Anonymous
2026-07-16 22:04:48
(8 minutes ago)
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: Word ...
show more
Blocked by FortiWeb WAF ML threat detection. ML probability: 99%, Country: CA, Attack patterns: WordPress scanning, Webshell probing, Malicious User-Agent
show less
Bad Web Bot
Web App Attack
π³π±
homeshowdomain.nl
2026-07-16 22:02:44
(10 minutes ago)
Auto-ban: >3000 req/min op 2026-07-16
Web App Attack
SSH
Hacking
π©πͺ
BlueWire Hosting
2026-07-16 21:49:57
(23 minutes ago)
Suspicious HTTP(s) activity without a user agent provided
Bad Web Bot
π©πͺ
Dennis
2026-07-16 21:12:28
(1 hour ago)
20.63.100.92 has been banned for triggering http-probing (11 events over 1.515921801s).
Brute-Force
Web App Attack
πΏπ¦
conure
2026-07-16 19:44:02
(2 hours ago)
csagent: score 25.5: shell drop sweep x2, php 404 x2, 404 noise floor x2; 1 domain(s) in 0s
Web App Attack
πΊπΈ
ArturShelby
2026-07-16 15:35:19
(6 hours ago)
Suspicious file access: /.well-known/info.php
Web App Attack
π¬π·
setupgr
2026-07-16 14:46:21
(7 hours ago)
(mod_security) mod_security (id:1000001) triggered by 20.63.100.92 (CA/Canada/Ontario/Toronto/-/[AS8 ...
show more
(mod_security) mod_security (id:1000001) triggered by 20.63.100.92 (CA/Canada/Ontario/Toronto/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Thu Jul 16 17:46:18.136845 2026] [security2:error] [pid 499573:tid 499764] [client 20.63.100.92:49907] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/wp-content/plugins/hellopress/wp_filemanager.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /wp-content/plugins/hellopress/wp_filemanager.php"] [severity "CRITICAL"] [tag "security"] [hostname "sea-sound.com"] [uri "/wp-content/plugins/hellopress/wp_filemanager.php"] [unique_id "aljuumMxtu2HVEqe8sfcdwAAAZc"]
show less
Port Scan
πΊπΈ
oralunal
2026-07-16 12:08:58
(10 hours ago)
IP banned by Fail2Ban in jail its-suss access.log mvfnds
...
Bad Web Bot
Web App Attack
ππΊ
NyaljBe
2026-07-16 10:57:00
(11 hours ago)
20.63.100.92 - - [16/Jul/2026:04:41:31 +0200] "GET /kill-9-1.php HTTP/1.1" 404 153 "-" "-"
20.63.10 ...
show more
20.63.100.92 - - [16/Jul/2026:04:41:31 +0200] "GET /kill-9-1.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /CLA.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /shlo.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /wsr2.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /new4.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /bless2.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /atomlib.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:30 +0200] "GET /witm.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:29 +0200] "GET /35.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:29 +0200] "GET /up.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:41:29 +0200] "GET /re.php HTTP/1.1" 404 153 "-" "-"
show less
Web App Attack
π³πΏ
Antinson
2026-07-16 10:36:57
(11 hours ago)
Scraping with a high error ratio and request rate
Bad Web Bot
ππΊ
NyaljBe
2026-07-16 10:16:00
(11 hours ago)
20.63.100.92 - - [16/Jul/2026:04:20:25 +0200] "GET /baxa1.phP8 HTTP/1.1" 404 153 "-" "-"
20.63.100. ...
show more
20.63.100.92 - - [16/Jul/2026:04:20:25 +0200] "GET /baxa1.phP8 HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:25 +0200] "GET /wp-includes/buy.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:25 +0200] "GET /thh.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:25 +0200] "GET /nxac.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /ffile.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /cache.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /ahax.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /Okxob.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /new.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:24 +0200] "GET /as.php HTTP/1.1" 404 153 "-" "-"
20.63.100.92 - - [16/Jul/2026:04:20:16 +0200] "GET /aw.php HTTP/1.1" 404 153 "-" "-"
show less
Web App Attack
πͺπΈ
pipeline.es
2026-07-16 09:50:26
(12 hours ago)
Web scanning / probing for vulnerable paths
Port Scan
Web App Attack
π¨π
Origon
2026-07-16 09:00:16
(13 hours ago)
http-probing - IP: 20.63.100.92 - time="2026-07-16T11:00:16+02:00" level=info msg="(555f66b4f6a7455 ...
show more
http-probing - IP: 20.63.100.92 - time="2026-07-16T11:00:16+02:00" level=info msg="(555f66b4f6a74558bc11e3f93469658es8App0Mcc0TKEeje/crowdsec) crowdsecurity/http-probing by ip 20.63.100.92 (CA/8075) : 4h ban on Ip 20.63.100.92" module=db
show less
Web App Attack
π§πͺ
taivas.nl
2026-07-16 08:02:14
(14 hours ago)
Site scraper
Web App Attack
π©πͺ
patrisei
2026-07-16 06:32:36
(15 hours ago)
You are now banned for 10 years by Schiffdorf-West Patrol. Trigger: crowdsecurity/http-probing
Port Scan
Web App Attack