Архив рубрики: Digest

BlackList IP Digest: 2018.10.07

Черный Список IP адресов: WordPress +1, RDP +0, Remotely Anywhere +24, FTP +2, xScan +14, Reg-Bot +0, DDoS +0, Zombie +0

112.213.89.104, 45.7.228.8, 1.234.79.66, 1.237.178.28, 101.207.249.138, 109.245.221.126, 113.108.95.195, 120.132.8.54, 124.158.5.112, 125.70.230.211, 132.232.104.176, 132.232.17.146, 14.29.148.96, 142.4.204.122, 142.93.31.198, 166.62.92.18, 202.80.228.67, 212.112.98.158, 213.158.187.42, 27.50.18.13, 45.222.128.15, 50.63.165.214, 59.124.231.152, 60.28.226.158, 87.27.150.229, 94.249.158.183, 178.33.23.158, 104.168.176.52, 104.239.161.241, 196.187.53.74, 197.4.60.22, 41.102.125.227, 47.52.96.228, 78.190.179.106, 78.190.181.165, 47.75.150.232, 66.249.66.72, 66.249.66.74, 66.249.66.77, 66.249.66.78, 66.249.66.82


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.66.72 Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    66.249.66.82 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.66.74 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    66.249.66.78 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    66.249.66.77 Googlebot Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
  • Remotely Anywhere BruteForce
    IP Address Host
    94.249.158.183 GHOSTnet GmbH DE
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    78.190.181.165 Turk Telekom TR
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    47.75.150.232 Alibaba Alicloud-hk CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    196.187.53.74 SOCIETE NATIONALE DES TELECOMMUNICATIONS (Tunisie TN
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/V5.php
    /wp-content/plugins/downloads-manager/upload/V5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    197.4.60.22 Tunisie Telecom ATI — Agence Tunisienne Internet TN
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/V5.php
    /wp-content/plugins/downloads-manager/upload/V5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    104.239.161.241 Rackspace Hosting US
    /phpMyAdmin/scripts/setup.php
    /scripts/setup.php
    104.168.176.52 Hostwinds LLC. US
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    78.190.179.106 Turk Telekom TR
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    47.52.96.228 Alicloud-hk Alibaba HK
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    41.102.125.227 Algerie Telecom DZ
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/plugins/revslider/temp/update_extract/pwn.gif.php5
    /wp-content/plugins/hd-webplayer/playlist.php
    /wp-content/vuln.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php
    /wp-content/plugins/formcraft/file-upload/server/content/upload.php
  • WordPress BruteForce
    IP Address Host
    178.33.23.158 OVH SAS FR
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.06

Черный Список IP адресов: WordPress +1, RDP +0, Remotely Anywhere +30, FTP +0, xScan +9, Reg-Bot +0, DDoS +0, Zombie +0

112.35.3.72, 116.196.100.245, 116.196.123.1, 121.184.64.15, 123.125.16.70, 138.68.238.4, 140.116.157.16, 151.80.153.174, 176.194.62.181, 177.124.231.28, 182.61.52.29, 185.165.169.37, 199.195.250.21, 200.46.254.107, 200.60.16.59, 203.94.69.50, 210.203.20.185, 35.184.172.244, 50.115.166.104, 51.68.196.105, 52.77.142.99, 54.36.151.64, 63.139.133.35, 73.26.245.243, 74.92.210.138, 79.7.97.222, 80.211.78.198, 86.96.200.86, 89.90.209.252, 94.46.192.21, 205.251.148.138, 41.102.226.127, 41.103.1.197, 5.197.140.73, 78.168.190.179, 106.12.110.247, 220.248.36.56, 178.137.164.132, 66.249.66.77, 66.249.66.78


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.66.77 Googlebot Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.66.78 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
  • Remotely Anywhere BruteForce
    IP Address Host
    54.36.151.64 OVH Hosting FR
    63.139.133.35 Windstream Communications US
    73.26.245.243 Comcast Cable US
    52.77.142.99 Amazon.com SG
    35.184.172.244 Google Cloud US
    50.115.166.104 Wowrack.com US
    51.68.196.105 OVH SAS OVH GB
    89.90.209.252 Bouygues Telecom FR
    94.46.192.21 Serverdroid LLC GB
    112.35.3.72 China Mobile Guangdong CN
    86.96.200.86 Emirates Telecommunications Corporation AE
    74.92.210.138 Comcast Business US
    79.7.97.222 Telecom Italia Business IT
    80.211.78.198 Aruba S.p.A. IT
    210.203.20.185 Asia Pacific On-line Services Asia Pacific Telecom TW
    138.68.238.4 Digital Ocean US
    140.116.157.16 Taiwan Academic Network (TANet) Information Center Taiwan Academic Network TW
    151.80.153.174 OVH SAS FR
    123.125.16.70 China Unicom Beijing CN
    116.196.100.245 China Unicom Beijing CN
    116.196.123.1 China Unicom Beijing CN
    121.184.64.15 Korea Telecom KR
    176.194.62.181 Net By Net Holding LLC RU
    200.46.254.107 Cable Onda PA
    203.94.69.50 Sri Lanka Telecom LK
    200.60.16.59 Telefonica del Peru PE
    199.195.250.21 FranTech Solutions US
    177.124.231.28 Mundivox LTDA BR
    182.61.52.29 Beijing Baidu Netcom Science and Technology Co. CN
    185.165.169.37 Flokinet Ltd SC
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    220.248.36.56 China Unicom IP network China Unicom Shanghai network CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    178.137.164.132 Kyivstar PJSC Kyivstar GSM UA
    /admin.php
    41.103.1.197 Algerie Telecom DZ
    /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php
    /wp-content/plugins/wp-mobile-detector/cache/upz.php
    /wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php
    /wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/priv.php
    /wp-content/plugins/dzs-zoomsounds/admin/upload.php
    /wp-content/plugins/dzs-zoomsounds/admin/upload/priv.php
    /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
    /wp-content/plugins/sexy-contact-form/includes/fileupload/index.php
    /wp-content/plugins/sexy-contact-form/includes/fileupload/files/priv.php
    106.12.110.247 CNISP-Union Technology (Beijing) Co. Beijing Baidu Netcom Science and Technology Co. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    41.102.226.127 Algerie Telecom DZ
    /wp-content/plugins/revslider/temp/update_extract/revslider/priv.php
    /wp-content/themes/Avada/framework/plugins/revslider/temp/update_extract/revslider/priv.php
    /wp-content/themes/striking_r/framework/plugins/revslider/temp/update_extract/revslider/priv.php
    /wp-content/themes/IncredibleWP/framework/plugins/revslider/temp/update_extract/revslider/priv.php
    /wp-content/themes/medicate/script/revslider/temp/update_extract/revslider/priv.php
    5.197.140.73 AG Telecom LTD. Ag-telecom-fttb AZ
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    78.168.190.179 Turk Telekom TR
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
  • WordPress BruteForce
    IP Address Host
    205.251.148.138 Network Transit Holdings LLC US
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.05

Черный Список IP адресов: WordPress +0, RDP +13, Remotely Anywhere +32, FTP +4, xScan +18, Reg-Bot +0, DDoS +0, Zombie +0

173.212.246.168, 36.187.254.111, 36.187.254.128, 36.187.254.153, 36.187.254.226, 36.187.254.244, 36.187.254.25, 36.187.254.49, 36.187.254.57, 36.187.254.63, 36.187.254.77, 36.187.254.86, 36.187.254.95, 182.50.132.82, 198.71.227.145, 50.62.161.94, 52.63.96.6, 101.71.130.18, 103.220.65.26, 111.231.250.117, 114.80.157.210, 118.89.22.182, 13.125.180.169, 13.72.72.96, 137.74.47.22, 139.199.174.58, 139.59.78.70, 145.239.94.155, 174.129.207.220, 177.206.128.131, 178.128.191.128, 179.97.24.28, 185.211.88.119, 189.41.163.183, 190.14.152.105, 193.112.102.174, 205.185.115.43, 220.202.32.2, 221.162.174.98, 41.38.178.218, 45.40.248.243, 51.15.199.248, 51.15.248.211, 52.165.220.87, 61.76.169.138, 68.183.36.15, 82.112.32.45, 91.121.69.76, 94.23.212.137, 61.78.63.147, 64.207.146.209, 112.109.90.7, 158.181.40.132, 185.13.39.216, 200.54.98.75, 212.128.25.164, 213.152.161.85, 213.213.202.246, 81.242.29.236, 93.184.231.55, 120.78.249.137, 178.62.162.189, 119.29.130.253, 178.137.19.139, 185.234.217.110, 66.249.66.81, 66.249.66.83


Восстановление сайтов WordPress после взлома.


  • FTP BruteForce
    IP Address Host
    50.62.161.94 GoDaddy.com, LLC US
    198.71.227.145 GoDaddy.com, LLC US
    182.50.132.82 GoDaddy.com, LLC SG
    52.63.96.6 Amazon.com AU
  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.66.83 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    66.249.66.81 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
  • Remotely Anywhere BruteForce
    IP Address Host
    193.112.102.174 Tencent cloud computing CN
    190.14.152.105 R&H Telecom — DataCenter CR
    205.185.115.43 FranTech Solutions US
    174.129.207.220 Amazon.com US
    220.202.32.2 China Unicom China Unicom Liaoning CN
    178.128.191.128 Digital Ocean US
    177.206.128.131 Vivo BR
    179.97.24.28 Mg Telecom Ltda Me BR
    189.41.163.183 Algar Telecom BR
    185.211.88.119 Amirkabir University of Technology IR
    51.15.248.211 ONLINE SAS FR
    51.15.199.248 ONLINE SAS FR
    52.165.220.87 Microsoft Corporation Microsoft Azure US
    68.183.36.15 DSL Extreme US
    61.76.169.138 Korea Telecom KR
    45.40.248.243 Tencent cloud computing CN
    91.121.69.76 OVH SAS FR
    94.23.212.137 OVH SAS FR
    82.112.32.45 Joint stock company For RU
    41.38.178.218 TE Data EG
    221.162.174.98 Korea Telecom KR
    145.239.94.155 OVH Hosting PL
    114.80.157.210 China Telecom Shanghai CN
    118.89.22.182 Tencent cloud computing CN
    111.231.250.117 Beijing Faster Internet Technology Co.,Ltd Tencent cloud computing CN
    101.71.130.18 UNICOM ZheJiang CN
    103.220.65.26 Guangzhou Hotwon Computer Technology Co.,ltd. CN
    139.199.174.58 China Great Wall Internet Server Provider Tencent cloud computing CN
    139.59.78.70 Digital Ocean IN
    137.74.47.22 OVH SAS FR
    13.125.180.169 Amazon.com KR
    13.72.72.96 Microsoft Corporation Microsoft Azure US
  • RDP BruteForce
    IP Address Host
    36.187.254.153 China Mobile Guangdong CN
    36.187.254.226 China Mobile Guangdong CN
    36.187.254.244 China Mobile Guangdong CN
    173.212.246.168 Contabo GmbH DE
    36.187.254.111 China Mobile Guangdong CN
    36.187.254.128 China Mobile Guangdong CN
    36.187.254.25 China Mobile Guangdong CN
    36.187.254.77 China Mobile Guangdong CN
    36.187.254.95 China Mobile Guangdong CN
    36.187.254.86 China Mobile Guangdong CN
    36.187.254.49 China Mobile Guangdong CN
    36.187.254.57 China Mobile Guangdong CN
    36.187.254.63 China Mobile Guangdong CN
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    178.62.162.189 Digital Ocean NL
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    93.184.231.55 Ultel LLC AZ
    /administrator
    /admin.php
    /admin/login.php
    /user
    120.78.249.137 Aliyun Computing Co. Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    185.234.217.110 World Hosting Farm Limited IE
    /include/config.php~
    /includes/config.php~
    /config.php~
    /admin/config.php~
    /administrator/config.php~
