|
๐น๐ท
94.154.43.179
|
|
[Sat Jul 18 11:47:26.627423 2026] [security2:error] [pid 717211] [client 94.154.43.179:46790] [clien ...
show more
[Sat Jul 18 11:47:26.627423 2026] [security2:error] [pid 717211] [client 94.154.43.179:46790] [client 94.154.43.179] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.env"] [unique_id "alrbLr0T8mbPSeaXpSYZ4wAAAAQ"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.229
|
|
[Sat Jul 18 11:46:40.459096 2026] [security2:error] [pid 718641] [client 94.154.43.229:42466] [clien ...
show more
[Sat Jul 18 11:46:40.459096 2026] [security2:error] [pid 718641] [client 94.154.43.229:42466] [client 94.154.43.229] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "rjryanpartners.com.au"] [uri "/.env"] [unique_id "alrbAAkjCDfKE8jl1PoIGAAAACc"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.187
|
|
[Sat Jul 18 11:46:32.071054 2026] [security2:error] [pid 718608] [client 94.154.43.187:19110] [clien ...
show more
[Sat Jul 18 11:46:32.071054 2026] [security2:error] [pid 718608] [client 94.154.43.187:19110] [client 94.154.43.187] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.env"] [unique_id "alra-MiH4SGvc7WcINlEdgAAAAc"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.184
|
|
[Sat Jul 18 11:46:31.653644 2026] [security2:error] [pid 721469] [client 94.154.43.184:58408] [clien ...
show more
[Sat Jul 18 11:46:31.653644 2026] [security2:error] [pid 721469] [client 94.154.43.184:58408] [client 94.154.43.184] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "shotbysuzanne.com.au"] [uri "/.env"] [unique_id "alra9wXjF1fulWuk7rczgwAAAAk"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.178
|
|
[Sat Jul 18 11:46:31.225615 2026] [security2:error] [pid 717211] [client 94.154.43.178:17072] [clien ...
show more
[Sat Jul 18 11:46:31.225615 2026] [security2:error] [pid 717211] [client 94.154.43.178:17072] [client 94.154.43.178] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stkildashule.org.au"] [uri "/.env"] [unique_id "alra970T8mbPSeaXpSYZ4gAAAAQ"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.183
|
|
[Sat Jul 18 11:46:31.214583 2026] [security2:error] [pid 718613] [client 94.154.43.183:32230] [clien ...
show more
[Sat Jul 18 11:46:31.214583 2026] [security2:error] [pid 718613] [client 94.154.43.183:32230] [client 94.154.43.183] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/.env"] [unique_id "alra99vG1zy_VC_Uu0vDNQAAAA4"]
...
show less
|
Web App Attack
|
|
๐ธ๐ช
4.223.126.210
|
|
[Sat Jul 18 11:45:07.069103 2026] [security2:error] [pid 722820] [client 4.223.126.210:4312] [client ...
show more
[Sat Jul 18 11:45:07.069103 2026] [security2:error] [pid 722820] [client 4.223.126.210:4312] [client 4.223.126.210] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.id.au"] [uri "/wp-plain.php"] [unique_id "alrao-y_xPU1z4SyuNV6SgAAAAI"], referer: www.google.com
...
show less
|
Web App Attack
|
|
๐บ๐ธ
35.89.83.21
|
|
[Sat Jul 18 11:33:55.903690 2026] [security2:error] [pid 720423] [client 35.89.83.21:56604] [client ...
show more
[Sat Jul 18 11:33:55.903690 2026] [security2:error] [pid 720423] [client 35.89.83.21:56604] [client 35.89.83.21] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/"] [unique_id "alrYA2-m8sSpaAB0MBWowgAAAAo"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
35.232.117.26
|
|
levellapromotions.com.au:443 35.232.117.26 - - [18/Jul/2026:11:30:06 +1000] "HEAD /wp/ HTTP/1.1" 404 ...
