AbuseIPDB.tmiland.com | Powerered by AbuseIPDB

Firewall and Nginx blacklists

Enter an IP Address

### AbuseIPDB - Firewall ip blocklist
# Blocklist for AbuseIPDB: A list of the most reported IP addresses.
# Blacklist url: https://abuseipdb.tmiland.com/abuseipdb.txt
# Blacklist Parameters:
# maxAgeInDays: 60
# confidenceMinimum: 90
# countMinimum: 15
# limit: 10,000
# Last generated on Saturday 06 June 2026 (12:00:01 AM)
### More info: https://docs.abuseipdb.com/#blacklist-endpoint

abuseipdb.txt

### AbuseIPDB - Nginx ip blocklist
# Blocklist for AbuseIPDB: A list of the most reported IP addresses.
# Blacklist url: https://abuseipdb.tmiland.com/snippets/nginx-abuseipdb.conf.txt
# Blacklist Parameters:
# maxAgeInDays: 60
# confidenceMinimum: 90
# countMinimum: 15
# limit: 10,000
# Last generated on Saturday 06 June 2026 (12:00:01 AM)
### More info: https://docs.abuseipdb.com/#blacklist-endpoint

nginx-abuseipdb.conf.txt

Download to your Nginx folder:

$ wget https://abuseipdb.tmiland.com/snippets/nginx-abuseipdb.conf.txt -O /etc/nginx/snippets/nginx-abuseipdb.conf


Include in /etc/nginx/nginx.conf:

# Include AbuseIPDB Nginx Blacklist
include snippets/nginx-abuseipdb.conf;

( Depending on your setup )


For use with Nginx

Documentation: Dynamic Blacklisting of IP Addresses

Dynamic Blacklisting of IP Addresses

### AbuseIPDB - Ngxblocker ip blocklist
# For use with Nginx Bad Bot and User-Agent Blocker
# https://github.com/mitchellkrogza/nginx-ultimate-bad-bot-blocker
# Blocklist for AbuseIPDB: A list of the most reported IP addresses.
# Blacklist url: https://abuseipdb.tmiland.com/snippets/ngxblocker-abuseipdb.conf.txt
# Blacklist Parameters:
# maxAgeInDays: 60
# confidenceMinimum: 90
# countMinimum: 15
# limit: 10,000
# Last generated on Saturday 06 June 2026 (12:00:01 AM)
### More info: https://docs.abuseipdb.com/#blacklist-endpoint

ngxblocker-abuseipdb.conf.txt

Download to your Nginx folder:

$ wget https://abuseipdb.tmiland.com/snippets/ngxblocker-abuseipdb.conf.txt -O /etc/nginx/snippets/ngxblocker-abuseipdb-blacklist.conf


Include in /etc/nginx/bots.d/blacklist-ips.conf:

# Include AbuseIPDB Ngxblocker Blacklist
include snippets/ngxblocker-abuseipdb-blacklist.conf;


Simple shell script to download on a schedule:

#!/usr/bin/env bash

# Author: Tommy Miland (@tmiland) - Copyright (c) 2019
# Download AbuseIPDB - Ngxblocker ip blocklist

# only runs if nginx -t succeeds
safe_nginx_reload() {
  nginx -t &&
  systemctl reload nginx
}

# Download ngxblocker-abuseipdb-blacklist.conf to /etc/nginx/snippets
get_ngxblocker_blacklist() {
  wget https://abuseipdb.tmiland.com/snippets/ngxblocker-abuseipdb.conf.txt -O /etc/nginx/snippets/ngxblocker-abuseipdb-blacklist.conf
}

main() {
  get_ngxblocker_blacklist
  safe_nginx_reload
}

main $@
exit 0

save as ngxblocker-abuseipdb.sh

chmod +x ngxblocker-abuseipdb.sh

A cron job can then be set up like so:

crontab -e

@hourly bash /root/ngxblocker-abuseipdb.sh > /dev/null 2>&1


For use with Nginx Bad Bot and User-Agent Blocker

Nginx Bad Bot and User-Agent Blocker on GitHub

                        ###############################################################
                        #               Welcome to AbuseIPDB.tmiland.com              # 
                        #          All connections are monitored and recorded         #
                        # Repeated offenders will be instantly reported to AbuseIPDB! #
                        #                https://abuseipdb.tmiland.com                #
                        ###############################################################

