π©πͺ
51.195.39.149
53 seconds ago
levellapromotions.co.nz:443 51.195.39.149 - - [17/Jul/2026:03:43:46 +1000] "GET /wp-content/plugins/ ...
show more
levellapromotions.co.nz:443 51.195.39.149 - - [17/Jul/2026:03:43:46 +1000] "GET /wp-content/plugins/fancy-elementor-gallery-box/assets/js/fancy-elementor-flipbox.js HTTP/1.1" 404 110687 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36"
...
show less
Web App Attack
πΉπ³
196.176.58.242
6 minutes ago
[Fri Jul 17 03:38:20.097986 2026] [security2:error] [pid 533710] [client 196.176.58.242:40158] [clie ...
show more
[Fri Jul 17 03:38:20.097986 2026] [security2:error] [pid 533710] [client 196.176.58.242:40158] [client 196.176.58.242] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/wp-config.php_bac"] [unique_id "alkXDN4yX4ry-mXZXIgnsgAAAAA"]
...
show less
Web App Attack
π―π΅
108.160.128.179
10 minutes ago
[Fri Jul 17 03:34:01.882509 2026] [security2:error] [pid 528434] [client 108.160.128.179:43154] [cli ...
show more
[Fri Jul 17 03:34:01.882509 2026] [security2:error] [pid 528434] [client 108.160.128.179:43154] [client 108.160.128.179] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "stkildashule.org.au"] [uri "/"] [unique_id "alkWCZjhBSBcas-TDhyUHwAAAAE"]
...
show less
Web App Attack
π»πͺ
82.86.102.86
12 minutes ago
[Fri Jul 17 03:31:54.120590 2026] [security2:error] [pid 515675] [client 82.86.102.86:62078] [client ...
show more
[Fri Jul 17 03:31:54.120590 2026] [security2:error] [pid 515675] [client 82.86.102.86:62078] [client 82.86.102.86] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "rjryanpartners.com.au"] [uri "/wp-config.php_bac"] [unique_id "alkViixQHNm_TibRt16kkgAAAAM"]
...
show less
Web App Attack
πΈπ¬
104.28.160.165
14 minutes ago
dance4fitness.com.au:443 104.28.160.165 - - [17/Jul/2026:03:30:35 +1000] "GET /?author=1 HTTP/1.1" 4 ...
show more
dance4fitness.com.au:443 104.28.160.165 - - [17/Jul/2026:03:30:35 +1000] "GET /?author=1 HTTP/1.1" 404 170176 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
π©πͺ
51.195.39.149
16 minutes ago
iaki.com.au:443 51.195.39.149 - - [17/Jul/2026:03:28:07 +1000] "GET /wp-content/plugins/fancy-elemen ...
show more
iaki.com.au:443 51.195.39.149 - - [17/Jul/2026:03:28:07 +1000] "GET /wp-content/plugins/fancy-elementor-gallery-box/assets/js/fancy-elementor-flipbox.js HTTP/1.1" 404 62911 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/149.0.0.0 Safari/537.36"
...
show less
Web App Attack
π§π·
186.249.144.108
20 minutes ago
[Fri Jul 17 03:23:44.793778 2026] [security2:error] [pid 523666] [client 186.249.144.108:49441] [cli ...
show more
[Fri Jul 17 03:23:44.793778 2026] [security2:error] [pid 523666] [client 186.249.144.108:49441] [client 186.249.144.108] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/wp-config.php_bac"] [unique_id "alkToPIMdV4iV34CvdPvxgAAAAc"]
...
show less
Web App Attack
π²πΎ
113.210.105.157
24 minutes ago
[Fri Jul 17 03:20:16.031322 2026] [security2:error] [pid 532266] [client 113.210.105.157:62259] [cli ...
show more
[Fri Jul 17 03:20:16.031322 2026] [security2:error] [pid 532266] [client 113.210.105.157:62259] [client 113.210.105.157] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "iaki.com.au"] [uri "/wp-config.php_bac"] [unique_id "alkS0LVCL7YB1Q-wCmVliwAAAAA"]
...
show less
Web App Attack
πΊπΈ
23.94.74.4
24 minutes ago
angleseaarthouse.com.au:443 23.94.74.4 - - [17/Jul/2026:03:19:54 +1000] "GET /?author=1 HTTP/1.1" 40 ...
show more
angleseaarthouse.com.au:443 23.94.74.4 - - [17/Jul/2026:03:19:54 +1000] "GET /?author=1 HTTP/1.1" 404 184616 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36"
...
show less
Web App Attack
πΊπΈ
152.232.53.99
30 minutes ago
[Fri Jul 17 03:14:12.857813 2026] [security2:error] [pid 537154] [client 152.232.53.99:40174] [clien ...
