Conversation
fun

f_ ๐Ÿ‡ต๐Ÿ‡ธ

PSA: Due to repeated DDoSing-like behavior, I have banned all IP ranges originating from AS8075 (aka. Microsoft).

Please let me know if you are having any issues accessing dersco.re, and sorry for the inconvenience.
1
0
3
fun

f_ ๐Ÿ‡ต๐Ÿ‡ธ

Reply to @fun

Context: I keep seeing requests coming from Microsoft IPs, such as for example:

20.[REDACTED] - - [19/Feb/2026:10:13:29 +0100] "GET /fe5.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                   09:13:42 [56/289]
20.[REDACTED] - - [19/Feb/2026:10:13:30 +0100] "GET /ov.php HTTP/1.1" 404 146 "-" "-" "-" 
20.[REDACTED] - - [19/Feb/2026:10:13:30 +0100] "GET /wp-content/plugins/index.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:30 +0100] "GET /default.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:30 +0100] "GET /goods.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:31 +0100] "GET /abcd.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:31 +0100] "GET /class.1.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:31 +0100] "GET /async.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:31 +0100] "GET /ff.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                     
20.[REDACTED] - - [19/Feb/2026:10:13:32 +0100] "GET /ioxi-o.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                 
20.[REDACTED] - - [19/Feb/2026:10:13:32 +0100] "GET /manager.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                
20.[REDACTED] - - [19/Feb/2026:10:13:32 +0100] "GET /wp-update.php HTTP/1.1" 404 146 "-" "-" "-"  
20.[REDACTED] - - [19/Feb/2026:10:13:32 +0100] "GET /file.php? HTTP/1.1" 404 146 "-" "-" "-"                                                                                                  
20.[REDACTED] - - [19/Feb/2026:10:13:33 +0100] "GET /wp-includes/certificates/plugins.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:33 +0100] "GET /lc.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                     
20.[REDACTED] - - [19/Feb/2026:10:13:33 +0100] "GET /cbrfo.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                  
20.[REDACTED] - - [19/Feb/2026:10:13:33 +0100] "GET /inc.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                    
20.[REDACTED] - - [19/Feb/2026:10:13:33 +0100] "GET /gifclass.php HTTP/1.1" 404 146 "-" "-" "-"                
20.[REDACTED] - - [19/Feb/2026:10:13:34 +0100] "GET /miansha.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                
20.[REDACTED] - - [19/Feb/2026:10:13:34 +0100] "GET /tinyfilemanager.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:34 +0100] "GET /admin.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:34 +0100] "GET /ok.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                     
20.[REDACTED] - - [19/Feb/2026:10:13:35 +0100] "GET /fi.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:35 +0100] "GET /muzu.php HTTP/1.1" 404 146 "-" "-" "-" 
20.[REDACTED] - - [19/Feb/2026:10:13:35 +0100] "GET /reze.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:35 +0100] "GET /styll.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:36 +0100] "GET /x7.php HTTP/1.1" 404 146 "-" "-" "-"   
20.[REDACTED] - - [19/Feb/2026:10:13:36 +0100] "GET /thebe.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                  
20.[REDACTED] - - [19/Feb/2026:10:13:36 +0100] "GET /ddd.php HTTP/1.1" 404 146 "-" "-" "-"   
20.[REDACTED] - - [19/Feb/2026:10:13:36 +0100] "GET /bgymj.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:37 +0100] "GET /8xyz.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:37 +0100] "GET /ioxi.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:37 +0100] "GET /xpwer1.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:37 +0100] "GET //lala.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:38 +0100] "GET //about.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:38 +0100] "GET /wp-admin/images/commentv.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:38 +0100] "GET //cgi-bin/index.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:38 +0100] "GET //wp-admin/images/wp-conflg.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:38 +0100] "GET /wp-admin/images/wp-conflg.php HTTP/1.1" 404 146 "-" "-" "-"      
20.[REDACTED] - - [19/Feb/2026:10:13:39 +0100] "GET /info.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                   
20.[REDACTED] - - [19/Feb/2026:10:13:39 +0100] "GET /about.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                  
20.[REDACTED] - - [19/Feb/2026:10:13:39 +0100] "GET /x/ HTTP/1.1" 404 146 "-" "-" "-"                                                                                                         
20.[REDACTED] - - [19/Feb/2026:10:13:39 +0100] "GET /222.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                    
20.[REDACTED] - - [19/Feb/2026:10:13:40 +0100] "GET //adminfuns.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:40 +0100] "GET /wp-includes/PHPMailer/ HTTP/1.1" 404 146 "-" "-" "-"              
20.[REDACTED] - - [19/Feb/2026:10:13:40 +0100] "GET /xx.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                     
20.[REDACTED] - - [19/Feb/2026:10:13:40 +0100] "GET /wp-admin/js/wp-conflg.php HTTP/1.1" 404 146 "-" "-" "-"          
20.[REDACTED] - - [19/Feb/2026:10:13:41 +0100] "GET /f5.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                     
20.[REDACTED] - - [19/Feb/2026:10:13:41 +0100] "GET /flower.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                 
20.[REDACTED] - - [19/Feb/2026:10:13:41 +0100] "GET //f6.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                    
20.[REDACTED] - - [19/Feb/2026:10:13:41 +0100] "GET //edit.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                  
20.[REDACTED] - - [19/Feb/2026:10:13:42 +0100] "GET //wp-includes/js/dist/ HTTP/1.1" 404 146 "-" "-" "-"                                                                                      
20.[REDACTED] - - [19/Feb/2026:10:13:42 +0100] "GET /wp-includes/SimplePie/ HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:42 +0100] "GET //av.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                    
20.[REDACTED] - - [19/Feb/2026:10:13:42 +0100] "GET /wp-includes/Text/Diff/Engine/about.php HTTP/1.1" 404 146 "-" "-" "-"
20.[REDACTED] - - [19/Feb/2026:10:13:43 +0100] "GET /wsd.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                    
20.[REDACTED] - - [19/Feb/2026:10:13:43 +0100] "GET /jane.php HTTP/1.1" 404 146 "-" "-" "-"                                                                                                   
20.[REDACTED] - - [19/Feb/2026:10:13:43 +0100] "GET /css.php HTTP/1.1" 404 146 "-" "-" "-"

Iโ€™m not sure what it is for, maybe trying to exploit wordpress or ? In any case, itโ€™s doing all these requests in less than a few seconds which is completely unacceptable, and without a User-Agent also, so no way to contact whoever is doing this.

1
0
3
fun

f_ ๐Ÿ‡ต๐Ÿ‡ธ

Reply to @fun
I'd also like to know if anyone else is experiencing that kind of thing.
1
1
1
loke@functional.cafe

Elias Mรฅrtenson

Reply to @fun

@fun these are scans for known wordpress vulnerabilities, no? The ms ip addresses are probably azure.

1
0
0
fun

f_ ๐Ÿ‡ต๐Ÿ‡ธ

Reply to @loke@functional.cafe
@loke But what for?
1
0
1
fun

f_ ๐Ÿ‡ต๐Ÿ‡ธ

Reply to @fun
@loke Some URLs look like WP URLs but not all, some of them actually seem pretty random and weird.
Also, the IP address changes every time.
0
0
0
About berkeley.edu.pl

Terms of Service

This is a placeholder, overwrite this by putting a file at 

$STATIC_DIR/static/terms-of-service.html

See the Static Directory docs for more info.