πΊπΈ
TPI-Abuse
2026-06-30 13:12:19
(20 hours ago)
(mod_security) mod_security (id:240000) triggered by 45.133.6.80 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.6.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Tue Jun 30 09:12:15.670653 2026] [security2:error] [pid 30293:tid 30293] [client 45.133.6.80:22041] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||theebees.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "theebees.com"] [uri "/images/stories/themes.php"] [unique_id "akPArxV-G4RPK3kRcnxQjgAAAAE"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π«π·
masterguru
2026-06-30 11:38:22
(22 hours ago)
Too much 404 requests in 1 minute. Operator GE matched 10 at IP:block_script. (46020-196)
Hacking
π«π·
Octopuce
2026-06-30 06:57:04
(1 day ago)
Aggressive web search of vulnerable pages: /wp-content/languages/wp-conflg.php /wp-content/themes/cl ...
show more
Aggressive web search of vulnerable pages: /wp-content/languages/wp-conflg.php /wp-content/themes/classwithtostring.php /wp-content/plugins/ele ...
show less
Web App Attack
π©πͺ
raph
2026-06-23 18:47:25
(1 week ago)
[Wordpress] crawler /wp-admin/*, /wp-content/*, etc.
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-21 06:41:25
(1 week ago)
Excessive 404/403 errors
Brute-Force
πΊπΈ
TPI-Abuse
2026-06-19 16:50:31
(1 week ago)
(mod_security) mod_security (id:240000) triggered by 45.133.6.80 (-): 1 in the last 300 secs; Ports: ...
show more
(mod_security) mod_security (id:240000) triggered by 45.133.6.80 (-): 1 in the last 300 secs; Ports: *; Direction: 1; Trigger: LF_MODSEC; Logs: [Fri Jun 19 12:50:24.600549 2026] [security2:error] [pid 24613:tid 24613] [client 45.133.6.80:46839] ModSecurity: Access denied with code 403 (phase 2). String match ".php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec_vendor_configs/comodo_apache/24_Apps_Joomla.conf"] [line "74"] [id "240000"] [rev "1"] [msg "COMODO WAF: Protecting Joomla folder||boatmoldremover.com|F|2"] [severity "CRITICAL"] [tag "CWAF"] [tag "Joomla"] [hostname "boatmoldremover.com"] [uri "/images/stories/themes.php"] [unique_id "ajVzUAGespfODg-qcDKsJwAAACc"]
show less
Brute-Force
Bad Web Bot
Web App Attack
π³π±
Site.eu
2026-06-18 15:41:52
(1 week ago)
Excessive 404/403 errors
Brute-Force
π¦πΊ
2000cn.com.au
2026-06-05 12:58:05
(3 weeks ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-wordpress-scan
Web App Attack
Hacking
Anonymous
2026-06-05 08:54:03
(3 weeks ago)
(apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 45.133.6.8 ...
show more
(apache-useragents) Failed apache-useragents trigger with match [Go-http-client/1.1] from 45.133.6.80 (AU/Australia/-): 5 in the last 300 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: 45.133.6.80 - - [05/Jun/2026:10:53:58 +0200] "GET /demo.php HTTP/1.1" 301 491 "-" "Go-http-client/1.1"
45.133.6.80 - - [05/Jun/2026:10:53:58 +0200] "GET /moon.php HTTP/1.1" 301 491 "-" "Go-http-client/1.1"
45.133.6.80 - - [05/Jun/2026:10:53:59 +0200] "GET /link.php HTTP/1.1" 301 491 "-" "Go-http-client/1.1"
45.133.6.80 - - [05/Jun/2026:10:54:00 +0200] "GET /tiny.php HTTP/1.1" 301 491 "-" "Go-http-client/1.1"
45.133.6.80 - - [05/Jun/2026:10:54:00 +0200] "GET /user.php HTTP/1.1" 301 491 "-" "Go-http-client/1.1"
show less
Port Scan
πΈπ¬
securejdprop
2026-05-30 15:01:28
(1 month ago)
This IP was detected by CrowdSec triggering crowdsecurity/http-probing. crowdsecurity/http-probing
Hacking
Web App Attack
πΏπ¦
Tokolosh Hunters
2026-05-19 00:17:29
(1 month ago)
AutoBlockWindow-Known bad useragent query-2026-05-19 00:17:28
Bad Web Bot
π©πͺ
ghostwarriors
2026-05-18 18:20:39
(1 month ago)
Webpage scraping
Brute-Force
Bad Web Bot
Web App Attack
π΅π±
nfsec.pl
2026-05-18 15:37:30
(1 month ago)
45.133.6.80 - - [18/May/2026:15:35:20 +0000] "GET /local/moodle_webshell/ HTTP/2.0" 404 23821 "https ...
show more
45.133.6.80 - - [18/May/2026:15:35:20 +0000] "GET /local/moodle_webshell/ HTTP/2.0" 404 23821 "https://nfsec.pl/local/moodle_webshell/index.php" "Go-http-client/2.0"
45.133.6.80 - - [18/May/2026:15:37:26 +0000] "GET /modules/dashtrends/views/templates/ad.php HTTP/2.0" 404 24505 "http://nfsec.pl//modules/dashtrends/views/templates/ad.php" "Go-http-client/2.0"
45.133.6.80 - - [18/May/2026:15:37:27 +0000] "GET /modules/kbgoogleshopping/controllers/front/ad.php HTTP/2.0" 404 24095 "http://nfsec.pl//modules/kbgoogleshopping/controllers/front/ad.php" "Go-http-client/2.0"
45.133.6.80 - - [18/May/2026:15:37:28 +0000] "GET /modules/medsnowfree/include.php HTTP/2.0" 404 24081 "http://nfsec.pl//modules/medsnowfree/include.php" "Go-http-client/2.0"
45.133.6.80 - - [18/May/2026:15:37:29 +0000] "GET /modules/myprestaloyalty/ HTTP/2.0" 404 23968 "https://nfsec.pl/modules/myprestaloyalty/index.php" "Go-http-client/2.0"
...
show less
Web App Attack
Exploited Host
Anonymous
2026-05-18 12:08:39
(1 month ago)
"GET //administrator/templates/isis/error.php HTTP/1.1"
Hacking
Web App Attack
π«π·
Octopuce
2026-05-05 20:43:44
(1 month ago)
Aggressive web search of vulnerable pages: /wp-content/x/ /wp-includes/assets/ /wp-includes/fonts/ / ...
show more
Aggressive web search of vulnerable pages: /wp-content/x/ /wp-includes/assets/ /wp-includes/fonts/ /autoload_classmap/ /wp-content/themes/tflow ...
show less
Web App Attack