Ken’s Study Journey Strives to Maintain Internet Security
Say “No” to Massive Website Scanning
Ken’s Study Journey rigorously (strictly) checks massive website scanning attempts, maintaining a safe environment for the Ken’s Study Journey website/platform and user study plans.
The Automated Reminder System for Threatening Website Security (Massive Scanning Website Hidden Modules) is a self-developed technology from Ken's Study Journey.
My server's Web-Application Firewall (WAF) and Automated Reminder System will automatically remind scanners.
Any continuous scans after reminders/warnings (i.e. repeated offenders) may be shown publicly on this reminder board. The display time of each scan is 7 days.
Any sensitive information (e.g. IP addresses) will be masked to enhance its security.
Any direct IP access (including unauthorised domain names) will be dropped (instead of displaying a Server default page) since 18 Nov. 2023 to prevent global massive vulnerability scanning via IPv4 addresses.
For Credential Stuffing Attack: Only the general information (e.g. IP addresses and scan types) will be shown. Private user names and passwords will be hidden.
Note: Some scanning attempts (of hidden modules) also violated the rules listed in the website's "/robots.txt" file.
New:
- Any stopped scanning attempts several seconds after automated reminders may not be displayed.
- All records will be displayed together due to multiple violation types of a scanner.
- (Update) Repeated offenders (after display on this page for many days) are shown in red/orange backgrounds.
Scan Types include:
- Open-source Website Framework Modules
(including but not limited to, WordPress modules) - Website Backend Modules
(including but not limited to, "php", "jsp", "asp", "aspx" and "sql") - Website Admin Entrance
- Non-existent APIs and APP Ports
- Website Code Backup Zip Files
- Website Login Pages (User Names and Passwords)
- Credential Stuffing Attack
- SQL injection
- XSS attack
Updated: 16 May 2024 07:40 (GMT+8, CST)
Total: 17 Records
Swipe/Scroll left and right to view the entire table.
Date/Time (GMT+8) | IP Address | Scans | Device Type | Scan Types & Sample URLs |
---|---|---|---|---|
2024-05-15 03:24, 04:58, 05:16, 20:07, 20:51 |
Same ISP / Hosting Provider with Many IPs: 116.**.**.186 103.**.**.146 139.**.**.26 |
5 times | Firefox, Windows | Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/123.aspx |
2024-05-15 00:26-00:27, 00:34-00:35, 22:49-22:50 |
167.**.**.96 | 10 times | Chrome, Android | Backend Modules (WordPress): https://www.kenstudyjourney.cn/wp-admin/setup-config.php?step=1 https://www.kenstudyjourney.cn/wp-admin/install.php?step=1 https://planner.kenstudyjourney.cn/wp-admin/setup-config.php?step=1 https://planner.kenstudyjourney.cn/wp-admin/install.php?step=1 |
2024-05-14 16:12 |
118.**.**.27 | 39 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www_kenstudyjourney_cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/www.tar.gz https://www.kenstudyjourney.cn/web1.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz |
2024-05-14 03:52-03:57, 04:27-04:33, 04:59, 05:16, 05:24, 05:45, 06:04, 06:13, 06:32, 06:40, 08:43, 08:55, 09:05, 21:55, 22:09, 22:13, 22:53-22:58 |
Same ISP / Hosting Provider with Many IPs: 111.**.**.18 111.**.**.162 139.**.**.26 119.**.**.2 119.**.**.178 103.**.**.146 116.**.**.186 |
28 times | Firefox, Windows | Backend Modules (PHP): https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/uploads/dd.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://www.kenstudyjourney.cn/passcode.php https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php |
2024-05-13 00:32, 00:50, 01:20, 02:45, 04:57, 05:16, 05:18, 05:32, 06:54, 17:59, 21:00 |
Same ISP / Hosting Provider with Many IPs: 119.**.**.2 116.**.**.186 103.**.**.146 139.**.**.138 111.**.**.18 139.**.**.26 103.**.**.122 |
13 times | Firefox, Windows Chrome, Windows |
Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/admincms/ueditor/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://www.kenstudyjourney.cn/e/admin/dd.php https://www.kenstudyjourney.cn/newfile.php |
2024-05-12 03:32 |
185.**.**.64 | 33 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/web.tar.gz https://www.kenstudyjourney.cn/wwwroot.tar.gz https://www.kenstudyjourney.cn/webroot.tar.gz https://www.kenstudyjourney.cn/website.tar.gz https://www.kenstudyjourney.cn/m.tar.gz https://www.kenstudyjourney.cn/kenstudyjourney.cn.zip https://www.kenstudyjourney.cn/www.kenstudyjourney.cn.rar |
2024-05-12 00:44, 00:50-00:52, 04:19, 04:21, 04:24, 06:14, 13:46, 15:28, 16:22, 22:56, 23:15, 23:25, 23:45 |
Same ISP / Hosting Provider with Many IPs: 111.**.**.18 103.**.**.146 139.**.**.26 116.**.**.186 111.**.**.162 103.**.**.122 119.**.**.2 119.**.**.178 |