    212.128.25.164 Entidad Publica Empresarial Red.es Universidad Politecnica de Cartagena ES
    /wp-admin/admin-ajax.php
    /wp-admin/options-link.php
    /wp-admin/includes/themes.php
    119.29.130.253 Tencent cloud computing CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    178.137.19.139 Kyivstar PJSC Kyivstar GSM UA
    /admin.php
    81.242.29.236 Skynet Belgium BE
    /components/com_b2jcontact/pagat.php
    /pagat.php
    /components/com_b2jcontact/sheren.php
    /components/com_b2jcontact/jlG.php
    /components/com_b2jcontact/.grv.php
    /components/com_b2jcontact/.jkp.php
    /components/pagat.php
    /components/sheren.php
    112.109.90.7 Minh Tu Telecom Limited Company VN
    /components/com_b2jcontact/pagat.php
    /pagat.php
    /components/com_b2jcontact/sheren.php
    /components/com_b2jcontact/jlG.php
    /components/com_b2jcontact/.grv.php
    /components/com_b2jcontact/.jkp.php
    /components/pagat.php
    /components/sheren.php
    158.181.40.132 Aztelekom AZ
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    61.78.63.147 Korea Telecom KR
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    64.207.146.209 Media Temple US
    /wp-config.php~
    /wp-config.php.save
    /wp-config.php_bak
    /wp-config.php.bak
    /wp-config.php.old
    /wp-config.php.orig
    /wp-config.php.original
    213.152.161.85 Global Layer B.V. AirVPN.org NL
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/XAttacker.php
    /wp-content/plugins/downloads-manager/upload/XAttacker.php
    /wp-content/plugins/formcraft/file-upload/server/php
    /wp-content/uploads/_input_3_css.php.jd
    213.213.202.246 VOO BE
    /wp-content/plugins/wp-mobile-detector/cache/XAttacker.php
    /wp-content/plugins/inboundio-marketing/admin/partials/csv_uploader.php
    /wp-content/plugins/inboundio-marketing/admin/partials/uploaded_csv/XAttacker.php
    /wp-content/plugins/dzs-zoomsounds/admin/upload.php
    /wp-content/plugins/dzs-zoomsounds/admin/upload/XAttacker.php
    /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
    /com_sexycontactform/fileupload/index.php
    /com_sexycontactform/fileupload/files/XAttacker.php
    /wp-content/plugins/work-the-flow-file-upload/public/assets/jQuery-File-Upload-9.5.0/server/php
    185.13.39.216 Techcrea Solutions SARL FR
    /wp-content/themes/Coldfusion/includes/uploadify/upload_settings_image.php
    /wp-content/plugins/revslider/temp/update_extract/RxR__yizcx.php
    /wp-content/plugins/showbiz/temp/update_extract/RxR__yizcx.php
    /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php
    /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php
    /wp-content/themes/Directory/images/RxR__yizcx.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    200.54.98.75 Cl-teemsr-lacnic CL
    /wolf.php
    /phpThumb/wolf.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.04

