๐บ๐ธ
TPI-Abuse
2026-07-17 04:36:07
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherrys ...
show more
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherryservers.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:36:02.214382 2026] [security2:error] [pid 266119:tid 266119] [client 84.32.189.125:36530] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/gruntfile.js" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "keysenterprise.net"] [uri "/thesurfatcocoabeach/Gruntfile.js"] [unique_id "almxMjpcuQ6LnjMDrrMM0gAAABI"], referer: https://surfcb.org/Gruntfile.js
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-07-17 04:18:52
(2 hours ago)
F2B - Malicious activity detected. Too many 403. -8ff06ede-
Bad Web Bot
Web App Attack
๐ฉ๐ช
bescared
2026-07-17 04:18:00
(2 hours ago)
WAF (1) - URL probing.
Hacking
Bad Web Bot
Web App Attack
๐ซ๐ฎ
oh.mg
2026-07-17 04:04:06
(2 hours ago)
[Fri Jul 17 06:04:05.636084 2026] [security2:error] [pid 775225:tid 775244] [client 84.32.189.125:0] ...
show more
[Fri Jul 17 06:04:05.636084 2026] [security2:error] [pid 775225:tid 775244] [client 84.32.189.125:0] [client 84.32.189.125] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-evaluation"] [tag "OWASP_CRS"] [hostname "mmnto.org"] [uri "/Gruntfile.js"] [unique_id "almptc2xMbNzFA29DApu3QAAANE"]
[Fri Jul 17 06:04:06.235142 2026] [security2:error] [pid 775225:tid 775233] [client 84.32.189.125:0] [client 84.32.189.125] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:blocking_inbound_anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "233"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 5)"] [ver "OWASP_CRS/4.10.0-dev"] [tag "anomaly-
...
show less
Web App Attack
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-17 04:03:55
(2 hours ago)
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherrys ...
show more
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherryservers.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jul 17 00:03:51.272474 2026] [security2:error] [pid 10085:tid 10085] [client 84.32.189.125:39560] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "gerrytolentino.net"] [uri "/.git/HEAD"] [unique_id "almpp2E8CkYwbC2WmfqdggAAAAI"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ซ๐ท
bazter.pro
2026-07-17 04:03:10
(2 hours ago)
Fail2Ban: plesk-bot-aggressive - 15 failures
Port Scan
Bad Web Bot
Web App Attack
๐ณ๐ฑ
WeCloudit-Anti-Abuse
2026-07-17 03:34:03
(3 hours ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing
Web App Attack
Hacking
๐บ๐ธ
TPI-Abuse
2026-07-17 03:28:38
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherrys ...
show more
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherryservers.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 23:28:32.184061 2026] [security2:error] [pid 13418:tid 13418] [client 84.32.189.125:51030] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/.git/" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "herrell.net"] [uri "/.git/HEAD"] [unique_id "almhYOqci1v27Gom6yPdNwAAABk"]
show less
Brute-Force
Bad Web Bot
Web App Attack
๐ฎ๐น
VHosting
2026-07-17 03:10:04
(3 hours ago)
Detected WordPress attack from 4 different servers
Brute-Force
Web App Attack
๐ซ๐ท
masterguru
2026-07-17 02:53:09
(3 hours ago)
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (110 ...
show more
BAD BOT - Detected and Blocked.. Matched phrase "go-http-client" at REQUEST_HEADERS:User-Agent. (1100000-197)
show less
Bad Web Bot
๐บ๐ธ
TPI-Abuse
2026-07-17 02:50:07
(3 hours ago)
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherrys ...
show more
(mod_security) mod_security (id:210492) triggered by 84.32.189.125 (ip-84-32-189-125.006.ptr.cherryservers.net): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Thu Jul 16 22:50:02.074965 2026] [security2:error] [pid 17994:tid 17994] [client 84.32.189.125:47560] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/gruntfile.js" at REQUEST_URI. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/02_Global_Generic.conf"] [line "117"] [id "210492"] [rev "3"] [severity "CRITICAL"] [tag "CWAF"] [tag "Generic"] [hostname "leadslibrary.net"] [uri "/Gruntfile.js"] [unique_id "almYWjD6g7hT8VQjMcSTuwAAABw"]
show less
Brute-Force
Bad Web Bot
Web App Attack