Webpage scraping (for email addresses, content, etc) and crawlers that do not honor robots.txt. Excessive requests and user agent spoofing can also be reported here.
CMS blog comment spam.
Credential brute-force attacks on webpage logins and services like SSH, FTP, SIP, SMTP, RDP, etc. This category is seperate from DDoS attacks.
Participating in distributed denial-of-service (usually part of botnet).
Altering DNS records resulting in improper redirection.
Falsifying domain server cache (cache poisoning).
Spam email content, infected attachments, and phishing emails. Note: Limit comments to only relevent information (instead of log dumps) and be sure to remove PII if you want to remain anonymous.
Host is likely infected with malware and being used for other attacks or to host malicious content. The host owner may not be aware of the compromise. This category is often used in combination with other attack categories.
FTP Brute force attempt.
Fraudulent orders.
Voice-over-IP fraud.
General hacking attempt.
Abuse was targeted at an "Internet of Things" type device. Include information about what type of device was targeted in the comments.
Open proxy, open relay, or Tor exit node.
Phishing websites and/or email.
Oversized IP packet.
Scanning for open ports and vulnerable services.
Attempts at SQL injection.
Secure Shell (SSH) abuse. Use this category in combination with more specific categories.
Email sender spoofing.
VPN IP address.
Attempts to probe for or exploit installed web applications such as a CMS like WordPress/Drupal, e-commerce solutions, forum software, phpMyAdmin and various other software plugins/solutions.
Comment/forum spam, HTTP referer spam, or other CMS spam.
Generated using TypeDoc
AbuseIPDB Report Category types.
See
AbuseIPDB Report Categories
Example