๐ฉ๐ช
reznekcs
2026-07-16 05:03:13
(4 hours ago)
Blocked by UFW firewall
Brute-Force
๐ฉ๐ช
reznekcs
2026-07-14 05:02:45
(2 days ago)
Blocked by UFW firewall
Brute-Force
๐ฉ๐ช
ValtonTahiri
2026-07-08 01:10:51
(1 week ago)
UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ...
show more
UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=162.158.210.36; proto=TCP; source_port=10099; target_port=8443; flags=SYN
show less
Port Scan
๐ฉ๐ช
ValtonTahiri
2026-07-04 22:27:51
(1 week ago)
UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly as ...
show more
UFW blocked a suspicious connection attempt to a closed or denied port. This activity is commonly associated with port scanning, service discovery, or automated internet probing. Technical: source_ip=162.158.210.36; proto=TCP; source_port=12669; target_port=8443; flags=SYN
show less
Port Scan
๐บ๐ธ
TPI-Abuse
2026-06-30 07:25:14
(2 weeks ago)
(mod_security) mod_security (id:210730) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 03:25:02.091365 2026] [security2:error] [pid 31083:tid 31083] [client 162.158.210.36:11252] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||westernmassaa.net|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "westernmassaa.net"] [uri "/tox.ini"] [unique_id "akNvTp4ZjP8HVNkuFT6ZswAAABM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-25 21:42:43
(2 weeks ago)
162.158.210.36 - - [26/Jun/2026:00:42:43 +0300] "GET /etc/passwd HTTP/1.1" 404 789 "-" "Mozilla/5.0 ...
show more
162.158.210.36 - - [26/Jun/2026:00:42:43 +0300] "GET /etc/passwd HTTP/1.1" 404 789 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
162.158.210.36 - - [26/Jun/2026:00:42:43 +0300] "GET /etc/passwd HTTP/1.1" 404 767 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-06-21 14:09:36
(3 weeks ago)
Web App Attack
Brute-Force
Exploited Host
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-06-18 15:32:33
(3 weeks ago)
(mod_security) mod_security (id:210730) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210730) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jun 18 11:32:29.614814 2026] [security2:error] [pid 2900:tid 2900] [client 162.158.210.36:14240] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||davidocchino.com|F|2"] [data ".ini"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "davidocchino.com"] [uri "/tox.ini"] [unique_id "ajQPjXLcK8CrEby3ULaGAAAAAAg"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ฆ
URAN Publishing Service
2026-06-18 06:59:19
(4 weeks ago)
162.158.210.36 - - [18/Jun/2026:09:59:15 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 ...
show more
162.158.210.36 - - [18/Jun/2026:09:59:15 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
162.158.210.36 - - [18/Jun/2026:09:59:17 +0300] "GET /etc/passwd HTTP/1.1" 404 761 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
Anonymous
2026-04-16 13:00:02
(2 months ago)
| Multiple common web attacks from same source ip. (multiple servers)
Web App Attack
Hacking
SQL Injection
๐ฉ๐ช
Blexyel
2026-04-11 09:02:07
(3 months ago)
162.158.210.36 - - [11/Apr/2026:09:02:02 +0000] "GET /.git/config HTTP/1.1" 404 13 "-" "Mozilla/5.0 ...
show more
162.158.210.36 - - [11/Apr/2026:09:02:02 +0000] "GET /.git/config HTTP/1.1" 404 13 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-14 01:48:54
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 20:48:47.922127 2026] [security2:error] [pid 18475:tid 18475] [client 162.158.210.36:12412] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.barbaraehill.com"] [uri "/.git/HEAD"] [unique_id "aY_UfwrdadcFUZlatC2B6gAAACU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-02-13 19:57:13
(5 months ago)
(mod_security) mod_security (id:210492) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Por ...
show more
(mod_security) mod_security (id:210492) triggered by 162.158.210.36 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Feb 13 14:57:08.321642 2026] [security2:error] [pid 3351775:tid 3351775] [client 162.158.210.36:10516] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "compassionfatigue.org"] [uri "/.env"] [unique_id "aY-CFJ-8hokora0E1W2vCQAAABQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
octageeks.com
2026-02-04 05:06:31
(5 months ago)
Wordpress malicious attack:[octablocked]
Web App Attack
๐ซ๐ท
IRISIO
2026-02-02 09:36:37
(5 months ago)
scans/SQL injection/spam posts : 2 queries
SQL Injection
Web App Attack