๐ง๐ช
boxed-it
2026-07-10 02:02:50
(17 hours ago)
GET /wp-content/themes/haha.php (Tarpitted for 1d15h8m29s, wasted 8.06MB)
Web App Attack
๐บ๐ธ
chronos
2026-07-09 10:08:13
(1 day ago)
[AUTORAVALT][[09/07/2026 - 07:08:12 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] ...
show more
[AUTORAVALT][[09/07/2026 - 07:08:12 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] Action: BLocKed
DDoS Attack -> Participating in distributed denial-of-service.
Phishing -> Phishing websites and/or email.
Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam.
Blog Spam -> CMS blog comment spam.
Web App Attack -> Attempts to pro]
...
show less
DDoS Attack
Phishing
Web Spam
Blog Spam
Web App Attack
๐บ๐ธ
chronos
2026-07-09 09:32:47
(1 day ago)
[AUTORAVALT][[09/07/2026 - 06:32:46 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] ...
show more
[AUTORAVALT][[09/07/2026 - 06:32:46 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] Action: BLocKed
DDoS Attack -> Participating in distributed denial-of-service.
Phishing -> Phishing websites and/or email.
Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam.
Blog Spam -> CMS blog comment spam.
Web App Attack -> Attempts to pro]
...
show less
DDoS Attack
Phishing
Web Spam
Blog Spam
Web App Attack
๐ณ๐ฑ
Site.eu
2026-07-09 02:03:50
(1 day ago)
Excessive multi-domain requests
Brute-Force
๐บ๐ธ
chronos
2026-07-09 00:22:19
(1 day ago)
[AUTORAVALT][[08/07/2026 - 21:22:19 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] ...
show more
[AUTORAVALT][[08/07/2026 - 21:22:19 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] Action: BLocKed
DDoS Attack -> Participating in distributed denial-of-service.
Phishing -> Phishing websites and/or email.
Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam.
Blog Spam -> CMS blog comment spam.
Web App Attack -> Attempts to pro]
...
show less
DDoS Attack
Phishing
Web Spam
Blog Spam
Web App Attack
๐บ๐ธ
chronos
2026-07-08 23:44:47
(1 day ago)
[AUTORAVALT][[08/07/2026 - 20:44:47 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] ...
show more
[AUTORAVALT][[08/07/2026 - 20:44:47 -03:00 UTC]
Attack from [Microsoft Corporation]
[20.63.219.100] Action: BLocKed
DDoS Attack -> Participating in distributed denial-of-service.
Phishing -> Phishing websites and/or email.
Web Spam -> Comment/forum spam, HTTP referer spam, or other CMS spam.
Blog Spam -> CMS blog comment spam.
Web App Attack -> Attempts to pro]
...
show less
DDoS Attack
Phishing
Web Spam
Blog Spam
Web App Attack
๐ซ๐ท
tecnicorioja
2026-07-08 22:01:11
(1 day ago)
wp-login attack [08/Jul/2026:17:30:54
Brute-Force
Web App Attack
๐ฎ๐ฉ
soc-yk
2026-07-08 17:42:16
(2 days ago)
Type: suspicious_network_activity
Risk: 82
Events: 696
Evidence:
- Persistent suspicious network ac ...
show more
Type: suspicious_network_activity
Risk: 82
Events: 696
Evidence:
- Persistent suspicious network activity detected
- Repeated hostile operational behavior observed
- Multi-event operational persistence identified
- Threat escalation behavior observed
show less
Port Scan
Hacking
๐ฉ๐ช
R.G.
2026-07-08 16:39:11
(2 days ago)
(ScanningForFiles) Scanning for files triggerd 20.63.219.100 (JP/Japan/-): 10 in the last 900 secs; ...
show more
(ScanningForFiles) Scanning for files triggerd 20.63.219.100 (JP/Japan/-): 10 in the last 900 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs:
show less
Web App Attack
๐ฌ๐ท
setupgr
2026-07-08 16:35:47
(2 days ago)
(mod_security) mod_security (id:1000001) triggered by 20.63.219.100 (JP/Japan/Osaka/Osaka/-/[AS8075 ...
show more
(mod_security) mod_security (id:1000001) triggered by 20.63.219.100 (JP/Japan/Osaka/Osaka/-/[AS8075 MICROSOFT-CORP-MSN-AS-BLOCK]): 1 in the last 86400 secs (CF_ENABLE); Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: [Wed Jul 08 19:35:45.701479 2026] [security2:error] [pid 1878110:tid 1878187] [client 20.63.219.100:3683] ModSecurity: Access denied with code 403 (phase 1). Matched phrase "/about.php" at REQUEST_FILENAME. [file "/etc/apache2/conf.d/modsec/modsec2.user.conf"] [line "103"] [id "1000001"] [msg "Bad file blocked: /wp-content/themes/theme/about.php"] [severity "CRITICAL"] [tag "security"] [hostname "ftiaxtomonosou.gr"] [uri "/wp-content/themes/theme/about.php"] [unique_id "ak58YYS8_aZPs7wm8LqykQAAAZc"]
show less
Port Scan
๐บ๐ธ
Epimetheus
2026-07-08 16:02:22
(2 days ago)
Unauthorized access attempts:
[GET] /ioxi-o.php
[GET] /ms-edit.php
[GET] /class-t.api.php
[GET] /xm ...
show more
Unauthorized access attempts:
[GET] /ioxi-o.php
[GET] /ms-edit.php
[GET] /class-t.api.php
[GET] /xmr.php
[GET] /admin.php
[GET] /bolt.php
[GET] /wp-act.php
[GET] /wp-content/themes/
[GET] /edit.php
UA: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/120.0.0.0 Safari/537.36
show less
Web App Attack
๐บ๐ธ
ipblock.com
2026-07-08 15:46:00
(2 days ago)
IPBlock protected site ID [4055-d][s=02].
Exploit request, vulnerability scanner.
Hacking
Bad Web Bot
Web App Attack
๐ณ๐ฟ
Antinson
2026-07-08 13:43:22
(2 days ago)
Requests to unauthorized or suspicious endpoints (.git, .well-known, .php, etc.)
Bad Web Bot
๐ซ๐ท
thilo
2026-07-08 12:42:58
(2 days ago)
Probe for vulnerabilities. Path attempted: /wp-content/themes/haha.php
Web App Attack
๐ฉ๐ช
pscriptos
2026-07-08 12:42:41
(2 days ago)
This IP was detected by CrowdSec triggering crowdsecurity/appsec-vpatch
Web App Attack