show more
levellapromotions.com.au:443 35.232.117.26 - - [18/Jul/2026:11:30:06 +1000] "HEAD /wp/ HTTP/1.1" 404 770 "https://www.levellapromotions.com/wp/" "Mozilla/5.0 (Windows NT 11.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Edg/128.0.2790.25 Chrome/128.0.6540.22 Safari/537.36"
...
show less
|
Web App Attack
|
|
๐บ๐ธ
184.72.80.232
|
|
[Sat Jul 18 11:29:54.708070 2026] [security2:error] [pid 712943] [client 184.72.80.232:49316] [clien ...
show more
[Sat Jul 18 11:29:54.708070 2026] [security2:error] [pid 712943] [client 184.72.80.232:49316] [client 184.72.80.232] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 10)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.git/config"] [unique_id "alrXEkqvQW7xegMRyMNgNwAAAAg"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
31.57.147.199
|
|
[Sat Jul 18 11:29:52.404914 2026] [security2:error] [pid 720423] [client 31.57.147.199:52229] [clien ...
show more
[Sat Jul 18 11:29:52.404914 2026] [security2:error] [pid 720423] [client 31.57.147.199:52229] [client 31.57.147.199] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/"] [unique_id "alrXEG-m8sSpaAB0MBWovgAAAAo"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
162.243.195.121
|
|
[Sat Jul 18 11:29:33.666790 2026] [security2:error] [pid 718613] [client 162.243.195.121:39162] [cli ...
show more
[Sat Jul 18 11:29:33.666790 2026] [security2:error] [pid 718613] [client 162.243.195.121:39162] [client 162.243.195.121] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "winesbydesign.com.au"] [uri "/.env"] [unique_id "alrW_dvG1zy_VC_Uu0vDHwAAAA4"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.188
|
|
[Sat Jul 18 11:23:16.880965 2026] [security2:error] [pid 664195] [client 94.154.43.188:49718] [clien ...
show more
[Sat Jul 18 11:23:16.880965 2026] [security2:error] [pid 664195] [client 94.154.43.188:49718] [client 94.154.43.188] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "angleseaarthouse.com.au"] [uri "/.env"] [unique_id "alrVhJWhKvUKAumcOigq_QAAAAU"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.186
|
|
[Sat Jul 18 11:23:16.011872 2026] [security2:error] [pid 666201] [client 94.154.43.186:24028] [clien ...
show more
[Sat Jul 18 11:23:16.011872 2026] [security2:error] [pid 666201] [client 94.154.43.186:24028] [client 94.154.43.186] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "furst.com.au"] [uri "/.env"] [unique_id "alrVhAr4FRP2_6TaAciXaQAAAAA"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.229
|
|
[Sat Jul 18 11:23:15.948328 2026] [security2:error] [pid 654759] [client 94.154.43.229:57870] [clien ...
show more
[Sat Jul 18 11:23:15.948328 2026] [security2:error] [pid 654759] [client 94.154.43.229:57870] [client 94.154.43.229] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "talentaymerch.com.au"] [uri "/.env"] [unique_id "alrVg6tcH4XZ2iWOOcS5HgAAAAg"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.177
|
|
[Sat Jul 18 11:23:16.712756 2026] [security2:error] [pid 715741] [client 94.154.43.177:30902] [clien ...
show more
[Sat Jul 18 11:23:16.712756 2026] [security2:error] [pid 715741] [client 94.154.43.177:30902] [client 94.154.43.177] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.env"] [unique_id "alrVhNn2XLtmmskPt4wo3AAAAAM"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.178
|
|
[Sat Jul 18 11:23:15.788146 2026] [security2:error] [pid 663567] [client 94.154.43.178:27676] [clien ...
show more
[Sat Jul 18 11:23:15.788146 2026] [security2:error] [pid 663567] [client 94.154.43.178:27676] [client 94.154.43.178] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.co.nz"] [uri "/.env"] [unique_id "alrVgw2SsFGNu0iiOlFVzgAAAAo"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.184
|
|
[Sat Jul 18 11:23:15.763230 2026] [security2:error] [pid 678021] [client 94.154.43.184:54124] [clien ...
