๐ฉ๐ช
Marco711
2026-07-07 21:04:25
(3 days ago)
port/URL scanning
Port Scan
Web App Attack
Anonymous
2026-07-07 18:35:26
(3 days ago)
Port scan / connection attempts on ports 8881/TCP, 55555/TCP to unused IP
Port Scan
๐บ๐ธ
xmission.com
2026-07-07 17:15:54
(3 days ago)
Blocked by UFW (TCP on 1244)
Source port: 61011
TTL: 241
Packet length: 44
TOS: 0x08
This report (f ...
show more
Blocked by UFW (TCP on 1244)
Source port: 61011
TTL: 241
Packet length: 44
TOS: 0x08
This report (for 209.97.149.204) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
Axel
2026-06-14 15:15:32
(3 weeks ago)
Blocked by UFW on MVI [14000/tcp] | SPT: 61005 | TTL: 240 | LEN: 44 | TOS: 0x00 โข Reported by: githu ...
show more
Blocked by UFW on MVI [14000/tcp] | SPT: 61005 | TTL: 240 | LEN: 44 | TOS: 0x00 โข Reported by: github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐จ๐ญ
pingusurmars
2026-06-14 14:45:45
(3 weeks ago)
Blocked by UFW on ampereone [8085/tcp]
Source port: 61010
TTL: 242
Packet length: 44
TOS: 0x00
This ...
show more
Blocked by UFW on ampereone [8085/tcp]
Source port: 61010
TTL: 242
Packet length: 44
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐ฆ๐น
centurion
2026-06-14 14:42:41
(3 weeks ago)
Blocked by UFW on ns03 [1000/tcp] Source port: 61013 TTL: 242 Packet length: 44 TOS: 0x00 This repo ...
show more
Blocked by UFW on ns03 [1000/tcp] Source port: 61013 TTL: 242 Packet length: 44 TOS: 0x00 This report was generated by: https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-02-20 22:29:55
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 17:29:49.283243 2026] [security2:error] [pid 21421:tid 21889] [client 209.97.149.204:35634] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||www.jaslae.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "www.jaslae.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZjgXe_wO6NXEQbYtvcNbAAAAcU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 22:12:30
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 17:12:24.992063 2026] [security2:error] [pid 31568:tid 31568] [client 209.97.149.204:32318] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||thesalonx.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "thesalonx.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZjcSN7NKM2_0fYX6mO5qgAAABg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
Progetto1
2026-02-20 21:50:02
(4 months ago)
Website Scanning / Scraping
Bad Web Bot
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 21:13:37
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 16:13:29.778980 2026] [security2:error] [pid 18082:tid 18082] [client 209.97.149.204:30968] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||ink2wear.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "ink2wear.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZjOeSUuWeEiWdbIm4j7swAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 20:50:55
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 15:50:49.133962 2026] [security2:error] [pid 31853:tid 31853] [client 209.97.149.204:28286] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||drwolberg.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "drwolberg.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZjJKf35XILUN6K5RBy2IgAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-20 19:58:52
(4 months ago)
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:225170) triggered by 209.97.149.204 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 20 14:58:44.947322 2026] [security2:error] [pid 16367:tid 16367] [client 209.97.149.204:19708] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at REQUEST_COOKIES_NAMES. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/26_Apps_WordPress.conf"] [line "155"] [id "225170"] [rev "3"] [msg "COMODO WAF: Sensitive Information Disclosure Vulnerability in WordPress 4.7 (CVE-2017-5487)||alexgitlin.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "WordPress"] [hostname "alexgitlin.com"] [uri "/wp-json/wp/v2/users"] [unique_id "aZi89INNLqdBoASiy5uctQAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-02-20 14:06:25
(4 months ago)
Attempting WordPress exploit (/wp-content/plugins/really-simple-ssl/readme.txt)
Web App Attack
Anonymous
2026-02-20 10:39:30
(4 months ago)
"GET /wp-content/plugins/lastudio-element-kit/readme.txt HTTP/1.1"
Hacking
Web App Attack
๐บ๐ธ
ipblock.com
2026-02-19 11:34:00
(4 months ago)
IPBlock protected site ID [3390-wh].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack