πΊπΈ
xmission.com
2026-07-12 18:23:38
(2 days ago)
Blocked by UFW (TCP on 14170)
Source port: 42119
TTL: 37
Packet length: 60
TOS: 0x08
This report (f ...
show more
Blocked by UFW (TCP on 14170)
Source port: 42119
TTL: 37
Packet length: 60
TOS: 0x08
This report (for 82.102.23.131) was generated by:
https://github.com/sefinek/UFW-AbuseIPDB-Reporter
show less
Port Scan
π§πͺ
cmbplf
2026-07-11 04:02:44
(4 days ago)
1.670 requests to many distinct domains in 1 hour (1w18h13m)
Brute-Force
Bad Web Bot
π¦πΊ
screwlooseit.com.au
2026-07-11 03:13:21
(4 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BG/Bulgaria/-
Web App Attack
π©πͺ
maxpower
2026-07-10 17:43:04
(5 days ago)
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 82.102.23.131 (BG/Bulgaria/-): 1 in the last 3 ...
show more
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 82.102.23.131 (BG/Bulgaria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 82.102.23.131 - - [10/Jul/2026:19:43:00 +0200] "POST /xmlrpc.php HTTP/1.1" 404 46280 "-" "Go-http-client/1.1" "-" host=matteoappignani.it
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-07-10 15:45:28
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 10 11:45:22.226491 2026] [security2:error] [pid 19824:tid 19824] [client 82.102.23.131:46496] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 82.102.23.131 (+1 hits since last alert)|snowrideadventures.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "snowrideadventures.com"] [uri "/xmlrpc.php"] [unique_id "alETkgR4DldHjbHc92e0bwAAAAM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
maxpower
2026-07-10 15:37:49
(5 days ago)
(nginx_hardened) REGOLA 3 - Nginx Hardening Triggered 82.102.23.131 (BG/Bulgaria/-): 3 in the last 3 ...
show more
(nginx_hardened) REGOLA 3 - Nginx Hardening Triggered 82.102.23.131 (BG/Bulgaria/-): 3 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/07/10 17:36:40 [error] 1223753#1223753: *224151 access forbidden by rule, client: 82.102.23.131, server: confartigianato.pe.it, request: "POST /xmlrpc.php HTTP/1.1", host: "confartigianato.pe.it"
82.102.23.131 - - [10/Jul/2026:17:37:46 +0200] "POST /xmlrpc.php HTTP/1.1" 403 146 "-" "Go-http-client/1.1" "-" host=confartigianato.pe.it
2026/07/10 17:37:46 [error] 1223751#1223751: *224283 access forbidden by rule, client: 82.102.23.131, server: confartigianato.pe.it, request: "POST /xmlrpc.php HTTP/1.1", host: "confartigianato.pe.it"
show less
Port Scan
π©πͺ
maxpower
2026-07-10 03:10:16
(5 days ago)
(PERMBLOCK) 82.102.23.131 (BG/Bulgaria/-) has had more than 4 temp blocks in the last 86400 secs; Po ...
show more
(PERMBLOCK) 82.102.23.131 (BG/Bulgaria/-) has had more than 4 temp blocks in the last 86400 secs; Ports: *; Direction: inout; Trigger: LF_PERMBLOCK_COUNT; Logs:
show less
Port Scan
πΊπΈ
TPI-Abuse
2026-07-10 03:08:45
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 23:08:38.079890 2026] [security2:error] [pid 29257:tid 29257] [client 82.102.23.131:57698] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 82.102.23.131 (+1 hits since last alert)|mobileonlinecasinos.co|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "mobileonlinecasinos.co"] [uri "/xmlrpc.php"] [unique_id "alBiNrM7fqRFvYQU1lqnwgAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
abdubhai
2026-07-10 01:48:16
(5 days ago)
82.102.23.131 - - [10/Jul/2026:0
...
Brute-Force
Anonymous
2026-07-10 01:44:56
(5 days ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH
πΊπΈ
TPI-Abuse
2026-07-10 01:38:37
(5 days ago)
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:240335) triggered by 82.102.23.131 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 09 21:38:29.675383 2026] [security2:error] [pid 16530:tid 16530] [client 82.102.23.131:35348] ModSecurity: Access denied with code 403 (phase 2). Operator EQ matched 0 at IP. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/30_Apps_OtherApps.conf"] [line "5956"] [id "240335"] [rev "5"] [msg "COMODO WAF: XML-RPC Attack Identified (CVE-2013-0235)|Source 82.102.23.131 (+1 hits since last alert)|fusteriafontane.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "OtherApps"] [hostname "fusteriafontane.com"] [uri "/xmlrpc.php"] [unique_id "alBNFUAy5L0P4obupNvNQQAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
screwlooseit.com.au
2026-07-10 01:38:00
(5 days ago)
Blocked by CSF 13 firewall - Rule: XMLRPC
BG/Bulgaria/-
Web App Attack
π©πͺ
maxpower
2026-07-10 01:37:35
(5 days ago)
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 82.102.23.131 (BG/Bulgaria/-): 1 in the last 3 ...
show more
(wp_fingerprint) REGOLA 6 - WP Exploit Attempt xmlrpc 82.102.23.131 (BG/Bulgaria/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 82.102.23.131 - - [10/Jul/2026:03:37:33 +0200] "POST /xmlrpc.php HTTP/1.1" 404 46280 "-" "Go-http-client/1.1" "-" host=matteoappignani.it
show less
Port Scan
π«π·
masterguru
2026-07-10 01:35:56
(5 days ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-201)
show less
Bad Web Bot
π«π·
matthieul.dev
2026-07-09 18:50:27
(5 days ago)
Blocked by os-abuseipdb; 10 hits, proto=tcp,udp, ports=49437
Port Scan
Brute-Force