Reminder Board of Threatening Ken's Study Journey Website/Internet Security

Font Size:

Default Large Extra

Ken’s Study Journey Strives to Maintain Internet Security

Say “No” to Massive Website Scanning

Ken’s Study Journey rigorously (strictly) checks massive website scanning attempts, maintaining a safe environment for the Ken’s Study Journey website/platform and user study plans.

The Automated Reminder System for Threatening Website Security (Massive Scanning Website Hidden Modules) is a self-developed technology from Ken's Study Journey.

My server's Web-Application Firewall (WAF) and Automated Reminder System will automatically remind scanners.

Any continuous scans after reminders/warnings (i.e. repeated offenders) may be shown publicly on this reminder board. The display time of each scan is 7 days.

Any sensitive information (e.g. IP addresses) will be masked to enhance its security.

Any direct IP access (including unauthorised domain names) will be dropped (instead of displaying a Server default page) since 18 Nov. 2023 to prevent global massive vulnerability scanning via IPv4 addresses.

For Credential Stuffing Attack: Only the general information (e.g. IP addresses and scan types) will be shown. Private user names and passwords will be hidden.

Note: Some scanning attempts (of hidden modules) also violated the rules listed in the website's "/robots.txt" file.

New:

Any stopped scanning attempts several seconds after automated reminders may not be displayed.
All records will be displayed together due to multiple violation types of a scanner.
(Update) Repeated offenders (after display on this page for many days) are shown in red/orange backgrounds.

Scan Types include:

Open-source Website Framework Modules
(including but not limited to, WordPress modules)
Website Backend Modules
(including but not limited to, "php", "jsp", "asp", "aspx" and "sql")
Website Admin Entrance
Non-existent APIs and APP Ports
Website Code Backup Zip Files
Website Login Pages (User Names and Passwords)
Credential Stuffing Attack
SQL injection
XSS attack

View Notice

Ken's Study Journey Internet Security Poster

Updated: 8 May 2024 09:20 (GMT+8, CST)

Total: 26 Records

Swipe/Scroll left and right to view the entire table.