# Reported IP Date Comment Categories
500993 205.185.118.149 2026-06-06 02:37:19 Suricata Detected 8 attacks from 205.185.118.149.; ET SCAN Sipvicious Scan; IP: 205.185.118.149; Ports: 5063; Direction: to_server; Trigger: SCAN; Category: Attempted Information Leak; Severity: 2 14
500992 64.62.156.51 2026-06-06 02:36:52 Suricata Detected 33 attacks from 64.62.156.51.; ET DROP Dshield Block Listed Source group 1; IP: 64.62.156.51; Ports: 49884; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500991 85.11.167.7 2026-06-06 02:36:37 Suricata Detected 360 attacks from 85.11.167.7.; ET DROP Spamhaus DROP Listed Traffic Inbound group 12; IP: 85.11.167.7; Ports: 34235; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500990 176.65.148.58 2026-06-06 02:36:04 Suricata Detected 69 attacks from 176.65.148.58.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.148.58; Ports: 49159; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500989 191.101.33.110 2026-06-06 02:34:32 Suricata Detected 10 attacks from 191.101.33.110.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 191.101.33.110; Ports: 60760; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500988 45.205.1.242 2026-06-06 02:33:12 Suricata Detected 168 attacks from 45.205.1.242.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.242; Ports: 43584; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500987 79.124.62.178 2026-06-06 02:32:46 Suricata Detected 320 attacks from 79.124.62.178.; ET DROP Spamhaus DROP Listed Traffic Inbound group 11; IP: 79.124.62.178; Ports: 59470; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500986 193.163.125.106 2026-06-06 02:32:30 Suricata Detected 10 attacks from 193.163.125.106.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.106; Ports: 34716; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500985 66.132.195.116 2026-06-06 02:30:51 Suricata Detected 10 attacks from 66.132.195.116.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.195.116; Ports: 47130; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500984 45.148.10.67 2026-06-06 02:29:57 Suricata Detected 796 attacks from 45.148.10.67.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.148.10.67; Ports: 40000; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500983 65.49.1.68 2026-06-06 02:29:33 Suricata Detected 35 attacks from 65.49.1.68.; ET DROP Dshield Block Listed Source group 1; IP: 65.49.1.68; Ports: 2966; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500982 45.142.193.161 2026-06-06 02:29:13 Suricata Detected 707 attacks from 45.142.193.161.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.142.193.161; Ports: 42350; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500981 176.65.149.135 2026-06-06 02:29:01 Suricata Detected 2 attacks from 176.65.149.135.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.149.135; Ports: 55516; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500980 45.205.1.70 2026-06-06 02:27:59 Suricata Detected 202 attacks from 45.205.1.70.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.70; Ports: 16391; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500979 176.65.139.233 2026-06-06 02:26:56 Suricata Detected 32 attacks from 176.65.139.233.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.233; Ports: 38646; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500978 45.205.1.245 2026-06-06 02:26:43 Suricata Detected 92 attacks from 45.205.1.245.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.245; Ports: 58327; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500977 45.198.224.145 2026-06-06 02:26:30 Suricata Detected 79 attacks from 45.198.224.145.; ET DROP Dshield Block Listed Source group 1; IP: 45.198.224.145; Ports: 54600; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500976 64.62.156.12 2026-06-06 02:25:47 Suricata Detected 392 attacks from 64.62.156.12.; ET DROP Dshield Block Listed Source group 1; IP: 64.62.156.12; Ports: 39972; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500975 193.163.125.95 2026-06-06 02:25:30 Suricata Detected 12 attacks from 193.163.125.95.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.95; Ports: 52294; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500974 45.205.1.5 2026-06-06 02:24:35 Suricata Detected 1535 attacks from 45.205.1.5.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.5; Ports: 54702; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500973 66.132.172.195 2026-06-06 02:24:06 Suricata Detected 8 attacks from 66.132.172.195.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.195; Ports: 56624; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500972 65.49.1.12 2026-06-06 02:23:39 Suricata Detected 394 attacks from 65.49.1.12.; ET DROP Dshield Block Listed Source group 1; IP: 65.49.1.12; Ports: 38951; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500971 176.65.148.160 2026-06-06 02:23:26 Suricata Detected 4 attacks from 176.65.148.160.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.148.160; Ports: 39008; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500970 59.36.162.153 2026-06-06 02:22:43 Suricata Detected 3 attacks from 59.36.162.153.; ET SCAN Suspicious inbound to mySQL port 3306; IP: 59.36.162.153; Ports: 45355; Direction: to_server; Trigger: SCAN; Category: Potentially Bad Traffic; Severity: 2 14
