Ken’s Study Journey Strives to Maintain Internet Security
Say “No” to Massive Website Scanning
Ken’s Study Journey rigorously (strictly) checks massive website scanning attempts, maintaining a safe environment for the Ken’s Study Journey website/platform and user study plans.
The Automated Reminder System for Threatening Website Security (Massive Scanning Website Hidden Modules) is a self-developed technology from Ken's Study Journey.
My server's Web-Application Firewall (WAF) and Automated Reminder System will automatically remind scanners.
Any continuous scans after reminders/warnings (i.e. repeated offenders) may be shown publicly on this reminder board. The display time of each scan is 7 days.
Any sensitive information (e.g. IP addresses) will be masked to enhance its security.
Any direct IP access (including unauthorised domain names) will be dropped (instead of displaying a Server default page) since 18 Nov. 2023 to prevent global massive vulnerability scanning via IPv4 addresses.
For Credential Stuffing Attack: Only the general information (e.g. IP addresses and scan types) will be shown. Private user names and passwords will be hidden.
Note: Some scanning attempts (of hidden modules) also violated the rules listed in the website's "/robots.txt" file.
New:
- Any stopped scanning attempts several seconds after automated reminders may not be displayed.
- All records will be displayed together due to multiple violation types of a scanner.
- (Update) Repeated offenders (after display on this page for many days) are shown in red/orange backgrounds.
Scan Types include:
- Open-source Website Framework Modules
(including but not limited to, WordPress modules) - Website Backend Modules
(including but not limited to, "php", "jsp", "asp", "aspx" and "sql") - Website Admin Entrance
- Non-existent APIs and APP Ports
- Website Code Backup Zip Files
- Website Login Pages (User Names and Passwords)
- Credential Stuffing Attack
- SQL injection
- XSS attack
Updated: 8 May 2024 09:20 (GMT+8, CST)
Total: 26 Records
Swipe/Scroll left and right to view the entire table.
Date/Time (GMT+8) | IP Address | Scans | Device Type | Scan Types & Sample URLs |
---|---|---|---|---|
2024-05-07 23:21-23:23 |
149.**.**.235 | 3 times | Chrome, Android | Backend Modules (PHP, WordPress): (malicious code) https://www.kenstudyjourney.cn/wp-admin/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ... (malicious code) https://www.kenstudyjourney.cn/wp-content/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ... (malicious code) https://www.kenstudyjourney.cn/wp-includes/style.php?p=J938PnuGv1QZCrNF6%2B2Zh81Kh1Lk ... |
2024-05-07 21:18-21:49, 23:00-23:51 |
Same ISP / Hosting Provider with Many IPs: 139.**.**.26 111.**.**.162 123.**.**.106 103.**.**.146 119.**.**.178 |
18 times | Firefox, Windows | Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/member/reg.asp https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php |
2024-05-07 08:18-09:29 |
Same ISP / Hosting Provider with Many IPs: 121.**.**.46 112.**.**.141 |
872 times | Chrome, Windows | Backend Modules (PHP, SQL, JSP, phpMyAdmin): https://www.kenstudyjourney.cn/admin/ https://www.kenstudyjourney.cn/cacti.sql https://www.kenstudyjourney.cn/admin.php?mod=do&act=login https://www.kenstudyjourney.cn/install/sql.sql https://www.kenstudyjourney.cn/smartbi/vision/index.jsp https://www.kenstudyjourney.cn/was5/web/index.jsp https://www.kenstudyjourney.cn/phpcms/modules/comment/install/module.sql https://www.kenstudyjourney.cn/phpMyAdmin/ https://www.kenstudyjourney.cn/phpMyAdmin/404.html https://www.kenstudyjourney.cn/phpMyAdmin/500.html https://www.kenstudyjourney.cn/phpMyAdmin/?c=4e5e5d7364f443e28fbf0d3ae744a59a Non-existent API/APP Ports: https://www.kenstudyjourney.cn/api/v1/query?query=prometheus_build_info |
2024-05-06 22:19-23:24 |
Same ISP / Hosting Provider with Many IPs: 121.**.**.155 112.**.**.104 |
