๐ฌ๐ง
openstrike.co.uk
2026-07-10 05:13:44
(2 hours ago)
367 attacks on PHP URLs:
GET /rh.php HTTP/1.1
Web App Attack
๐บ๐ธ
H24
2026-07-10 00:26:02
(7 hours ago)
/wp-content/uploads/index.php /function/function.php /wk/index.php /inputs.php /404.php /defaults.ph ...
show more
/wp-content/uploads/index.php /function/function.php /wk/index.php /inputs.php /404.php /defaults.php /adminfuns.php /sf.php /goods.php /autoload_classmap.php
show less
Web App Attack
๐ฎ๐ฉ
zam
2026-07-10 00:25:35
(7 hours ago)
20.205.109.237 - - [10/Jul/2026:00:25:30 +0000] "GET /buy.php HTTP/1.1" 301 282
Web App Attack
๐ต๐ฑ
strefapi_com
2026-07-09 23:59:25
(7 hours ago)
Brute-force, web
...
Hacking
Brute-Force
Web App Attack
Anonymous
2026-07-09 23:55:51
(7 hours ago)
[Fri Jul 10 01:55:46.192115 2026] [proxy_fcgi:error] [pid 3218:tid 3251] [client 20.205.109.237:1150 ...
show more
[Fri Jul 10 01:55:46.192115 2026] [proxy_fcgi:error] [pid 3218:tid 3251] [client 20.205.109.237:11509] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 01:55:49.189284 2026] [proxy_fcgi:error] [pid 3218:tid 3257] [client 20.205.109.237:11509] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 01:55:49.751249 2026] [proxy_fcgi:error] [pid 3218:tid 3247] [client 20.205.109.237:11509] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 01:55:50.271608 2026] [proxy_fcgi:error] [pid 3218:tid 3255] [client 20.205.109.237:11509] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 01:55:51.095466 2026] [proxy_fcgi:error] [pid 3218:tid 3246] [client 20.205.109.237:11509] AH01071: Got error 'Primary script unknown'
...
show less
Brute-Force
Web App Attack
Anonymous
2026-07-09 23:47:41
(7 hours ago)
[Fri Jul 10 01:42:34.542929 2026] [:error] [pid 2626834:tid 2626834] [client 20.205.109.237:64610] M ...
show more
[Fri Jul 10 01:42:34.542929 2026] [:error] [pid 2626834:tid 2626834] [client 20.205.109.237:64610] ModSecurity: Warning. Matched "Operator `PmFromFile' with parameter `restricted-files.data' against variable `REQUEST_FILENAME' (Value: `/wp-config-sample.php' ) [file "/usr/local/modsecurity-crs/rules/REQUEST-930-APPLICATION-ATTACK-LFI.conf"] [line "131"] [id "930130"] [rev ""] [msg "Restricted File Access Attempt"] [data "Matched Data: wp-config- found within REQUEST_FILENAME: /wp-config-sample.php"] [severity "2"] [ver "OWASP_CRS/4.29.0-dev"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-lfi"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "OWASP_CRS/ATTACK-LFI"] [tag "capec/1000/255/153/126"] [uri "/wp-config-sample.php"] [unique_id "178364055410.477606"] [ref "o1,10v4,21t:utf8toUnicode,t:urlDecodeUni,t:normalizePathWin"]
[Fri Jul 10 01:47:41.456988 2026] [:error] [pid 2626834:tid 2626834
...
show less
Web App Attack
Anonymous
2026-07-09 23:41:59
(7 hours ago)
(caddyscan) Scanner path probe from 20.205.109.237 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: ...