500969 176.65.139.14 2026-06-06 02:21:56 Suricata Detected 341 attacks from 176.65.139.14.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.14; Ports: 45309; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500968 43.228.157.6 2026-06-06 02:21:23 Suricata Detected 69 attacks from 43.228.157.6.; ET DROP Spamhaus DROP Listed Traffic Inbound group 4; IP: 43.228.157.6; Ports: 46847; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500967 66.132.186.233 2026-06-06 02:20:26 Suricata Detected 125 attacks from 66.132.186.233.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.186.233; Ports: 30225; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500966 185.242.3.226 2026-06-06 02:20:06 Suricata Detected 340 attacks from 185.242.3.226.; ET DROP Spamhaus DROP Listed Traffic Inbound group 39; IP: 185.242.3.226; Ports: 24507; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500965 45.205.1.247 2026-06-06 02:19:52 Suricata Detected 156 attacks from 45.205.1.247.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.247; Ports: 49784; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500964 66.132.195.24 2026-06-06 02:19:11 Suricata Detected 165 attacks from 66.132.195.24.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.195.24; Ports: 49292; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500963 45.205.1.243 2026-06-06 02:18:45 Suricata Detected 158 attacks from 45.205.1.243.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.243; Ports: 54653; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500962 45.142.193.169 2026-06-06 02:18:12 Suricata Detected 476 attacks from 45.142.193.169.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.142.193.169; Ports: 46054; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500961 45.153.34.32 2026-06-06 02:17:44 Suricata Detected 611 attacks from 45.153.34.32.; ET SCAN Suspicious inbound to mySQL port 3306; IP: 45.153.34.32; Ports: 49513; Direction: to_server; Trigger: SCAN; Category: Potentially Bad Traffic; Severity: 2 14
500960 64.62.197.84 2026-06-06 02:16:49 Suricata Detected 42 attacks from 64.62.197.84.; ET DROP Dshield Block Listed Source group 1; IP: 64.62.197.84; Ports: 58906; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500959 31.42.176.142 2026-06-06 02:16:18 Suricata Detected 12 attacks from 31.42.176.142.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 31.42.176.142; Ports: 45752; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500958 45.198.224.18 2026-06-06 02:15:38 Suricata Detected 637 attacks from 45.198.224.18.; ET DROP Dshield Block Listed Source group 1; IP: 45.198.224.18; Ports: 36919; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500957 45.205.1.241 2026-06-06 02:14:50 Suricata Detected 155 attacks from 45.205.1.241.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.241; Ports: 41755; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500956 204.76.203.10 2026-06-06 02:13:54 Suricata Detected 179 attacks from 204.76.203.10.; ET DROP Spamhaus DROP Listed Traffic Inbound group 55; IP: 204.76.203.10; Ports: 43408; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500955 66.132.172.228 2026-06-06 02:13:13 Suricata Detected 186 attacks from 66.132.172.228.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.228; Ports: 4740; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500954 64.62.156.54 2026-06-06 02:12:56 Suricata Detected 36 attacks from 64.62.156.54.; ET DROP Dshield Block Listed Source group 1; IP: 64.62.156.54; Ports: 48276; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500953 109.236.86.20 2026-06-06 02:12:09 Suricata Detected 14 attacks from 109.236.86.20.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 109.236.86.20; Ports: 52394; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500952 172.110.223.185 2026-06-06 02:11:38 Suricata Detected 80 attacks from 172.110.223.185.; ET SCAN Sipvicious Scan; IP: 172.110.223.185; Ports: 5902; Direction: to_server; Trigger: SCAN; Category: Attempted Information Leak; Severity: 2 14
