Anonymous
2026-07-15 04:37:13
(4 hours ago)
172.71.6.216 - - [15/Jul/2026:06:37:07 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ...
show more
172.71.6.216 - - [15/Jul/2026:06:37:07 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:09 +0200] "GET /sixxis.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:09 +0200] "GET /yj09.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /f900.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /ups.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /k.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /k2.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /w.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:10 +0200] "GET /fpwch.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:11 +0200] "GET /w2025.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [15/Jul/2026:06:37:11 +0200] "GET /scxy.php HTTP/1.1" 404 124 "-" "-"
172.71.6
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-07-13 23:23:38
(1 day ago)
172.71.6.216 - - [14/Jul/2026:01:23:32 +0200] "GET /ccc.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - ...
show more
172.71.6.216 - - [14/Jul/2026:01:23:32 +0200] "GET /ccc.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:35 +0200] "GET //wp-cloak.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:35 +0200] "GET /wehrman.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:35 +0200] "GET /gptsh.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:35 +0200] "GET /wp-act.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET /wmore1.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET /keyyy.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET /wp-e0miea13.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET /jimbo.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET /scxy.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/Jul/2026:01:23:36 +0200] "GET //f35.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [14/J
...
show less
Bad Web Bot
Web App Attack
๐ฌ๐ง
OptimusGO
2026-07-07 07:44:15
(1 week ago)
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Time ...
show more
Malicious activity detected: web_attack
Server: commstackbc (185.127.18.66)
Attack: web_attack
Timestamp: 2026-07-07 08:44:15 UTC
Log evidence:
07/07/2026-08:44:14.127846 [**] [1:1000103:1] SECURITY Management Port Probe - CRITICAL [**] [Classification: Attempted Administrator Privilege Gain] [Priority: 1] {TCP} 172.71.6.216:10487 -> 185.127.18.66:8443
show less
Port Scan
Brute-Force
Anonymous
2026-07-04 00:58:13
(1 week ago)
172.71.6.216 - - [04/Jul/2026:02:58:07 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php ...
show more
172.71.6.216 - - [04/Jul/2026:02:58:07 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:10 +0200] "GET /1.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:10 +0200] "GET /122.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:10 +0200] "GET /wp-content/admin.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:10 +0200] "GET /abcd.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:10 +0200] "GET /wp_filemanager.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:11 +0200] "GET /jsstrings.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:11 +0200] "GET /k.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:11 +0200] "GET /edit.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:11 +0200] "GET /seiso.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [04/Jul/2026:02:58:11 +0200] "GET /themes.php HTTP/1
...
show less
Bad Web Bot
Web App Attack
Anonymous
2026-06-22 13:37:15
(3 weeks ago)
172.71.6.216 - - [22/Jun/2026:15:37:12 +0200] "GET /wp-content/admin.php HTTP/1.1" 404 124 "-" "-"
1 ...
show more
172.71.6.216 - - [22/Jun/2026:15:37:12 +0200] "GET /wp-content/admin.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [22/Jun/2026:15:37:13 +0200] "GET /wp-content/themes/index.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [22/Jun/2026:15:37:13 +0200] "GET //wp-includes/js/jquery/ HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [22/Jun/2026:15:37:13 +0200] "GET //wp-content/admin.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [22/Jun/2026:15:37:15 +0200] "GET //wp-includes/css/dist/ HTTP/1.1" 404 124 "-" "-"
...
show less
Brute-Force
Web App Attack
Anonymous
2026-06-19 04:40:54
(3 weeks ago)
172.71.6.216 - - [19/Jun/2026:06:40:49 +0200] "GET /l.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - ...
show more
172.71.6.216 - - [19/Jun/2026:06:40:49 +0200] "GET /l.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:51 +0200] "GET /144.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:51 +0200] "GET /ppp.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:51 +0200] "GET /hehe.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:51 +0200] "GET /166.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:51 +0200] "GET /ws77.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:52 +0200] "GET /333.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:52 +0200] "GET /bootstrap.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:52 +0200] "GET /amax.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:52 +0200] "GET /wp-content/radio.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:06:40:52 +0200] "GET /wp-good.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [19/Jun/2026:
...