Черный Список IP адресов: WordPress +0, RDP +0, Remotely Anywhere +35, FTP +2, xScan +5, Reg-Bot +0, DDoS +0, Zombie +0

184.168.200.135, 185.100.86.144, 103.21.176.33, 103.80.36.19, 106.12.9.107, 106.245.34.157, 109.104.88.43, 113.28.139.225, 119.28.77.70, 123.207.226.125, 134.175.31.27, 138.197.163.16, 149.248.9.28, 158.69.124.9, 181.65.176.242, 182.50.125.120, 182.61.10.181, 182.61.56.234, 185.134.28.206, 188.166.213.254, 196.52.60.17, 197.232.56.157, 202.103.207.211, 204.10.105.9, 205.185.119.229, 207.154.226.21, 208.96.14.5, 213.55.214.171, 221.1.106.83, 35.221.141.118, 37.49.225.165, 45.55.233.213, 46.105.121.42, 67.169.149.151, 80.211.132.161, 90.88.11.67, 94.16.119.231, 115.236.33.226, 120.24.183.44, 37.59.44.43, 66.249.73.139, 66.249.73.154


Восстановление сайтов WordPress после взлома.


  • FTP BruteForce
    IP Address Host
    185.100.86.144 Flokinet Ltd FI
    184.168.200.135 GoDaddy.com, LLC secureserver.net US
  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.73.154 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.73.139 Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
  • Remotely Anywhere BruteForce
    IP Address Host
    213.55.214.171 Salt Mobile SA CH
    208.96.14.5 DataPipe US
    35.221.141.118 Google Cloud US
    221.1.106.83 China Unicom Shandong China Unicom Liaoning CN
    204.10.105.9 Hurricane Electric Hurricane Electric US
    202.103.207.211 China Telecom Guangxi CN
    207.154.226.21 Digital Ocean DE
    205.185.119.229 FranTech Solutions US
    37.49.225.165 Estro Web Services Private Limited NL
    94.16.119.231 SSP Europe GmbH netcup GmbH DE
    90.88.11.67 Orange FR
    196.52.60.17 LogicWeb Inc SoftLayer Technologies AU
    103.21.176.33 China Mobile Guangdong CN
    46.105.121.42 OVH SAS FR
    45.55.233.213 Digital Ocean US
    80.211.132.161 Aruba S.p.A. IT
    67.169.149.151 Comcast Cable US
    197.232.56.157 Faiba KE
    123.207.226.125 Tencent cloud computing CN
    119.28.77.70 Tencent cloud computing Tencent Building, Kejizhongyi Avenue CN
    138.197.163.16 Digital Ocean CA
    134.175.31.27 Tencent cloud computing CN
    106.245.34.157 LG DACOM Corporation KR
    106.12.9.107 CNISP-Union Technology (Beijing) Co. Beijing Baidu Netcom Science and Technology Co. CN
    113.28.139.225 PCCW IMSBiz The Imc Of Conservative Baptist Lui Ming Choi Prim HK
    109.104.88.43 Host Europe GmbH GB
    149.248.9.28 Choopa, LLC US
    185.134.28.206 Zitcom A/S DK
    182.61.56.234 Beijing Baidu Netcom Science and Technology Co. CN
    103.80.36.19 Spectrum Life Company Limited MM
    188.166.213.254 DigitalOcean SG
    158.69.124.9 OVH Hosting CA
    181.65.176.242 Telefonica del Peru PE
    182.61.10.181 Beijing Baidu Netcom Science and Technology Co. CN
    182.50.125.120 BeiJing guangdianxinchuang communication & China Unicom Beijing CN
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    120.24.183.44 Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    115.236.33.226 China Telecom Zhejiang China Telecom Hangzhou CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    37.59.44.43 OVH SAS FR
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/vuln.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php
    /wp-content/plugins/formcraft/file-upload/server/content/upload.php
    /wp-content/plugins/wp-mobile-detector/resize.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.03

Черный Список IP адресов: WordPress +0, RDP +0, Remotely Anywhere +18, FTP +2, xScan +13, Reg-Bot +0, DDoS +0, Zombie +0

31.132.176.76, 46.105.32.63, 106.12.112.11, 107.173.80.123, 125.212.217.24, 138.122.255.144, 149.248.8.205, 164.132.225.151, 18.222.131.165, 182.61.10.198, 182.76.113.42, 188.243.168.71, 192.169.155.230, 193.112.170.56, 194.182.74.209, 202.22.142.111, 205.185.113.69, 210.183.236.30, 213.192.98.7, 51.15.4.80, 173.254.28.76, 178.222.227.144, 185.195.253.200, 35.185.98.117, 35.196.107.218, 124.95.129.105, 132.148.19.206, 211.201.171.114, 106.12.13.187, 221.0.183.42, 66.249.73.136, 66.249.73.153, 66.249.73.154


Восстановление сайтов WordPress после взлома.