500951 64.62.156.216 2026-06-06 02:10:35 Suricata Detected 30 attacks from 64.62.156.216.; ET DROP Dshield Block Listed Source group 1; IP: 64.62.156.216; Ports: 54950; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500950 209.90.232.71 2026-06-06 02:09:53 Suricata Detected 12 attacks from 209.90.232.71.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 209.90.232.71; Ports: 35924; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500949 66.132.172.229 2026-06-06 02:07:13 Suricata Detected 177 attacks from 66.132.172.229.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.229; Ports: 18056; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500948 45.142.154.99 2026-06-06 02:06:56 Suricata Detected 376 attacks from 45.142.154.99.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.142.154.99; Ports: 58914; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500947 66.132.172.157 2026-06-06 02:06:35 Suricata Detected 126 attacks from 66.132.172.157.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.157; Ports: 18751; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500946 45.142.193.53 2026-06-06 02:06:01 Suricata Detected 1182 attacks from 45.142.193.53.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.142.193.53; Ports: 43546; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500945 152.32.192.176 2026-06-06 02:03:18 Suricata Detected 25 attacks from 152.32.192.176.; ET COMPROMISED Known Compromised or Hostile Host Traffic group 4; IP: 152.32.192.176; Ports: 34641; Direction: to_server; Trigger: COMPROMISED; Category: Misc Attack; Severity: 2 20,18
500944 66.132.195.82 2026-06-06 02:02:43 Suricata Detected 4 attacks from 66.132.195.82.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.195.82; Ports: 52170; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500943 45.205.1.244 2026-06-06 02:02:07 Suricata Detected 122 attacks from 45.205.1.244.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.244; Ports: 37077; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500942 176.65.139.66 2026-06-06 02:01:52 Suricata Detected 140 attacks from 176.65.139.66.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.66; Ports: 33278; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500941 45.205.1.240 2026-06-06 02:01:37 Suricata Detected 176 attacks from 45.205.1.240.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.240; Ports: 50512; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500940 193.163.125.80 2026-06-06 02:01:18 Suricata Detected 18 attacks from 193.163.125.80.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.80; Ports: 58358; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500939 204.76.203.219 2026-06-06 02:00:53 Suricata Detected 36 attacks from 204.76.203.219.; ET DROP Spamhaus DROP Listed Traffic Inbound group 55; IP: 204.76.203.219; Ports: 54280; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500938 66.132.172.112 2026-06-06 02:00:31 Suricata Detected 157 attacks from 66.132.172.112.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.112; Ports: 24999; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500937 66.132.172.243 2026-06-06 02:00:07 Suricata Detected 173 attacks from 66.132.172.243.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.243; Ports: 20834; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500936 45.198.224.138 2026-06-06 01:57:37 Suricata Detected 78 attacks from 45.198.224.138.; ET DROP Dshield Block Listed Source group 1; IP: 45.198.224.138; Ports: 60001; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500935 66.132.172.248 2026-06-06 01:55:11 Suricata Detected 176 attacks from 66.132.172.248.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.248; Ports: 41659; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500934 45.148.10.121 2026-06-06 01:54:16 Suricata Detected 1340 attacks from 45.148.10.121.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.148.10.121; Ports: 43818; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500933 45.148.10.120 2026-06-06 01:52:58 (nginx_404) Dot directory Honeypot Trap 45.148.10.120 (-): 2 in the last 3600 secs; IP: 45.148.10.120; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.148.10.120 - - [06/Jun/2026:01:52:45 +0200] "GET /.aws/credentials HTTP/1.1" 404 4799 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" 45.148.10.120 - - [06/Jun/2026:01:52:45 +0200] "GET /.env HTTP/1.1" 404 4794 "-" "Mozilla/5.0 (Linux; Android 4.4.2; GT-N8000) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/71.0.3578.99 Safari/537.36" 18