Date/Time (GMT+8)	IP Address	Scans	Device Type	Scan Types & Sample URLs
2024-05-07 23:21-23:23	149...235	3 times	Chrome, Android	Backend Modules (PHP, WordPress): (malicious code) https://www.kenstudyjourney.cn/wp-admin/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ... (malicious code) https://www.kenstudyjourney.cn/wp-content/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ... (malicious code) https://www.kenstudyjourney.cn/wp-includes/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ...
2024-05-07 21:18-21:49, 23:00-23:51	Same ISP / Hosting Provider with Many IPs: 139...26 111...162 123...106 103...146 119...178	18 times	Firefox, Windows	Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/member/reg.asp https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php
2024-05-07 08:18-09:29	Same ISP / Hosting Provider with Many IPs: 121...46 112...141	872 times	Chrome, Windows	Backend Modules (PHP, SQL, JSP, phpMyAdmin): https://www.kenstudyjourney.cn/admin/ https://www.kenstudyjourney.cn/cacti.sql https://www.kenstudyjourney.cn/admin.php?mod=do&act=login https://www.kenstudyjourney.cn/install/sql.sql https://www.kenstudyjourney.cn/smartbi/vision/index.jsp https://www.kenstudyjourney.cn/was5/web/index.jsp https://www.kenstudyjourney.cn/phpcms/modules/comment/install/module.sql https://www.kenstudyjourney.cn/phpMyAdmin/ https://www.kenstudyjourney.cn/phpMyAdmin/404.html https://www.kenstudyjourney.cn/phpMyAdmin/500.html https://www.kenstudyjourney.cn/phpMyAdmin/?c=4e5e5d7364f443e28fbf0d3ae744a59a Non-existent API/APP Ports: https://www.kenstudyjourney.cn/api/v1/query?query=prometheus_build_info
2024-05-06 22:19-23:24	Same ISP / Hosting Provider with Many IPs: 121...155 112...104	1024 times	Chrome, Windows	Backend Modules (PHP, SQL, JSP, phpMyAdmin): https://status.kenstudyjourney.cn/admin/ https://status.kenstudyjourney.cn/cacti.sql https://status.kenstudyjourney.cn/admin.php?mod=do&act=login https://status.kenstudyjourney.cn/install/sql.sql https://status.kenstudyjourney.cn/smartbi/vision/index.jsp https://status.kenstudyjourney.cn/was5/web/index.jsp https://status.kenstudyjourney.cn/phpcms/modules/comment/install/module.sql https://status.kenstudyjourney.cn/phpMyAdmin/ https://status.kenstudyjourney.cn/phpMyAdmin/404.html https://status.kenstudyjourney.cn/phpMyAdmin/500.html https://status.kenstudyjourney.cn/phpMyAdmin/?c=4e5e5d7364f443e28fbf0d3ae744a59a Non-existent API/APP Ports: https://status.kenstudyjourney.cn/api/v1/query?query=prometheus_build_info
2024-05-06 09:52-09:55, 11:09-11:11	2001:41d0:*:0:0 2400:6180:*:9a4:9001	12 times	Chrome, Windows	Backend Modules (PHP): https://www.kenstudyjourney.cn/wp-content/plugins/contact-form-7/admin/css/styles-rtl.php (malicious code) https://www.kenstudyjourney.cn/wp-admin/css/colors/blue/clean.php?msfacai=die(md5(24334));
2024-05-06 00:11-00:37, 03:20, 04:02, 04:16-04:17, 04:27-04:33, 05:00-05:01, 05:10-05:12, 06:22, 06:55, 07:55, 08:51, 15:34	Same ISP / Hosting Provider with Many IPs: 111...162 119...2 139...26 111...18	32 times	Firefox, Windows	Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/ddd.php
2024-05-05 02:10-02:11, 03:07, 04:23, 05:20, 22:29-22:30, 22:40, 22:42, 22:48-22:52, 23:12-23:13	Same ISP / Hosting Provider with Many IPs: 111...18 139...26 111...162 103...146 119...2	19 times	Firefox, Windows	Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://status.kenstudyjourney.cn/123.aspx https://planner.kenstudyjourney.cn/e/DoInfo/AddInfo.php
2024-05-05 01:25	120...109	116 times	Chrome, macOS	Backend Modules (PHP, phpMyAdmin): https://status.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://status.kenstudyjourney.cn/db/dbweb/index.php?lang=en https://status.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://status.kenstudyjourney.cn/db/phpMyAdmin/index.php?lang=en https://status.kenstudyjourney.cn/db/db-admin/index.php?lang=en https://status.kenstudyjourney.cn/database/index.php?lang=en
2024-05-05 00:44-00:52	178...235	97 times	Safari, macOS	Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/db/dbweb/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/db/phpMyAdmin/index.php?lang=en https://www.kenstudyjourney.cn/db/db-admin/index.php?lang=en https://www.kenstudyjourney.cn/database/index.php?lang=en
2024-05-04 22:18-22:18	2405:d000:***:fe2c:58	115 times	Chrome, Linux	Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/phpmyadmin2017/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/sql/myadmin/index.php?lang=en https://www.kenstudyjourney.cn/admin/phpmyadmin/index.php?lang=en https://www.kenstudyjourney.cn/mysql/dbadmin/index.php?lang=en
2024-05-04 15:43-15:44	103...120	115 times	Chrome, Windows
2024-05-04 15:51	118...27	39 times	Internet Explorer, Windows	Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www_kenstudyjourney_cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/www.tar.gz https://www.kenstudyjourney.cn/web1.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz
2024-05-04 06:10, 11:29, 12:52, 13:26, 15:53, 18:52	154...33	6 times	Firefox, Windows	Admin Entrance (ashx): https://www.kenstudyjourney.cn//Admin/Scripts/ueditor/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn//adminH/lib/ueditor/1.4.3/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn//Administration/Content/UEditor/net/controller.ashx?action=catchimage
2024-05-04 04:39, 06:09	Same ISP / Hosting Provider with Many IPs: 150...198 43...151	10 times	Unknown Browser, Unknown OS	Admin Entrance (WordPress): https://planner.kenstudyjourney.cn/admin/privilege.php https://planner.kenstudyjourney.cn/dede/login.php https://planner.kenstudyjourney.cn/admin/index.php?m=admin-login https://planner.kenstudyjourney.cn/admin.php?s=Admin-Login https://status.kenstudyjourney.cn/admin/privilege.php https://status.kenstudyjourney.cn/dede/login.php https://status.kenstudyjourney.cn/admin/index.php?m=admin-login https://status.kenstudyjourney.cn/admin.php?s=Admin-Login
2024-05-04 01:37, 02:13, 02:39, 06:34, 18:57, 19:05, 21:01, 21:36-21:37	Same ISP / Hosting Provider with Many IPs: 103...122 119...2 116...186 103...122	9 times	Firefox, Windows	Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php
2024-05-03 21:01-21:10, 21:23-21:27	Same Device Type with Many IPs: 91...81 141...28	20 times	Chrome, Android	Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/wp-content/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-includes/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-admin/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/inputs.php https://www.kenstudyjourney.cn/about.php https://www.kenstudyjourney.cn/simple.php
2024-05-03 20:11-20:12	142...127	116 times	Safari, macOS	Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/phpmyadmin2017/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/sql/myadmin/index.php?lang=en https://www.kenstudyjourney.cn/admin/phpmyadmin/index.php?lang=en https://www.kenstudyjourney.cn/mysql/dbadmin/index.php?lang=en
2024-05-03 00:31	2400:8d60:***:fdee:2b2f	5 times	Chrome, Windows	Backend Modules (PHP, JSP): https://www.kenstudyjourney.cn/api/index.php?super=login https://www.kenstudyjourney.cn/admin/Ueditor/net/controller.ashx?action=catchimage (malicious code) https://www.kenstudyjourney.cn/WebReport/ReportServer?op=svginit&cmd=design_save_svg&filePath=chartmapsvg/../../../../WebReport/tangbohu.svg.jsp
2024-05-03 00:08	27...146	57 times	Internet Explorer, Windows	Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www.kenstudyjourney.cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/kenstudyjourneywww.zip https://www.kenstudyjourney.cn/kenstudyjourneywwwroot.tar.gz https://www.kenstudyjourney.cn/bf.rar https://www.kenstudyjourney.cn/beifen.tar.gz https://www.kenstudyjourney.cn/dz.tar.gz
2024-05-02 15:25-15:31	204...36	11 times	Chrome, Windows	Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/q.php https://www.kenstudyjourney.cn/wp-includes/ll.php https://www.kenstudyjourney.cn/lol.php https://www.kenstudyjourney.cn/nainxd.php https://www.kenstudyjourney.cn/wp-admin/css/lol.php
2024-05-02 13:56-14:01	178...14	11 times	Chrome, Windows
2024-05-02 03:28	118...27	37 times	Internet Explorer, Windows	Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www_kenstudyjourney_cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/www.tar.gz https://www.kenstudyjourney.cn/web1.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz
2024-05-01 12:11	36...10	28 times	Vivo Browser, Android OKHTTP, Unknown OS	Non-existent API/APP Ports: https://www.kenstudyjourney.cn/app/js/base.js/ https://www.kenstudyjourney.cn/api/config/getkefu/ https://www.kenstudyjourney.cn/api/Config/getShowConfig/ https://www.kenstudyjourney.cn/api/public/?service=Home.getConfig https://www.kenstudyjourney.cn/api/v/index/queryOfficePage?officeCode=customHomeLink
2024-05-01 09:21-09:24	Same Device Type with Many IPs: 52...41 64...220	8 times	Chrome, Windows	Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/a2.php https://www.kenstudyjourney.cn/wp-admin/a2.php https://www.kenstudyjourney.cn/wp-atom.php
2024-05-01 07:14-07:17	Same Device Type with Many IPs: 194...189 2001:41d0:***:0:0	10 times	Chrome, Windows	Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/.well-known/acme-challenge/upfile.php https://www.kenstudyjourney.cn/cgi-bin/upfile.php https://www.kenstudyjourney.cn/wp-admin/network/upfile.php
2024-05-01 01:52-01:57	Same Device Type with Many IPs: 2a03:4000:*:febd:6eb6 216...150 159...197 162..**.78	26 times	Chrome, Windows	Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/wp-content/themes/wp-admin/css/index.php https://www.kenstudyjourney.cn/wp-roto/wp-admin/css/index.php https://www.kenstudyjourney.cn/PHPMailer/web_config.php https://www.kenstudyjourney.cn/wp-woulds.php https://www.kenstudyjourney.cn/fonts/wp-login.php