This IP address has been reported a total of
324
times from
196 distinct
sources.
20.205.96.99 was first reported on
, and the most recent report was
.
Recent Reports:
We have received reports of abusive activity from this IP address within the last week. It is
potentially still actively engaged in abusive activities.
[WedJul0803:57:26.4657052026][security2:error][pid2104643:tid2104672][client20.205.96.99:0]ModSecuri ...
show more[WedJul0803:57:26.4657052026][security2:error][pid2104643:tid2104672][client20.205.96.99:0]ModSecurity:Accessdeniedwithcode403\(phase1\).Patternmatch\"\^/wp-content/uploads/.\*\\\\\\\\.\(php\|phtml\|phar\|php3\|php4\|php5\|php7\)\$\"atREQUEST_URI.[file\"/etc/apache2/conf.d/modsec_custom_rules.conf\"][line\"395\"][id\"1101018\"][msg\"PHPexecutionfromuploads\"][hostname\"webmail.formet.ch\"][uri\"/wp-content/uploads/index.php\"][unique_id\"ak2uhp3nqbMIbdFM6O2FjAAAABI\"]
show less
[Wed Jul 08 02:18:32.528672 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/ ...
show more[Wed Jul 08 02:18:32.528672 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/www/html/brume.org/radios/this_is_a_new_hello_world.php' not found or unable to stat
[Wed Jul 08 02:18:36.776403 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/www/html/brume.org/radios/themes.php' not found or unable to stat
[Wed Jul 08 02:18:38.315506 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/www/html/brume.org/radios/ws.php' not found or unable to stat
[Wed Jul 08 02:18:39.087659 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/www/html/brume.org/radios/wp-conf.php' not found or unable to stat
[Wed Jul 08 02:18:39.875632 2026] [php:error] [pid 2113498] [client 20.205.96.99:9950] script '/var/www/html/brume.org/radios/wp-login.php' not found or unable to stat
...
show less
3 incidents: web scanning/attack. First: 2026-07-02 16:37, Last: 2026-07-07 19:45 UTC. Triggers: ngi ...
show more3 incidents: web scanning/attack. First: 2026-07-02 16:37, Last: 2026-07-07 19:45 UTC. Triggers: nginx-sensitive-files,nginx-botsearch.
show less
Triggered Cloudflare WAF (firewallManaged) from HK.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET meth ...
show moreTriggered Cloudflare WAF (firewallManaged) from HK.
Action taken: BLOCK
Protocol: HTTP/1.1 (GET method)
Endpoint: /wp-config.php
UA: Empty string
This report was generated by:
https://github.com/sefinek/Cloudflare-WAF-To-AbuseIPDB
show less