1024 times | Chrome, Windows | Backend Modules (PHP, SQL, JSP, phpMyAdmin): https://status.kenstudyjourney.cn/admin/ https://status.kenstudyjourney.cn/cacti.sql https://status.kenstudyjourney.cn/admin.php?mod=do&act=login https://status.kenstudyjourney.cn/install/sql.sql https://status.kenstudyjourney.cn/smartbi/vision/index.jsp https://status.kenstudyjourney.cn/was5/web/index.jsp https://status.kenstudyjourney.cn/phpcms/modules/comment/install/module.sql https://status.kenstudyjourney.cn/phpMyAdmin/ https://status.kenstudyjourney.cn/phpMyAdmin/404.html https://status.kenstudyjourney.cn/phpMyAdmin/500.html https://status.kenstudyjourney.cn/phpMyAdmin/?c=4e5e5d7364f443e28fbf0d3ae744a59a Non-existent API/APP Ports: https://status.kenstudyjourney.cn/api/v1/query?query=prometheus_build_info |
2024-05-06 09:52-09:55, 11:09-11:11 |
2001:41d0:***:0:0 2400:6180:***:9a4:9001 |
12 times | Chrome, Windows | Backend Modules (PHP): https://www.kenstudyjourney.cn/wp-content/plugins/contact-form-7/admin/css/styles-rtl.php (malicious code) https://www.kenstudyjourney.cn/wp-admin/css/colors/blue/clean.php?msfacai=die(md5(24334)); |
2024-05-06 00:11-00:37, 03:20, 04:02, 04:16-04:17, 04:27-04:33, 05:00-05:01, 05:10-05:12, 06:22, 06:55, 07:55, 08:51, 15:34 |
Same ISP / Hosting Provider with Many IPs: 111.**.**.162 119.**.**.2 139.**.**.26 111.**.**.18 |
32 times | Firefox, Windows | Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/ddd.php |
2024-05-05 02:10-02:11, 03:07, 04:23, 05:20, 22:29-22:30, 22:40, 22:42, 22:48-22:52, 23:12-23:13 |
Same ISP / Hosting Provider with Many IPs: 111.**.**.18 139.**.**.26 111.**.**.162 103.**.**.146 119.**.**.2 |
19 times | Firefox, Windows | Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://status.kenstudyjourney.cn/123.aspx https://planner.kenstudyjourney.cn/e/DoInfo/AddInfo.php |
2024-05-05 01:25 |
120.**.**.109 | 116 times | Chrome, macOS | Backend Modules (PHP, phpMyAdmin): https://status.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://status.kenstudyjourney.cn/db/dbweb/index.php?lang=en https://status.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://status.kenstudyjourney.cn/db/phpMyAdmin/index.php?lang=en https://status.kenstudyjourney.cn/db/db-admin/index.php?lang=en https://status.kenstudyjourney.cn/database/index.php?lang=en |
2024-05-05 00:44-00:52 |
178.**.**.235 | 97 times | Safari, macOS | Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/db/dbweb/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/db/phpMyAdmin/index.php?lang=en https://www.kenstudyjourney.cn/db/db-admin/index.php?lang=en https://www.kenstudyjourney.cn/database/index.php?lang=en |
2024-05-04 22:18-22:18 |
2405:d000:***:fe2c:58 | 115 times | Chrome, Linux | Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/phpmyadmin2017/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/sql/myadmin/index.php?lang=en https://www.kenstudyjourney.cn/admin/phpmyadmin/index.php?lang=en https://www.kenstudyjourney.cn/mysql/dbadmin/index.php?lang=en |
2024-05-04 15:43-15:44 |
103.**.**.120 | 115 times | Chrome, Windows | |
2024-05-04 15:51 |
118.**.**.27 | 39 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www_kenstudyjourney_cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/www.tar.gz https://www.kenstudyjourney.cn/web1.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz |
2024-05-04 06:10, 11:29, 12:52, 13:26, 15:53, 18:52 |
154.**.**.33 | 6 times | Firefox, Windows | Admin Entrance (ashx): https://www.kenstudyjourney.cn//Admin/Scripts/ueditor/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn//adminH/lib/ueditor/1.4.3/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn//Administration/Content/UEditor/net/controller.ashx?action=catchimage |
2024-05-04 04:39, 06:09 |
Same ISP / Hosting Provider with Many IPs: 150.**.**.198 43.**.**.151 |
10 times | Unknown Browser, Unknown OS | Admin Entrance (WordPress): https://planner.kenstudyjourney.cn/admin/privilege.php https://planner.kenstudyjourney.cn/dede/login.php https://planner.kenstudyjourney.cn/admin/index.php?m=admin-login https://planner.kenstudyjourney.cn/admin.php?s=Admin-Login https://status.kenstudyjourney.cn/admin/privilege.php https://status.kenstudyjourney.cn/dede/login.php https://status.kenstudyjourney.cn/admin/index.php?m=admin-login https://status.kenstudyjourney.cn/admin.php?s=Admin-Login |
2024-05-04 01:37, 02:13, 02:39, 06:34, 18:57, 19:05, 21:01, 21:36-21:37 |