show more
[Fri Jul 17 03:14:12.857813 2026] [security2:error] [pid 537154] [client 152.232.53.99:40174] [client 152.232.53.99] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/xmlrpc.php"] [unique_id "alkRZPxhTfleQBYmJPRxpwAAABA"], referer: https://paulshipley.com.au/xmlrpc.php?rsd
...
show less
Web App Attack
πΊπΈ
152.232.53.119
30 minutes ago
[Fri Jul 17 03:14:12.208431 2026] [security2:error] [pid 537163] [client 152.232.53.119:60063] [clie ...
show more
[Fri Jul 17 03:14:12.208431 2026] [security2:error] [pid 537163] [client 152.232.53.119:60063] [client 152.232.53.119] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/xmlrpc.php"] [unique_id "alkRZNy20MBzxmaU5pxGrAAAABM"], referer: https://paulshipley.com.au/xmlrpc.php?rsd
...
show less
Web App Attack
πΊπΈ
192.241.65.118
30 minutes ago
[Fri Jul 17 03:14:11.658402 2026] [security2:error] [pid 536677] [client 192.241.65.118:59200] [clie ...
show more
[Fri Jul 17 03:14:11.658402 2026] [security2:error] [pid 536677] [client 192.241.65.118:59200] [client 192.241.65.118] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/xmlrpc.php"] [unique_id "alkRY0zDNkwFCQjtiTNz9gAAAAk"], referer: https://paulshipley.com.au/xmlrpc.php?rsd
...
show less
Web App Attack
πΊπΈ
23.236.236.82
30 minutes ago
[Fri Jul 17 03:14:10.796688 2026] [security2:error] [pid 537161] [client 23.236.236.82:56727] [clien ...
show more
[Fri Jul 17 03:14:10.796688 2026] [security2:error] [pid 537161] [client 23.236.236.82:56727] [client 23.236.236.82] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.com.au"] [uri "/xmlrpc.php"] [unique_id "alkRYoYTR2fgfKJIacpqnAAAABE"], referer: https://paulshipley.com.au/xmlrpc.php?rsd
...
show less
Web App Attack
ππ°
8.212.3.158
30 minutes ago
[Fri Jul 17 03:13:52.131394 2026] [security2:error] [pid 525920] [client 8.212.3.158:45280] [client ...
show more
[Fri Jul 17 03:13:52.131394 2026] [security2:error] [pid 525920] [client 8.212.3.158:45280] [client 8.212.3.158] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "valueaddedpromotions.com.au"] [uri "/wp-content/uploads/2024/12/cropped-TheLevellaGroup_VAP_icon-192x192.png"] [unique_id "alkRUNN1jXqaVZwm-0qfiQAAAAg"]
...
show less
Web App Attack
πΈπͺ
193.31.126.126
34 minutes ago
[Fri Jul 17 03:10:23.182526 2026] [security2:error] [pid 515456] [client 193.31.126.126:30281] [clie ...
show more
[Fri Jul 17 03:10:23.182526 2026] [security2:error] [pid 515456] [client 193.31.126.126:30281] [client 193.31.126.126] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "winesbydesign.com.au"] [uri "/xmlrpc.php"] [unique_id "alkQfzNyTOmG2VG9Jc4sGQAAACo"]
...
show less
Web App Attack
πΈπ¬
23.98.66.17
36 minutes ago
paulshipley.id.au:443 23.98.66.17 - - [17/Jul/2026:03:08:30 +1000] "GET /admin.php HTTP/1.1" 404 775 ...
show more
paulshipley.id.au:443 23.98.66.17 - - [17/Jul/2026:03:08:30 +1000] "GET /admin.php HTTP/1.1" 404 77542 "-" "-"
...
show less
Web App Attack
π»π³
103.82.27.41
46 minutes ago
[Fri Jul 17 02:57:57.413514 2026] [security2:error] [pid 534473] [client 103.82.27.41:62219] [client ...
show more
[Fri Jul 17 02:57:57.413514 2026] [security2:error] [pid 534473] [client 103.82.27.41:62219] [client 103.82.27.41] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "paulshipley.id.au"] [uri "/index.php"] [unique_id "alkNlbQ1jVf1N3MLMRqOfAAAAAA"]
...
show less
Web App Attack
πΊπΈ
35.91.131.50
50 minutes ago
[Fri Jul 17 02:54:42.133744 2026] [security2:error] [pid 531954] [client 35.91.131.50:48452] [client ...
