๐บ๐ธ
TPI-Abuse
2026-07-14 00:46:19
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:46:14.974283 2026] [security2:error] [pid 8178:tid 8178] [client 20.106.225.56:53410] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "newlife.org.au"] [uri "/.git/config"] [unique_id "alWG1q_HyA0AvXH2p-ZhpwAAACM"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
DrLex0
2026-07-14 00:08:15
(1 day ago)
Poking for git configs
20.106.225.56 443 - [14/Jul/2026:00:08:15 +0000] "GET /.git/config HTTP/1.1" ...
show more
Poking for git configs
20.106.225.56 443 - [14/Jul/2026:00:08:15 +0000] "GET /.git/config HTTP/1.1" 404 7460 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; WOW64; rv:41.0) Gecko/20100101 Firefox/140.0 (x64 de)"
show less
Brute-Force
Bad Web Bot
Web App Attack
๐บ๐ธ
TPI-Abuse
2026-07-14 00:05:52
(1 day ago)
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 20:05:45.081804 2026] [security2:error] [pid 20806:tid 20806] [client 20.106.225.56:44666] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "desertedge.band"] [uri "/.git/config"] [unique_id "alV9WbO0v5nMRCJRrRFT0AAAACs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ณ๐ฑ
ipoac.nl
2026-07-13 23:48:20
(1 day ago)
-:443 20.106.225.56 - - [14/Jul/2026:01:48:18 +0200] - "GET /.git/config HTTP/1.1" 404 60045 "-" "Mo ...
show more
-:443 20.106.225.56 - - [14/Jul/2026:01:48:18 +0200] - "GET /.git/config HTTP/1.1" 404 60045 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15"
show less
Bad Web Bot
๐ณ๐ฟ
Antinson
2026-07-13 21:47:34
(1 day ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐ฆ๐บ
Klaverstyn
2026-07-13 19:59:26
(2 days ago)
fail2ban jail nginx-forbidden
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-13 19:51:11
(2 days ago)
[Tue Jul 14 05:51:10.596906 2026] [security2:error] [pid 150119] [client 20.106.225.56:54050] [clien ...
show more
[Tue Jul 14 05:51:10.596906 2026] [security2:error] [pid 150119] [client 20.106.225.56:54050] [client 20.106.225.56] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "iaki.com.au"] [uri "/.git/config"] [unique_id "alVBrmajYmrwb7VhIHmAyQAAAAM"]
...
show less
Web App Attack
๐ง๐ช
cmbplf
2026-07-13 19:38:40
(2 days ago)
268 requests with url.path *.git/*
245 requests with url.path */.git/config
Brute-Force
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-13 19:22:24
(2 days ago)
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Port ...
show more
(mod_security) mod_security (id:210492) triggered by 20.106.225.56 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Mon Jul 13 15:22:16.025513 2026] [security2:error] [pid 9196:tid 9196] [client 20.106.225.56:33628] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "comsew.com.au"] [uri "/.git/config"] [unique_id "alU66Og1RrmavYw_ZTUIKwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-13 19:17:31
(2 days ago)
[Tue Jul 14 05:17:30.530008 2026] [security2:error] [pid 148195] [client 20.106.225.56:50664] [clien ...
show more
[Tue Jul 14 05:17:30.530008 2026] [security2:error] [pid 148195] [client 20.106.225.56:50664] [client 20.106.225.56] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "ccideas.com.au"] [uri "/.git/config"] [unique_id "alU5yiRXry8t8cHdVZXnqgAAAAY"]
...
show less
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-13 19:00:06
(2 days ago)
[Tue Jul 14 05:00:05.562091 2026] [security2:error] [pid 118162] [client 20.106.225.56:36176] [clien ...
show more
[Tue Jul 14 05:00:05.562091 2026] [security2:error] [pid 118162] [client 20.106.225.56:36176] [client 20.106.225.56] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "angleseaarthouse.com.au"] [uri "/.git/config"] [unique_id "alU1tcryEr2vRUiJD6LgYQAAAAY"]
...
show less
Web App Attack
Anonymous
2026-07-13 19:00:02
(2 days ago)
suspicious request in access.log
Web App Attack
๐บ๐ธ
daveoctober
2026-07-13 18:38:14
(2 days ago)
October Sentinel: honeypot triggered
Bad Web Bot
Web App Attack
๐ซ๐ฎ
inlink.ltd
2026-07-13 18:37:33
(2 days ago)
dot file probe
Web App Attack
๐ฆ๐บ
paulshipley.com.au
2026-07-13 18:31:29
(2 days ago)
[Tue Jul 14 04:31:27.984748 2026] [security2:error] [pid 112058] [client 20.106.225.56:41208] [clien ...
show more
[Tue Jul 14 04:31:27.984748 2026] [security2:error] [pid 112058] [client 20.106.225.56:41208] [client 20.106.225.56] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "talentaymerch.com.au"] [uri "/.git/config"] [unique_id "alUu_7nKHgeopDZKiFT37wAAAAQ"]
...
show less
Web App Attack