๐ฆ๐บ
paulshipley.com.au
2026-07-15 08:52:34
(13 hours ago)
[Wed Jul 15 18:52:33.712883 2026] [security2:error] [pid 337474] [client 157.52.122.32:8630] [client ...
show more
[Wed Jul 15 18:52:33.712883 2026] [security2:error] [pid 337474] [client 157.52.122.32:8630] [client 157.52.122.32] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "furst.com.au"] [uri "/.git/HEAD"] [unique_id "aldKUYtwdqNrVpgktbtOfAAAAAU"]
...
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-15 02:51:39
(19 hours ago)
[Wed Jul 15 12:51:38.083662 2026] [security2:error] [pid 326627] [client 157.52.122.32:23572] [clien ...
show more
[Wed Jul 15 12:51:38.083662 2026] [security2:error] [pid 326627] [client 157.52.122.32:23572] [client 157.52.122.32] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/.git/config"] [unique_id "alb1unH7uRgCwzvIEt40tgAAABA"]
...
show less
Web App Attack
๐ฆ๐บ
2000cn.com.au
2026-07-15 02:48:48
(19 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-sensitive-files
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-14 00:59:07
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:59:01.864309 2026] [security2:error] [pid 2262:tid 2262] [client 157.52.122.32:28360] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "mail.lozzy.net"] [uri "/.git/config"] [unique_id "alWJ1XfodbUrjiQbVKQ4_AAAABc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 00:06:41
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:06:36.507251 2026] [security2:error] [pid 6316:tid 6316] [client 157.52.122.32:47230] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "autodiscover.numbulary.org"] [uri "/.git/HEAD"] [unique_id "alV9jIRSQIPlnCSUi7LZFwAAAAQ"]
show less
Brute-Force
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 22:43:46
(1 day ago)
Sensitive file access attempt
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-13 21:10:18
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 17:10:13.777529 2026] [security2:error] [pid 20612:tid 20612] [client 157.52.122.32:21034] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "120"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "www.chicamaecosina.michaelsabbey.org"] [uri "/.git/config"] [unique_id "alVUNYIfAhSxG5VD3LOhhwAAAAc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
nyt
2026-07-13 20:48:28
(2 days ago)
Sensitive File Probe, Request for .git directory, potential information disclosure.
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 20:35:54
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 16:35:51.328078 2026] [security2:error] [pid 21754:tid 21754] [client 157.52.122.32:37576] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.bacona.org"] [uri "/.git/config"] [unique_id "alVMJ96OfjctlCZm8gS4iAAAAAU"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-13 18:54:07
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 157.52.122.32 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 14:53:59.812621 2026] [security2:error] [pid 12975:tid 12975] [client 157.52.122.32:32666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "webmail.jeffj.net"] [uri "/.git/config"] [unique_id "alU0R2tMqP11elfiFh1VVQAAAAA"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
Donovan
2026-07-13 17:15:02
(2 days ago)
Web scan/exploit blocked by fail2ban on commitshift.fr - jail: npm-scan - 1 attempt(s)
Web App Attack
Anonymous
2026-07-13 05:52:42
(2 days ago)
157.52.122.32 - - [13/Jul/2026:07:52:36 +0200] "GET /.git/config HTTP/1.1" 403 146 "-" "git/2.39.2"
...
show more
157.52.122.32 - - [13/Jul/2026:07:52:36 +0200] "GET /.git/config HTTP/1.1" 403 146 "-" "git/2.39.2"
...
show less
Web App Attack
๐ฌ๐ง
consul.to
2026-07-13 02:19:58
(2 days ago)
Web attack/malicious scanning detected
Web App Attack
๐ง๐ช
voormedia
2026-07-13 01:58:22
(2 days ago)
Accessed trap at '/.git/HEAD'
Web App Attack
๐ฌ๐ง
Axel
2026-07-13 00:04:09
(2 days ago)
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Se ...
show more
Blocked by ModSecurity. Rule ID: 210492 Message: None Phase: 1 Severity: CRITICAL URI: /.git/HEAD Server: UK-01
show less
Web App Attack
Hacking
SQL Injection