π©πͺ
pltcldvlpr
2026-06-27 08:07:16
(3 days ago)
Bogus Useragent: 52.161.82.82 - - [27/Jun/2026:10:07:16 +0200] "GET /nodeinfo/2.0 HTTP/2.0" 200 295 ...
show more
Bogus Useragent: 52.161.82.82 - - [27/Jun/2026:10:07:16 +0200] "GET /nodeinfo/2.0 HTTP/2.0" 200 295 "-" "curl/8.5.0" asn=8075 org="Microsoft Corporation" country=US
...
show less
Bad Web Bot
π·πΊ
Andrey I
2026-06-14 07:48:00
(2 weeks ago)
port scan
Port Scan
Anonymous
2026-06-13 12:28:11
(2 weeks ago)
Unauthorized connection attempt
Port Scan
Hacking
Exploited Host
πΊπΈ
TPI-Abuse
2026-05-27 00:22:02
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 20:21:57.145433 2026] [security2:error] [pid 32019:tid 32019] [client 52.161.82.82:11595] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "txcoverage.com"] [uri "/.env"] [unique_id "ahY5JUY63-ah5Bth93E-hAAAAAw"], referer: https://news.ycombinator.com/
show less
Brute-Force
Bad Web Bot
Web App Attack
πΊπΈ
TPI-Abuse
2026-05-26 22:54:41
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 18:54:36.455489 2026] [security2:error] [pid 15224:tid 15224] [client 52.161.82.82:12680] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "thinkingepic.com"] [uri "/.env"] [unique_id "ahYkrOSNgEu8w34gNr31egAAAAo"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π§πͺ
cmbplf
2026-05-26 22:40:11
(1 month ago)
130 requests with url.path */@fs/*
Brute-Force
Bad Web Bot
πΊπΈ
TPI-Abuse
2026-05-26 20:18:29
(1 month ago)
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210492) triggered by 52.161.82.82 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue May 26 16:18:22.227260 2026] [security2:error] [pid 19103:tid 19103] [client 52.161.82.82:11528] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.env" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "hl-re.com"] [uri "/.env"] [unique_id "ahYADhbJx6iulAY85F5PEgAAAA8"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π©πͺ
2048
2026-05-23 13:47:26
(1 month ago)
2026-05-23T15:47:20.117116+02:00 machodeer kernel: [2251957.488443] [UFW BLOCK] IN=ens3 OUT= MAC=RED ...
show more
2026-05-23T15:47:20.117116+02:00 machodeer kernel: [2251957.488443] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=17714 DF PROTO=TCP SPT=42021 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
2026-05-23T15:47:24.643056+02:00 machodeer kernel: [2251962.014162] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=62929 DF PROTO=TCP SPT=42007 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
2026-05-23T15:47:25.667118+02:00 machodeer kernel: [2251963.038215] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=62930 DF PROTO=TCP SPT=42007 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
show less
Port Scan
π©πͺ
2048
2026-04-10 07:21:30
(2 months ago)
2026-04-10T08:21:27.375943+01:00 machodeer kernel: [4062507.148051] [UFW BLOCK] IN=ens3 OUT= MAC=RED ...
show more
2026-04-10T08:21:27.375943+01:00 machodeer kernel: [4062507.148051] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=38692 DF PROTO=TCP SPT=42048 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
2026-04-10T08:21:28.426018+01:00 machodeer kernel: [4062508.198405] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=38693 DF PROTO=TCP SPT=42048 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
2026-04-10T08:21:29.449982+01:00 machodeer kernel: [4062509.221546] [UFW BLOCK] IN=ens3 OUT= MAC=REDACTED SRC=52.161.82.82 DST=REDACTED LEN=60 TOS=0x00 PREC=0x00 TTL=41 ID=38694 DF PROTO=TCP SPT=42048 DPT=443 WINDOW=64240 RES=0x00 SYN URGP=0
show less
Port Scan
π¨π³
ThreatBook.io
2026-03-21 22:54:46
(3 months ago)
ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/52.161.82.82
2026-0 ...
