π§π¬
HighWay
2026-06-29 17:41:01
(3 days ago)
57.151.137.130 - - [29/Jun/2026:17:40:57 +0000] "CONNECT c3.dstatbot.win:443:443 HTTP/1.1" 400 500 " ...
show more
57.151.137.130 - - [29/Jun/2026:17:40:57 +0000] "CONNECT c3.dstatbot.win:443:443 HTTP/1.1" 400 500 "-" "-"
57.151.137.130 - - [29/Jun/2026:17:40:58 +0000] "CONNECT c3.dstatbot.win:443:443 HTTP/1.1" 400 500 "-" "-"
57.151.137.130 - - [29/Jun/2026:17:40:59 +0000] "CONNECT c3.dstatbot.win:443:443 HTTP/1.1" 400 500 "-" "-"
...
show less
Hacking
Port Scan
π«π·
service Informatique
2026-06-27 04:00:37
(6 days ago)
GET /wp-config
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 20:42:39
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 16:42:35.270203 2026] [security2:error] [pid 7292:tid 7292] [client 57.151.137.130:3711] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.93"] [uri "/.git/HEAD"] [unique_id "aj7kOy-9KQyU5SkDU1AKLwAAAA0"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
zwebvigil
2026-06-26 20:37:30
(6 days ago)
57.151.137.130 [26/Jun/2026:13:37:25 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=3686 "Mozill ...
show more
57.151.137.130 [26/Jun/2026:13:37:25 -0700] "GET /.git/HEAD HTTP/1.1" 401 381 "-" port=3686 "Mozilla/5.0 (Linux; Android 14; Pixel 8) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Mobile Safari/537.36" "-" "-" "<ipaddr>" 344
57.151.137.130 [26/Jun/2026:13:37:26 -0700] "GET /.git/config HTTP/1.1" 401 381 "-" port=3661 "Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 345
57.151.137.130 [26/Jun/2026:13:37:27 -0700] "GET /.git/logs/HEAD HTTP/1.1" 401 381 "-" port=3667 "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.0.0 Safari/537.36" "-" "-" "<ipaddr>" 325
57.151.137.130 [26/Jun/2026:13:37:28 -0700] "GET /.git/refs/heads/master HTTP/1.1" 401 381 "-" port=3668 "Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" "-" "-" "<ipaddr>" 490
57.151.137.130 [26/Jun/2026:13:37:29 -0700] "GE
show less
Web App Attack
π¨π
pingusurmars
2026-06-26 19:58:42
(6 days ago)
Blocked by UFW on ampereone [2083/tcp]
Source port: 5065
TTL: 51
Packet length: 60
TOS: 0x00
This r ...
show more
Blocked by UFW on ampereone [2083/tcp]
Source port: 5065
TTL: 51
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
ππ°
PingMeMaybe
2026-06-26 17:34:12
(6 days ago)
Blocked by UFW on hk [2087/tcp]
Source port: 3361
TTL: 47
Packet length: 60
TOS: 0x00
This report w ...
show more
Blocked by UFW on hk [2087/tcp]
Source port: 3361
TTL: 47
Packet length: 60
TOS: 0x00
This report was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
πΊπΈ
MPL
2026-06-26 16:52:59
(6 days ago)
tcp port scan (9 or more attempts)
Port Scan
πΊπΈ
TPI-Abuse
2026-06-26 16:43:53
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:43:45.785891 2026] [security2:error] [pid 16074:tid 16074] [client 57.151.137.130:4079] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.58"] [uri "/.git/HEAD"] [unique_id "aj6sQTBiD-ZCpjgwSId6bQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-26 16:12:44
(6 days ago)
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 57.151.137.130 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 26 12:12:37.347476 2026] [security2:error] [pid 2496:tid 2496] [client 57.151.137.130:3124] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "192.64.150.202"] [uri "/.git/HEAD"] [unique_id "aj6k9Vmov4YeHwvRjo70AAAAADE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
MPL
2026-06-26 16:10:35
(6 days ago)
tcp port scan (27 or more attempts)
Port Scan
Anonymous
2026-06-26 16:03:46
(6 days ago)
Hit honeypot r.
Port Scan
Hacking
Exploited Host
Anonymous
2026-06-26 15:08:34
(1 week ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
πΈπͺ
NordhTech
2026-06-14 10:15:27
(2 weeks ago)
More than 3 malicious connection attempts, trying port(s) 8443/tcp, then blocked from services ...
Port Scan
Hacking
π©πͺ
ISPLtd
2026-06-14 08:58:49
(2 weeks ago)
Jun 14 05:58:49 57.151.137.130 TCP SPT=1040 DPT=8880 SYN
Jun 14 05:58:49 57.151.137.130 TCP SPT=1040 ...
show more
Jun 14 05:58:49 57.151.137.130 TCP SPT=1040 DPT=8880 SYN
Jun 14 05:58:49 57.151.137.130 TCP SPT=1040 DPT=5000 SYN
Jun 14 05:58:49 57.151.137.130 TCP SPT=1040 DPT=2096
...
show less
Port Scan
π¬π§
PeravixGroup
2026-05-30 18:41:31
(1 month ago)
Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severit ...
show more
Honeypot detection: Kubernetes API unauthorized access / cluster abuse attempt on port 6443. Severity: MEDIUM. Aaran.cloud
show less
Hacking
Exploited Host