π¦πΊ
paulshipley.com.au
2026-06-21 14:44:18
(10 hours ago)
[Mon Jun 22 00:44:17.602751 2026] [security2:error] [pid 922099] [client 8.217.190.34:32757] [client ...
show more
[Mon Jun 22 00:44:17.602751 2026] [security2:error] [pid 922099] [client 8.217.190.34:32757] [client 8.217.190.34] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "winesbydesign.com.au"] [uri "/product/timber-box/"] [unique_id "ajf4wT-A7AGrGzR3tUPYNgAAAAE"]
...
show less
Web App Attack
πΊπΈ
TPI-Abuse
2026-06-21 13:18:29
(12 hours ago)
(mod_security) mod_security (id:210730) triggered by 8.217.190.34 (-): 1 in the last 300 secs; Ports ...
show more
(mod_security) mod_security (id:210730) triggered by 8.217.190.34 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Sun Jun 21 09:18:22.005768 2026] [security2:error] [pid 16665:tid 16665] [client 8.217.190.34:51172] ModSecurity: Access denied with code 403 (phase 2). Match of "pmFromFile userdata_wl_extensions" against "TX:extension" required. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/10_HTTP_HTTP.conf"] [line "27"] [id "210730"] [rev "5"] [msg "COMODO WAF: URL file extension is restricted by policy||www.et.lobibilisim.com|F|2"] [data ".bat"] [severity "CRITICAL"] [tag "CWAF"] [tag "HTTP"] [hostname "www.et.lobibilisim.com"] [uri "/vendor/bin/php-parse.bat"] [unique_id "ajfknVv2JPJUz8AJA1tPkQAAAAs"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π¦πΊ
paulshipley.com.au
2026-06-14 12:22:21
(1 week ago)
[Sun Jun 14 22:22:20.502762 2026] [security2:error] [pid 922521] [client 8.217.190.34:33799] [client ...
show more
[Sun Jun 14 22:22:20.502762 2026] [security2:error] [pid 922521] [client 8.217.190.34:33799] [client 8.217.190.34] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/product-category/clothing-and-uniforms/office-attire/womens/"] [unique_id "ai6c_HeD_IZhlcvoU-TG4wAAAAE"]
...
show less
Web App Attack
π¦πΊ
paulshipley.com.au
2026-06-13 12:27:13
(1 week ago)
[Sat Jun 13 22:27:12.513833 2026] [security2:error] [pid 788465] [client 8.217.190.34:60962] [client ...
show more
[Sat Jun 13 22:27:12.513833 2026] [security2:error] [pid 788465] [client 8.217.190.34:60962] [client 8.217.190.34] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/product/water-proof-bullet-flash-drive-product-code-pcubul/"] [unique_id "ai1MoNkti_HL8N_IFz5uDgAAAAc"]
...
show less
Web App Attack
π¨π
4server
2026-06-08 05:34:51
(1 week ago)
[MonJun0807:34:45.3546132026][security2:error][pid2721140:tid2721833][client8.217.190.34:0]ModSecuri ...
show more
[MonJun0807:34:45.3546132026][security2:error][pid2721140:tid2721833][client8.217.190.34:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:aliyunsecbot\|dirbuster\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"75\"][id\"338803\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedmaliciousagent\"][severity\"ERROR\"][hostname\"www.swisservers.com\"][uri\"/tag/commerce/\"][unique_id\"aiZUdfm0u2b1iVMUGYyRxgAAAMM\"]
show less
Hacking
Web App Attack
π©πͺ
filstal.org
2026-06-05 16:30:17
(2 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot
π©πͺ
filstal.org
2026-06-04 08:51:40
(2 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot
π©πͺ
filstal.org
2026-06-03 08:11:45
(2 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot
π«π·
bigorre.org
2026-06-01 16:31:29
(2 weeks ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
π«π·
bigorre.org
2026-05-31 10:10:40
(3 weeks ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
π¨π
4server
2026-05-30 01:41:58
(3 weeks ago)
[SatMay3003:41:51.5338582026][security2:error][pid152357:tid152540][client8.217.190.34:0]ModSecurity ...
show more
[SatMay3003:41:51.5338582026][security2:error][pid152357:tid152540][client8.217.190.34:0]ModSecurity:Accessdeniedwithcode403\(phase2\).Patternmatch\"\(\?:aliyunsecbot\|dirbuster\)\"atREQUEST_HEADERS:User-Agent.[file\"/etc/apache2/conf.d/modsec_rules/20_asl_useragents.conf\"][line\"75\"][id\"338803\"][rev\"1\"][msg\"Atomicorp.comWAFRules:Blockedmaliciousagent\"][severity\"ERROR\"][hostname\"avvnicolaurbani.ch\"][uri\"/robots.txt\"][unique_id\"ahpAX6smN5C0Id0qAivUqAAAAIw\"]
show less
Hacking
Web App Attack
π«π·
bigorre.org
2026-05-29 10:26:38
(3 weeks ago)
Unidentified crawling: not a self-announced bot in user-agent
Bad Web Bot
π¦πΊ
paulshipley.com.au
2026-05-27 11:47:02
(3 weeks ago)
[Wed May 27 21:47:02.500635 2026] [security2:error] [pid 435041] [client 8.217.190.34:63931] [client ...
show more
[Wed May 27 21:47:02.500635 2026] [security2:error] [pid 435041] [client 8.217.190.34:63931] [client 8.217.190.34] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/product/altura-lapel-pin-round-tc-110908/"] [unique_id "ahbZtj1A8QKwVnwUK6WS8wAAAA4"]
...
show less
Web App Attack
π©πͺ
filstal.org
2026-05-27 03:10:36
(3 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot
π©πͺ
filstal.org
2026-05-25 16:00:08
(3 weeks ago)
Unauthorized web crawling by known aggressive crawler or data harvesting bot detected by Fail2Ban
Bad Web Bot