show less
Bad Web Bot
Web App Attack
๐บ๐ธ
micropedro
2026-06-11 10:30:54
(1 month ago)
3 incidents: malicious activity. First: 2026-06-06 10:30, Last: 2026-06-11 06:30 UTC. Triggers: ufw- ...
show more
3 incidents: malicious activity. First: 2026-06-06 10:30, Last: 2026-06-11 06:30 UTC. Triggers: ufw-repeater.
show less
Port Scan
๐บ๐ธ
micropedro
2026-06-11 10:30:15
(1 month ago)
9 incidents: web scanning/attack. First: 2026-05-16 06:25, Last: 2026-06-11 06:30 UTC. Triggers: non ...
show more
9 incidents: web scanning/attack. First: 2026-05-16 06:25, Last: 2026-06-11 06:30 UTC. Triggers: non-public-port,port-trap,firewall-http,ufw-repeater,recidive.
show less
Port Scan
Brute-Force
Web App Attack
๐บ๐ธ
micropedro
2026-05-30 13:30:08
(1 month ago)
3 incidents: malicious activity. First: 2026-05-23 08:30, Last: 2026-05-30 09:30 UTC. Triggers: ufw- ...
show more
3 incidents: malicious activity. First: 2026-05-23 08:30, Last: 2026-05-30 09:30 UTC. Triggers: ufw-repeater.
show less
Port Scan
๐ณ๐ฑ
wolfemium
2026-05-29 11:10:27
(1 month ago)
172.71.6.216 - - [29/May/2026:14:10:24 +0300] "GET /11.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - ...
show more
172.71.6.216 - - [29/May/2026:14:10:24 +0300] "GET /11.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - - [29/May/2026:14:10:26 +0300] "GET /p.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - - [29/May/2026:14:10:26 +0300] "GET /bthil.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - - [29/May/2026:14:10:26 +0300] "GET /7.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - - [29/May/2026:14:10:27 +0300] "GET /8.php HTTP/1.1" 502 150 "-" "-"
172.71.6.216 - - [29/May/2026:14:10:27 +0300] "GET /1.php HTTP/1.1" 502 150 "-" "-"
...
show less
DDoS Attack
Anonymous
2026-05-24 08:19:14
(1 month ago)
172.71.6.216 - - [24/May/2026:10:19:11 +0200] "GET //wp-includes/css/dist/ HTTP/1.1" 404 124 "-" "-" ...
show more
172.71.6.216 - - [24/May/2026:10:19:11 +0200] "GET //wp-includes/css/dist/ HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [24/May/2026:10:19:11 +0200] "GET //wp-includes/l10n/ HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [24/May/2026:10:19:12 +0200] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [24/May/2026:10:19:13 +0200] "GET //wp-content/BypassBest.php HTTP/1.1" 404 124 "-" "-"
172.71.6.216 - - [24/May/2026:10:19:14 +0200] "GET //wp-includes/block-bindings/ HTTP/1.1" 404 124 "-" "-"
...
show less
Brute-Force
Web App Attack
๐บ๐ธ
micropedro
2026-05-16 11:30:03
(1 month ago)
5 incidents: web scanning/attack. First: 2026-05-16 06:25, Last: 2026-05-16 07:30 UTC. Triggers: non ...
show more
5 incidents: web scanning/attack. First: 2026-05-16 06:25, Last: 2026-05-16 07:30 UTC. Triggers: non-public-port,port-trap,firewall-http,ufw-repeater,recidive.
show less
Port Scan
Brute-Force
Web App Attack
๐ฌ๐ง
pinguin
2026-04-26 16:35:35
(2 months ago)
Triggered Cloudflare WAF (firewallManaged) from BR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
...
show more
Triggered Cloudflare WAF (firewallManaged) from BR.
Action taken: LOG
Protocol: HTTP/2 (GET method)
Endpoint: /
UA: Hello from Palo Alto Networks, find out more about our scans in https://docs-cortex.paloaltonetworks.com/r/1/Cortex-Xpanse/Scanning-activity
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐บ๐ธ
mnsf
2026-03-18 18:05:34
(3 months ago)
Scanning/Probing (17)
Brute-Force
Web App Attack
Anonymous
2025-08-15 14:50:11
(10 months ago)
Ports: 80,443; Direction: 0; Trigger: LF_CUSTOMTRIGGER
Brute-Force
SSH