show more
[Sat Jul 18 11:23:15.763230 2026] [security2:error] [pid 678021] [client 94.154.43.184:54124] [client 94.154.43.184] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "bermanfamily.com.au"] [uri "/.env"] [unique_id "alrVg10sa58tSYFn3OJRAwAAAAc"]
...
show less
|
Web App Attack
|
|
๐น๐ท
94.154.43.179
|
|
[Sat Jul 18 11:23:16.449002 2026] [security2:error] [pid 720423] [client 94.154.43.179:46848] [clien ...
show more
[Sat Jul 18 11:23:16.449002 2026] [security2:error] [pid 720423] [client 94.154.43.179:46848] [client 94.154.43.179] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/.env"] [unique_id "alrVhG-m8sSpaAB0MBWotgAAAAo"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
54.173.205.211
|
|
[Sat Jul 18 11:19:02.824914 2026] [security2:error] [pid 717211] [client 54.173.205.211:47462] [clie ...
show more
[Sat Jul 18 11:19:02.824914 2026] [security2:error] [pid 717211] [client 54.173.205.211:47462] [client 54.173.205.211] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "balcomberetreat.com.au"] [uri "/.git/config"] [unique_id "alrUhr0T8mbPSeaXpSYZzAAAAAQ"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
8.234.50.113
|
|
rjryanpartners.com.au:443 8.234.50.113 - - [18/Jul/2026:11:16:31 +1000] "HEAD /wordpress/ HTTP/1.1" ...
show more
rjryanpartners.com.au:443 8.234.50.113 - - [18/Jul/2026:11:16:31 +1000] "HEAD /wordpress/ HTTP/1.1" 404 749 "https://rjryanpartners.com.au//wordpress/" "Mozilla/5.0 (Linux; Android 12; Redmi Note 11) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/123.0.6312.112 Mobile Safari/537.36"
...
show less
|
Web App Attack
|
|
๐บ๐ธ
34.222.45.120
|
|
[Sat Jul 18 11:13:44.636115 2026] [security2:error] [pid 717209] [client 34.222.45.120:60628] [clien ...
show more
[Sat Jul 18 11:13:44.636115 2026] [security2:error] [pid 717209] [client 34.222.45.120:60628] [client 34.222.45.120] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/"] [unique_id "alrTSGAXDqYSmfu0LnU2iAAAAAM"]
...
show less
|
Web App Attack
|
|
๐บ๐ธ
43.173.74.110
|
|
stkildashule.org.au:443 43.173.74.110 - - [18/Jul/2026:11:13:31 +1000] "GET /ip HTTP/1.1" 404 50978 ...
show more
stkildashule.org.au:443 43.173.74.110 - - [18/Jul/2026:11:13:31 +1000] "GET /ip HTTP/1.1" 404 50978 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
|
Web App Attack
|
|
๐ญ๐ฐ
43.154.7.124
|
|
stkildashule.org.au:443 43.154.7.124 - - [18/Jul/2026:11:13:29 +1000] "GET /ip HTTP/1.1" 404 50979 " ...
show more
stkildashule.org.au:443 43.154.7.124 - - [18/Jul/2026:11:13:29 +1000] "GET /ip HTTP/1.1" 404 50979 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
|
Web App Attack
|
|
๐บ๐ธ
43.173.76.89
|
|
stkildashule.org.au:443 43.173.76.89 - - [18/Jul/2026:11:13:23 +1000] "GET /ip HTTP/1.1" 404 50978 " ...
show more
stkildashule.org.au:443 43.173.76.89 - - [18/Jul/2026:11:13:23 +1000] "GET /ip HTTP/1.1" 404 50978 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36"
...
show less
|
Web App Attack
|