show more
[Fri Jul 17 02:54:42.133744 2026] [security2:error] [pid 531954] [client 35.91.131.50:48452] [client 35.91.131.50] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "indigi-print-merch.com.au"] [uri "/"] [unique_id "alkM0iJmuHes2Kcjw-12jwAAAAY"]
...
show less
Web App Attack
π³π±
5.157.27.109
54 minutes ago
[Fri Jul 17 02:49:44.103238 2026] [security2:error] [pid 531966] [client 5.157.27.109:49961] [client ...
show more
[Fri Jul 17 02:49:44.103238 2026] [security2:error] [pid 531966] [client 5.157.27.109:49961] [client 5.157.27.109] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "alkLqOOvnUuV090xzESKSwAAAAI"], referer: https://levellapromotions.com.au/the-gist-of-gifts-promotional-products-ideas-that-will-surely-work/
...
show less
Web App Attack
πΊπΈ
131.108.18.189
54 minutes ago
[Fri Jul 17 02:49:42.986460 2026] [security2:error] [pid 532266] [client 131.108.18.189:49718] [clie ...
show more
[Fri Jul 17 02:49:42.986460 2026] [security2:error] [pid 532266] [client 131.108.18.189:49718] [client 131.108.18.189] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "alkLprVCL7YB1Q-wCmVlZwAAAAA"], referer: https://levellapromotions.com.au/the-gist-of-gifts-promotional-products-ideas-that-will-surely-work/
...
show less
Web App Attack
π¬π§
109.230.220.243
55 minutes ago
[Fri Jul 17 02:49:41.879224 2026] [security2:error] [pid 527386] [client 109.230.220.243:47994] [cli ...
show more
[Fri Jul 17 02:49:41.879224 2026] [security2:error] [pid 527386] [client 109.230.220.243:47994] [client 109.230.220.243] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "alkLpWy7iCR4IW6AS4y5zQAAAA8"], referer: https://levellapromotions.com.au/the-gist-of-gifts-promotional-products-ideas-that-will-surely-work/
...
show less
Web App Attack
πΊπΈ
131.108.18.146
55 minutes ago
[Fri Jul 17 02:49:40.776522 2026] [security2:error] [pid 531534] [client 131.108.18.146:37679] [clie ...
show more
[Fri Jul 17 02:49:40.776522 2026] [security2:error] [pid 531534] [client 131.108.18.146:37679] [client 131.108.18.146] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/etc/modsecurity/crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "94"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [severity "CRITICAL"] [ver "OWASP_CRS/3.3.4"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "levellapromotions.com.au"] [uri "/xmlrpc.php"] [unique_id "alkLpEu6b51h9QY0wp5cBQAAAAU"], referer: https://levellapromotions.com.au/the-gist-of-gifts-promotional-products-ideas-that-will-surely-work/
...
show less
Web App Attack
π¨π¦
20.104.96.117
1 hour ago
ccideas.com.au:443 20.104.96.117 - - [17/Jul/2026:02:25:38 +1000] "GET /ip.php HTTP/1.1" 404 89711 " ...
show more
ccideas.com.au:443 20.104.96.117 - - [17/Jul/2026:02:25:38 +1000] "GET /ip.php HTTP/1.1" 404 89711 "-" "-"
...
show less
Web App Attack
πΊπΈ
35.84.117.23
1 hour ago
levellapromotions.com.au:443 35.84.117.23 - - [17/Jul/2026:02:25:08 +1000] "GET /404javascript.js HT ...
show more
levellapromotions.com.au:443 35.84.117.23 - - [17/Jul/2026:02:25:08 +1000] "GET /404javascript.js HTTP/1.1" 404 130819 "http://www.google.com/url/?sa=t" "Mozilla/5.0 (compatible; MSIE 8.0; MSIE 9.0; Windows NT 6.0; Trident/4.0; InfoPath.1; SV1; .NET CLR 3.8.36217; WOW64; en-US)"
...
show less
Web App Attack
π¨π³
221.225.20.160
1 hour ago
2026-07-17T02:14:06.780361+10:00 ip-172-26-1-65 sshd[532039]: error: maximum authentication attempts ...
show more
2026-07-17T02:14:06.780361+10:00 ip-172-26-1-65 sshd[532039]: error: maximum authentication attempts exceeded for root from 221.225.20.160 port 11077 ssh2 [preauth]
2026-07-17T02:14:13.375398+10:00 ip-172-26-1-65 sshd[532083]: error: maximum authentication attempts exceeded for root from 221.225.20.160 port 11125 ssh2 [preauth]
2026-07-17T02:14:17.931002+10:00 ip-172-26-1-65 sshd[532085]: error: maximum authentication attempts exceeded for root from 221.225.20.160 port 11183 ssh2 [preauth]
...
show less
Brute-Force
SSH