show more
ThreatBook Intelligence: Zombie,Scanner more details on https://threatbook.io/ip/52.161.82.82
2026-03-21 17:44:33 ["hostname"]
2026-03-21 17:47:57 ["ps aux | head -10"]
2026-03-21 17:42:52 ["hostname"]
2026-03-21 17:47:35 ["ps aux | head -10"]
2026-03-21 17:43:08 ["hostname"]
2026-03-21 17:43:36 ["ps aux | head -10"]
2026-03-21 17:46:20 ["netstat -tulpn | head -10"]
2026-03-21 17:47:38 ["ps aux | head -10"]
show less
Brute-Force
πΈπ¬
sh97
2026-03-21 09:43:24
(3 months ago)
SG04-KR: SSH Brute Force from 52.161.82.82 at 2026-03-21 15:13:23 IST
Brute-Force
SSH
πΈπ¬
tommygod.ddns.net
2026-03-21 09:43:24
(3 months ago)
2026-03-21T09:42:56.830675+00:00 mailtommygod sshd[4160581]: Failed password for root from 52.161.82 ...
show more
2026-03-21T09:42:56.830675+00:00 mailtommygod sshd[4160581]: Failed password for root from 52.161.82.82 port 56449 ssh2
2026-03-21T09:43:09.312400+00:00 mailtommygod sshd[4160636]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.161.82.82 user=root
2026-03-21T09:43:11.387297+00:00 mailtommygod sshd[4160636]: Failed password for root from 52.161.82.82 port 56449 ssh2
2026-03-21T09:43:22.092756+00:00 mailtommygod sshd[4160657]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=52.161.82.82 user=root
2026-03-21T09:43:23.952184+00:00 mailtommygod sshd[4160657]: Failed password for root from 52.161.82.82 port 56450 ssh2
show less
Brute-Force
SSH
π―π΅
jay hung
2026-02-22 15:09:13
(4 months ago)
2026-02-22T15:09:10.534607+00:00 quarktech kernel: [701716.368341] [UFW BLOCK] IN=eth0 OUT= MAC=22:0 ...
show more
2026-02-22T15:09:10.534607+00:00 quarktech kernel: [701716.368341] [UFW BLOCK] IN=eth0 OUT= MAC=22:00:92:2e:84:93:fe:ff:ff:ff:ff:ff:08:00 SRC=52.161.82.82 DST=172.237.29.33 LEN=40 TOS=0x00 PREC=0x00 TTL=106 ID=1 DF PROTO=TCP SPT=42001 DPT=443 WINDOW=0 RES=0x00 ACK RST URGP=0
...
show less
Port Scan
πΊπΈ
Rayulcifer
2026-02-22 10:53:56
(4 months ago)
52.161.82.82 - - [22/Feb/2026:05:53:48 -0500] "CONNECT control.kocheng.biz.id:443:443 HTTP/1.1" 400 ...
show more
52.161.82.82 - - [22/Feb/2026:05:53:48 -0500] "CONNECT control.kocheng.biz.id:443:443 HTTP/1.1" 400 392 "-" "-"
52.161.82.82 - - [22/Feb/2026:05:53:56 -0500] "CONNECT control.kocheng.biz.id:443:443 HTTP/1.1" 400 392 "-" "-"
...
show less
Open Proxy
Port Scan
Hacking
Web App Attack
SSH
π¬π§
OptimusGO
2026-02-03 09:37:14
(4 months ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-02-03 09:37:14 UTC
Log evidence:
02/03/2026-09:36:52.557563 [**] [1:1000101:2] SECURITY Port Scan Detected - Multiple Unauthorized Ports [**] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 52.161.82.82:1040 -> 185.127.18.66:22
02/03/2026-09:36:56.589538 [wDrop] [**] [1:1000002:1] SECURITY SSH Port Scanner Blocked [**] [Classification: Attempted Information Leak] [Priority: 1] {TCP} 52.161.82.82:1040 -> 185.127.18.66:22
show less
Port Scan
Brute-Force