show more
(caddyscan) Scanner path probe from 20.205.109.237 (HK/Hong Kong/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_CUSTOMTRIGGER; Logs: [REDACTED] 200 2627 20.205.109.237 - - [09/Jul/2026:23:34:51 +0000] "GET /xmlrpc.php HTTP/1.1"
[REDACTED] 200 2627 20.205.109.237 - - [09/Jul/2026:23:38:39 +0000] "GET /wp-admin/css/colors/blue/index.php HTTP/1.1"
[REDACTED] 200 2627 20.205.109.237 - - [09/Jul/2026:23:38:44 +0000] "GET /wp-admin/js/index.php HTTP/1.1"
[REDACTED] 200 2627 20.205.109.237 - - [09/Jul/2026:23:41:19 +0000] "GET /xmlrpc.php HTTP/1.1"
[REDACTED] 200 2627 20.205.109.237 - - [09/Jul/2026:23:41:57 +0000] "GET /xmlrpc.php HTTP/1.1"
show less
Port Scan
๐ซ๐ฎ
Christopher Hughes
2026-07-09 23:26:55
(8 hours ago)
[Fri Jul 10 00:26:52.551039 2026] [proxy_fcgi:error] [pid 1651986:tid 139822391883328] [client 20.20 ...
show more
[Fri Jul 10 00:26:52.551039 2026] [proxy_fcgi:error] [pid 1651986:tid 139822391883328] [client 20.205.109.237:30416] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 00:26:52.821271 2026] [proxy_fcgi:error] [pid 1651986:tid 139822341527104] [client 20.205.109.237:30416] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 00:26:53.366251 2026] [proxy_fcgi:error] [pid 1651986:tid 139822784255552] [client 20.205.109.237:30416] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 00:26:54.413750 2026] [proxy_fcgi:error] [pid 1651986:tid 139822742292032] [client 20.205.109.237:30416] AH01071: Got error 'Primary script unknown'
[Fri Jul 10 00:26:55.082923 2026] [proxy_fcgi:error] [pid 1651986:tid 139821720794688] [client 20.205.109.237:30416] AH01071: Got error 'Primary script unknown'
...
show less
Web App Attack
๐ฎ๐ฉ
Burayot
2026-07-09 23:05:31
(8 hours ago)
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.205.109.237 (HK/Hong Kong/-): 1 ...
show more
LF_MODSEC: (mod_security) mod_security (id:1000001) triggered by 20.205.109.237 (HK/Hong Kong/-): 1 in the last 3600 secs
show less
Web App Attack
๐ฌ๐ง
Yosi
2026-07-09 23:05:26
(8 hours ago)
RdpGuard detected brute-force attempt on HTTP
Brute-Force
Anonymous
2026-07-09 23:04:45
(8 hours ago)
Banned by Fail2Ban on server
Web App Attack
๐ฉ๐ช
sojan
2026-07-09 23:04:04
(8 hours ago)
20.205.109.237 - - [10/Jul/2026:01:04:02 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.p ...
show more
20.205.109.237 - - [10/Jul/2026:01:04:02 +0200] "GET /wp-content/plugins/hellopress/wp_filemanager.php HTTP/1.1" 404 8838 "-" "-"
20.205.109.237 - - [10/Jul/2026:01:04:03 +0200] "GET /this_is_a_new_hello_world.php HTTP/1.1" 404 8838 "-" "-"
20.205.109.237 - - [10/Jul/2026:01:04:03 +0200] "GET /100.php HTTP/1.1" 404 8838 "-" "-"
...
show less
Web App Attack
๐ฉ๐ช
Dennis
2026-07-09 22:51:41
(8 hours ago)
20.205.109.237 has been banned for triggering http-probing (11 events over 3.172314736s).
Brute-Force
Web App Attack
๐ฌ๐ง
pinguin
2026-07-09 22:50:46
(8 hours ago)
Triggered Cloudflare WAF (firewallManaged) from HK.
Action taken: LOG
Protocol: HTTP/1.1 (GET method ...
show more
Triggered Cloudflare WAF (firewallManaged) from HK.
Action taken: LOG
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-content/plugins/hellopress/wp_filemanager.php
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less
Bad Web Bot
๐ซ๐ท
SpaceHost-Server
2026-07-09 22:28:16
(9 hours ago)
Brute-Force
Web App Attack