Same ISP / Hosting Provider with Many IPs: 103.**.**.122 119.**.**.2 116.**.**.186 103.**.**.122 |
9 times | Firefox, Windows | Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php |
2024-05-03 21:01-21:10, 21:23-21:27 |
Same Device Type with Many IPs: 91.**.**.81 141.**.**.28 |
20 times | Chrome, Android | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/wp-content/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-includes/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/wp-admin/wp-cron.php?ac=3 https://www.kenstudyjourney.cn/inputs.php https://www.kenstudyjourney.cn/about.php https://www.kenstudyjourney.cn/simple.php |
2024-05-03 20:11-20:12 |
142.**.**.127 | 116 times | Safari, macOS | Backend Modules (PHP, phpMyAdmin): https://www.kenstudyjourney.cn/mysql/pMA/index.php?lang=en https://www.kenstudyjourney.cn/phpmyadmin2017/index.php?lang=en https://www.kenstudyjourney.cn/php-myadmin/index.php?lang=en https://www.kenstudyjourney.cn/sql/myadmin/index.php?lang=en https://www.kenstudyjourney.cn/admin/phpmyadmin/index.php?lang=en https://www.kenstudyjourney.cn/mysql/dbadmin/index.php?lang=en |
2024-05-03 00:31 |
2400:8d60:***:fdee:2b2f | 5 times | Chrome, Windows | Backend Modules (PHP, JSP): https://www.kenstudyjourney.cn/api/index.php?super=login https://www.kenstudyjourney.cn/admin/Ueditor/net/controller.ashx?action=catchimage (malicious code) https://www.kenstudyjourney.cn/WebReport/ReportServer?op=svginit&cmd=design_save_svg&filePath=chartmapsvg/../../../../WebReport/tangbohu.svg.jsp |
2024-05-03 00:08 |
27.**.**.146 | 57 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www.kenstudyjourney.cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/kenstudyjourneywww.zip https://www.kenstudyjourney.cn/kenstudyjourneywwwroot.tar.gz https://www.kenstudyjourney.cn/bf.rar https://www.kenstudyjourney.cn/beifen.tar.gz https://www.kenstudyjourney.cn/dz.tar.gz |
2024-05-02 15:25-15:31 |
204.**.**.36 | 11 times | Chrome, Windows | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/q.php https://www.kenstudyjourney.cn/wp-includes/ll.php https://www.kenstudyjourney.cn/lol.php https://www.kenstudyjourney.cn/nainxd.php https://www.kenstudyjourney.cn/wp-admin/css/lol.php |
2024-05-02 13:56-14:01 |
178.**.**.14 | 11 times | ||
2024-05-02 03:28 |
118.**.**.27 | 37 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www_kenstudyjourney_cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/www.tar.gz https://www.kenstudyjourney.cn/web1.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz |
2024-05-01 12:11 |
36.**.**.10 | 28 times | Vivo Browser, Android OKHTTP, Unknown OS |
Non-existent API/APP Ports: https://www.kenstudyjourney.cn/app/js/base.js/ https://www.kenstudyjourney.cn/api/config/getkefu/ https://www.kenstudyjourney.cn/api/Config/getShowConfig/ https://www.kenstudyjourney.cn/api/public/?service=Home.getConfig https://www.kenstudyjourney.cn/api/v/index/queryOfficePage?officeCode=customHomeLink |
2024-05-01 09:21-09:24 |
Same Device Type with Many IPs: 52.**.**.41 64.**.**.220 |
8 times | Chrome, Windows | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/a2.php https://www.kenstudyjourney.cn/wp-admin/a2.php https://www.kenstudyjourney.cn/wp-atom.php |
2024-05-01 07:14-07:17 |
Same Device Type with Many IPs: 194.**.**.189 2001:41d0:***:0:0 |
10 times | Chrome, Windows | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/.well-known/acme-challenge/upfile.php https://www.kenstudyjourney.cn/cgi-bin/upfile.php https://www.kenstudyjourney.cn/wp-admin/network/upfile.php |
2024-05-01 01:52-01:57 |
Same Device Type with Many IPs: 2a03:4000:***:febd:6eb6 216.**.**.150 159.**.**.197 162.**.**.78 |
26 times | Chrome, Windows | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/wp-content/themes/wp-admin/css/index.php https://www.kenstudyjourney.cn/wp-roto/wp-admin/css/index.php https://www.kenstudyjourney.cn/PHPMailer/web_config.php https://www.kenstudyjourney.cn/wp-woulds.php https://www.kenstudyjourney.cn/fonts/wp-login.php |
Your comment has been posted successfully, but it needs to be audited by myself artificially to prevent spam and negative comments.
Please wait for a few days. You will receive an email once your comment has been replied.