18 times | Firefox, Windows | Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/e/admin/dd.php https://www.kenstudyjourney.cn/888.php https://www.kenstudyjourney.cn/admincms/ueditor/net/controller.ashx?action=catchimage |
2024-05-11 21:58-22:04 |
140.**.**.168 | 14 times | Chrome, Android | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/ws.php https://www.kenstudyjourney.cn/wp-head.php https://www.kenstudyjourney.cn/fm1.php https://www.kenstudyjourney.cn/alfadheat.php https://www.kenstudyjourney.cn/wp-admin/images/admin.php https://www.kenstudyjourney.cn/.well-known/wso112233.php |
2024-05-11 04:29, 04:48, 04:50, 04:58, 07:19, 07:25, 08:22, 08:48, 08:51, 09:03, 11:38, 23:00, 23:03 |
Same ISP / Hosting Provider with Many IPs: 119.**.**.2 111.**.**.18 111.**.**.162 116.**.**.186 139.**.**.26 |
17 times | Firefox, Windows | Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/yzmphp/yzmphp.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/e/admin/dd.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/ThinkPHP/ThinkPHP.php https://www.kenstudyjourney.cn/123.aspx Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php |
2024-05-10 21:50-22:12 |
91.**.**.2 | 59 times | Python Requests, Unknown OS | Backend Modules (WordPress): https://www.kenstudyjourney.cn/wp-includes/ https://www.kenstudyjourney.cn/wp-admin/maint/ https://www.kenstudyjourney.cn/wp-includes/Text/ https://www.kenstudyjourney.cn/wp-includes/blocks/ https://www.kenstudyjourney.cn/wp-includes/sodium_compat/src/ |
2024-05-10 21:20 |
27.**.**.146 | 57 times | Internet Explorer, Windows | Website Code Backup Zip Files: https://www.kenstudyjourney.cn/www.kenstudyjourney.cn.tar.gz https://www.kenstudyjourney.cn/wwwkenstudyjourneycn1.rar https://www.kenstudyjourney.cn/kenstudyjourneywww.zip https://www.kenstudyjourney.cn/kenstudyjourneywwwroot.tar.gz https://www.kenstudyjourney.cn/bf.rar https://www.kenstudyjourney.cn/beifen.tar.gz https://www.kenstudyjourney.cn/dz.tar.gz |
2024-05-10 18:47, 18:58, 20:48-20:49 |
38.**.**.6 | 10 times | Chrome, Android | Backend Modules (WordPress): https://www.kenstudyjourney.cn/wp-admin/setup-config.php?step=1 https://www.kenstudyjourney.cn/wp-admin/install.php?step=1 |
2024-05-10 16:28-16:34 |
140.**.**.168 | 35 times | Chrome, Android | Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/ws.php https://www.kenstudyjourney.cn/wp-head.php https://www.kenstudyjourney.cn/fm1.php https://www.kenstudyjourney.cn/alfadheat.php https://www.kenstudyjourney.cn/wp-admin/images/admin.php https://www.kenstudyjourney.cn/wp-content/shell20211028.php https://www.kenstudyjourney.cn/autoload_classmap.php |
2024-05-10 06:01, 06:07-06:08, 06:16, 09:15, 12:26, 14:51 |
Same ISP / Hosting Provider with Many IPs: 111.**.**.162 111.**.**.18 139.**.**.26 119.**.**.178 103.**.**.122 |
8 times | Firefox, Windows Chrome, Windows |
Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/admin/dd.php https://www.kenstudyjourney.cn/1234.php https://www.kenstudyjourney.cn/124.php https://www.kenstudyjourney.cn/huchen.php https://www.kenstudyjourney.cn/dd.php https://www.kenstudyjourney.cn/admin/ewebeditor/ueditor/net/controller.ashx?action=catchimage https://www.kenstudyjourney.cn/a.php |
2024-05-09 18:51 |
103.**.**.35 | 24 times | Vivo Browser, Android OKHTTP, Unknown OS |
Non-existent API/APP Ports: https://www.kenstudyjourney.cn/api/Config/getShowConfig/ https://www.kenstudyjourney.cn/api/uploads/apimap/ https://www.kenstudyjourney.cn/api/currency/quotation_new/ https://www.kenstudyjourney.cn/api/system/systemConfigs/getCustomerServiceLink/ https://www.kenstudyjourney.cn/api/v/index/queryOfficePage?officeCode=customHomeLink |
2024-05-09 14:08-14:10 |
2a01:4f8:***:0:2 | 48 times | Chrome, Windows Chrome, macOS Safari, macOS Firefox, Windows (frequently changing) |
Backend Modules (PHP, WordPress): https://www.kenstudyjourney.cn/wp-json/ https://www.kenstudyjourney.cn/wp-content/pluginss/wordpres-yaooo/admin.php https://www.kenstudyjourney.cn/wp-content/plugins/wordpres-googlepagespeed/admin.php https://www.kenstudyjourney.cn/wp-content/plugins/wordpres-woosc/admin.php https://www.kenstudyjourney.cn/wp-admin/admin-ajax/admin.php?s1=s1 |
2024-05-09 01:15, 01:18, 04:44, 05:00, 05:06, 19:34, 21:53 |
Same ISP / Hosting Provider with Many IPs: 116.**.**.186 111.**.**.162 139.**.**.26 103.**.**.122 |
7 times | Firefox, Windows | Backend Modules (PHP, ASP): https://www.kenstudyjourney.cn/e/DoInfo/AddInfo.php https://www.kenstudyjourney.cn/123.aspx https://www.kenstudyjourney.cn/1234.php Admin Entrance (WordPress): https://www.kenstudyjourney.cn/wp-login.php |
Your comment has been posted successfully, but it needs to be audited by myself artificially to prevent spam and negative comments.
Please wait for a few days. You will receive an email once your comment has been replied.