500932 45.148.10.120 2026-06-06 01:52:47 Suricata Detected 59 attacks from 45.148.10.120.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.148.10.120; Ports: 40880; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500931 66.132.195.18 2026-06-06 01:51:57 Suricata Detected 177 attacks from 66.132.195.18.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.195.18; Ports: 39540; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500930 66.132.186.208 2026-06-06 01:50:59 Suricata Detected 123 attacks from 66.132.186.208.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.186.208; Ports: 18086; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500929 192.109.200.215 2026-06-06 01:49:18 (nginx_404) Dot directory Honeypot Trap 192.109.200.215 (BG/Bulgaria/-): 2 in the last 3600 secs; IP: 192.109.200.215; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 2026/06/06 01:49:13 [error] 208814#208814: *496700 open() "/home/abuseipdb/public_html/.env" failed (2: No such file or directory), client: 192.109.200.215, server: abuseipdb.*.*, request: "GET /.env HTTP/1.1", host: "abuseipdb.*.*" 192.109.200.215 - - [06/Jun/2026:01:49:13 +0200] "GET /.env HTTP/1.1" 404 2992 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36" 18
500928 66.132.172.232 2026-06-06 01:48:59 Suricata Detected 189 attacks from 66.132.172.232.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.172.232; Ports: 2871; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 21
500927 192.109.200.215 2026-06-06 01:47:37 Suricata Detected 4 attacks from 192.109.200.215.; ET WEB_SERVER WEB-PHP phpinfo access; IP: 192.109.200.215; Ports: 56984; Direction: to_server; Trigger: WEB_SERVER; Category: Information Leak; Severity: 2 21
500926 176.65.139.140 2026-06-06 01:46:44 Suricata Detected 295 attacks from 176.65.139.140.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.140; Ports: 58937; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 20,18
500925 176.65.139.254 2026-06-06 01:46:18 Suricata Detected 114 attacks from 176.65.139.254.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.254; Ports: 56424; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500924 43.228.157.8 2026-06-06 01:45:33 Suricata Detected 606 attacks from 43.228.157.8.; ET DROP Spamhaus DROP Listed Traffic Inbound group 4; IP: 43.228.157.8; Ports: 11983; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500923 189.7.87.154 2026-06-06 01:42:58 Suricata Detected 2 attacks from 189.7.87.154.; ET EXPLOIT MVPower DVR Shell UCE; IP: 189.7.87.154; Ports: 12810; Direction: to_server; Trigger: EXPLOIT; Category: Attempted Administrator Privilege Gain; Severity: 1 18
500922 124.198.131.39 2026-06-06 01:39:36 Suricata Detected 54 attacks from 124.198.131.39.; ET DROP Spamhaus DROP Listed Traffic Inbound group 26; IP: 124.198.131.39; Ports: 39779; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 20,18
500921 213.209.159.56 2026-06-06 01:38:44 Suricata Detected 632 attacks from 213.209.159.56.; ET DROP Spamhaus DROP Listed Traffic Inbound group 65; IP: 213.209.159.56; Ports: 51698; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 18
500920 85.11.167.11 2026-06-06 01:37:15 Suricata Detected 994 attacks from 85.11.167.11.; ET DROP Spamhaus DROP Listed Traffic Inbound group 12; IP: 85.11.167.11; Ports: 51655; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 18
500919 87.121.84.167 2026-06-06 01:36:49 Suricata Detected 29 attacks from 87.121.84.167.; ET DROP Spamhaus DROP Listed Traffic Inbound group 13; IP: 87.121.84.167; Ports: 42698; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 18
500918 176.65.148.58 2026-06-06 01:36:04 Suricata Detected 67 attacks from 176.65.148.58.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.148.58; Ports: 49156; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500917 45.205.1.71 2026-06-06 01:35:00 Suricata Detected 343 attacks from 45.205.1.71.; ET DROP Dshield Block Listed Source group 1; IP: 45.205.1.71; Ports: 57800; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500916 176.65.148.147 2026-06-06 01:33:20 Suricata Detected 67 attacks from 176.65.148.147.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.148.147; Ports: 38795; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500915 104.194.10.248 2026-06-06 01:33:08 Suricata Detected 12 attacks from 104.194.10.248.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 104.194.10.248; Ports: 55040; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500914 41.64.172.51 2026-06-06 01:32:56 Suricata Detected 6 attacks from 41.64.172.51.; ET SCAN Suspicious inbound to MSSQL port 1433; IP: 41.64.172.51; Ports: 48706; Direction: to_server; Trigger: SCAN; Category: Potentially Bad Traffic; Severity: 2 14
