Classification: Open Proxy | Spoofing | VPN/Anonymizer | Bad Web Bot.
Country: United States
Threat level: High. This host is listed across multiple public proxy databases and poses a risk of abuse, credential stuffing, scraping, and spoofed traffic.
Reported by automated threat intelligence pipeline. Do not whitelist without manual verification.
show less
Web Spam
Port Scan
Web App Attack
π΅π±
sefinek.net
2026-02-23 03:45:26
(3 months ago)
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (G ...
show more
Triggered Cloudflare WAF (firewallCustom) from US.
Action: MANAGED_CHALLENGE | Protocol: HTTP/1.1 (GET) | Endpoint: /genshin-stella-mod | UA: Mozilla/5.0 (X11; Linux i686; rv:114.0) Gecko/20100101 Firefox/114.0 β’ Generated by: github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
2026-01-31 10:24:04
(4 months ago)
Banned by SPAMHAUS DROP list
DDoS Attack
Hacking
Bad Web Bot
Web App Attack
πͺπΈ
10dencehispahard SL
2026-01-26 09:31:58
(4 months ago)
Wordpress probing for vulnerabilities
Hacking
Exploited Host
2026-01-24 16:58:35
(4 months ago)
wordpress-trap
Web App Attack
π«π·
tilellit.pro
2026-01-23 10:47:18
(4 months ago)
Fail2Ban banned 209.50.167.229 for security violations in jail nginx-aggressive. Log: 2026/01/23 10: ...
show more
Fail2Ban banned 209.50.167.229 for security violations in jail nginx-aggressive. Log: 2026/01/23 10:47:17 [error] FastCGI sent in stderr: "Primary script unknown" , client: 209.50.167.229, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED]
2026/01/23 10:47:18 [error] FastCGI sent in stderr: "Primary script unknown" , client: 209.50.167.229, server: [REDACTED], request: "POST /wp-admin/xmlrpc.php HTTP/1.1", upstream: [REDACTED], host: [REDACTED]
...
show less
Bad Web Bot
Web App Attack
π·πΊ
DZBOT
2026-01-01 04:05:32
(5 months ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
2025-12-31 21:53:02
(5 months ago)
209.50.167.229 - - [31/Dec/2025:22:53:01 +0100] "GET /xmlrpc.php?rsd HTTP/1.1" 403 473
...
Web App Attack
π§πͺ
cmbplf
2025-12-31 15:07:17
(5 months ago)
3.735 requests with url.path */xmlrpc.php
Brute-Force
Bad Web Bot
πΊπΈ
xmission.com
2025-12-30 17:58:16
(5 months ago)
Blocked by UFW (TCP on 80)
Source port: 36089
TTL: 51
Packet length: 60
TOS: 0x00
This report (for ...
show more
Blocked by UFW (TCP on 80)
Source port: 36089
TTL: 51
Packet length: 60
TOS: 0x00
This report (for 209.50.167.229) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-29 05:09:25
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.167.229 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.167.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Dec 29 00:09:17.762326 2025] [security2:error] [pid 15412:tid 15412] [client 209.50.167.229:25797] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.svn/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "kathynash.com"] [uri "/.svn/wc.db"] [unique_id "aVIM_fc1k-LRHIZKOCY08wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2025-12-29 04:29:26
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 209.50.167.229 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 209.50.167.229 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Dec 28 23:29:18.985861 2025] [security2:error] [pid 4462:tid 4462] [client 209.50.167.229:18263] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "southernreader.com"] [uri "/.env"] [unique_id "aVIDnn0LGf_mFwYqD9zs6wAAAAw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
2025-12-13 04:23:51
(5 months ago)
botnet
DDoS Attack