500913 109.236.86.20 2026-06-06 01:32:41 Suricata Detected 12 attacks from 109.236.86.20.; ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack; IP: 109.236.86.20; Ports: 48990; Direction: to_server; Trigger: SCAN; Category: Attempted Administrator Privilege Gain; Severity: 1 14
500912 58.209.82.184 2026-06-06 01:32:10 Suricata Detected 12 attacks from 58.209.82.184.; ET SCAN Potential SSH Scan; IP: 58.209.82.184; Ports: 55512; Direction: to_server; Trigger: SCAN; Category: Attempted Information Leak; Severity: 2 14
500911 64.89.163.81 2026-06-06 01:31:22 Suricata Detected 24 attacks from 64.89.163.81.; ET DROP Spamhaus DROP Listed Traffic Inbound group 9; IP: 64.89.163.81; Ports: 42103; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500910 43.228.157.10 2026-06-06 01:28:41 Suricata Detected 618 attacks from 43.228.157.10.; ET DROP Spamhaus DROP Listed Traffic Inbound group 4; IP: 43.228.157.10; Ports: 22207; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500909 193.163.125.85 2026-06-06 01:28:17 Suricata Detected 12 attacks from 193.163.125.85.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.85; Ports: 55216; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500908 66.132.186.138 2026-06-06 01:27:56 Suricata Detected 140 attacks from 66.132.186.138.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.186.138; Ports: 63674; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500907 45.142.154.87 2026-06-06 01:27:40 Suricata Detected 374 attacks from 45.142.154.87.; ET DROP Spamhaus DROP Listed Traffic Inbound group 7; IP: 45.142.154.87; Ports: 58914; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500906 66.132.195.30 2026-06-06 01:26:56 Suricata Detected 155 attacks from 66.132.195.30.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.195.30; Ports: 25711; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500905 66.132.186.211 2026-06-06 01:26:00 Suricata Detected 139 attacks from 66.132.186.211.; ET DROP Dshield Block Listed Source group 1; IP: 66.132.186.211; Ports: 17819; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500904 185.242.3.59 2026-06-06 01:25:08 Suricata Detected 26 attacks from 185.242.3.59.; ET DROP Spamhaus DROP Listed Traffic Inbound group 39; IP: 185.242.3.59; Ports: 15951; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500903 86.54.31.32 2026-06-06 01:23:54 Suricata Detected 138 attacks from 86.54.31.32.; ET SCAN Suspicious inbound to mySQL port 3306; IP: 86.54.31.32; Ports: 20270; Direction: to_server; Trigger: SCAN; Category: Potentially Bad Traffic; Severity: 2 14
500902 176.65.139.173 2026-06-06 01:23:01 Suricata Detected 18 attacks from 176.65.139.173.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.173; Ports: 37892; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500901 176.65.139.232 2026-06-06 01:22:49 Suricata Detected 47 attacks from 176.65.139.232.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.232; Ports: 23738; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500900 176.65.139.235 2026-06-06 01:22:36 Suricata Detected 66 attacks from 176.65.139.235.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.235; Ports: 50092; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500899 176.65.139.231 2026-06-06 01:22:23 Suricata Detected 47 attacks from 176.65.139.231.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.231; Ports: 52246; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500897 8.154.0.104 2026-06-06 01:21:26 (sshd) Failed SSH login from 8.154.0.104 (CN/China/-): 3 in the last 3600 secs; IP: 8.154.0.104; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Jun 6 01:09:41 debian sshd[1933692]: Invalid user developer from 8.154.0.104 port 50336 Jun 6 01:20:08 debian sshd[1940860]: Invalid user dev from 8.154.0.104 port 43820 Jun 6 01:21:21 debian sshd[1941721]: Invalid user azureuser from 8.154.0.104 port 53912 22,18
500898 193.163.125.78 2026-06-06 01:21:14 Suricata Detected 4 attacks from 193.163.125.78.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.78; Ports: 34457; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500896 193.163.125.107 2026-06-06 01:20:58 Suricata Detected 8 attacks from 193.163.125.107.; ET DROP Dshield Block Listed Source group 1; IP: 193.163.125.107; Ports: 53719; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14
500895 176.65.139.234 2026-06-06 01:20:35 Suricata Detected 66 attacks from 176.65.139.234.; ET DROP Spamhaus DROP Listed Traffic Inbound group 36; IP: 176.65.139.234; Ports: 25088; Direction: to_server; Trigger: DROP; Category: Misc Attack; Severity: 2 14