  • FTP BruteForce
    IP Address Host
    46.105.32.63 OVH SAS FR
    31.132.176.76 OOO Bryansk Svyaz-TV RU
  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.73.154 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    66.249.73.136 Googlebot Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    66.249.73.153 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
  • Remotely Anywhere BruteForce
    IP Address Host
    125.212.217.24 Viettel Group CHT Compamy VN
    210.183.236.30 Korea Telecom KR
    194.182.74.209 Aruba S.p.A. CZ
    202.22.142.111 Offratel Ap NC
    213.192.98.7 Technical University of Gdansk, Academic Computer PL
    106.12.112.11 CNISP-Union Technology (Beijing) Co. Beijing Baidu Netcom Science and Technology Co. CN
    205.185.113.69 FranTech Solutions US
    51.15.4.80 ONLINE SAS Online SAS Nl NL
    107.173.80.123 ColoCrossing US
    138.122.255.144 TV Rey de Occidente, S.A. de C.V. MX
    18.222.131.165 Amazon.com US
    149.248.8.205 Choopa, LLC US
    164.132.225.151 OVH SAS FR
    182.61.10.198 Beijing Baidu Netcom Science and Technology Co. CN
    192.169.155.230 GoDaddy.com, LLC US
    188.243.168.71 SkyNet ISP RU
    193.112.170.56 Tencent cloud computing CN
    182.76.113.42 Bharti Broadband Bharti Airtel IN
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    106.12.13.187 CNISP-Union Technology (Beijing) Co. Beijing Baidu Netcom Science and Technology Co. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    211.201.171.114 SK Broadband SK Broadband KR
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    35.185.98.117 Google Cloud US
    /wp-content/plugins/simple-ads-manager/js/slider/tmpl.js
    /wp-content/plugins/wp-mobile-detector/cache/db.php
    /wp-content/plugins/formcraft/file-upload/server/upload.php
    /wp-content/plugins/revslider/temp/update_extract/revslider/db.php
    /wp-content/plugins/wp-symposium/server/index.php
    /wp-content/plugins/wp-symposium/server/zghaqaEGilAXeR.php
    221.0.183.42 China Unicom Shandong China Unicom Liaoning CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    185.195.253.200 Veganet Teknolojileri ve Hizmetleri LTD STI TR
    /administrator
    /bitrix/admin
    /admin
    /user
    178.222.227.144 Telekom Srbija RS
    /forum/register.php
    /administrator
    /admin
    /user/login
    173.254.28.76 Unified Layer US
    /wolf.php
    /phpThumb/wolf.php
    132.148.19.206 GoDaddy.com, LLC US
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    124.95.129.105 China Unicom Liaoning CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    35.196.107.218 Google Cloud US
    /forum/register.php
    /administrator
    /admin
    /user/login
    /blog/wp-login.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.02

Черный Список IP адресов: WordPress +0, RDP +1, Remotely Anywhere +14, FTP +6, xScan +13, Reg-Bot +0, DDoS +1, Zombie +0

31.210.183.26, 132.148.216.229, 198.50.184.66, 198.71.226.30, 31.31.196.158, 37.59.43.84, 45.76.103.164, 104.248.161.47, 104.248.209.27, 104.248.235.234, 109.226.50.216, 117.158.220.250, 142.93.92.238, 149.248.8.150, 149.28.83.157, 188.243.58.122, 193.201.224.12, 196.52.10.21, 202.201.38.86, 52.221.105.77, 80.211.4.61, 103.231.78.228, 39.108.157.173, 105.158.83.65, 120.25.67.89, 154.121.251.148, 185.171.91.91, 188.226.151.173, 35.204.232.23, 5.189.183.206, 139.199.121.197, 82.102.27.10, 66.249.73.139, 66.249.73.153


Восстановление сайтов WordPress после взлома.


  • DDoS (Hack & Destroy WWW-Server)
    IP Address Host
    188.226.151.173 Digital Ocean NL
    /wp-content/themes/stendhal/theme/templates/sliders/usquare/timthumb/timthumb.php
  • FTP BruteForce
    IP Address Host
    31.31.196.158 Domain names registrar REG.RU, Ltd RU
    37.59.43.84 OVH SAS FR
    45.76.103.164 Choopa, LLC JP
    132.148.216.229 GoDaddy.com, LLC US
    198.50.184.66 OVH Hosting CA
    198.71.226.30 GoDaddy.com, LLC US
  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.73.139 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.73.153 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
  • Remotely Anywhere BruteForce
    IP Address Host
    196.52.10.21 LogicWeb Inc SoftLayer Technologies MX
    193.201.224.12 PE Tetyana Mysyk UA
    188.243.58.122 SkyNet ISP RU
    80.211.4.61 Aruba S.p.A. IT
    52.221.105.77 Amazon.com SG
    202.201.38.86 China Education and Research Network Center Gansu Polytechnical University CN
    104.248.235.234 Server Network Technologies Digital Ocean US
    109.226.50.216 Triple C Cloud Computing Ltd. IL
    104.248.209.27 Server Network Technologies Digital Ocean US
    104.248.161.47 Server Network Technologies Digital Ocean GB
    149.248.8.150 Choopa, LLC US
    149.28.83.157 Choopa, LLC US
    117.158.220.250 China Mobile Guangdong Henan Mobile Communications Co.,Ltd CN
    142.93.92.238 Digital Ocean US
  • RDP BruteForce
    IP Address Host
    31.210.183.26 XFone IL
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    139.199.121.197 China Great Wall Internet Server Provider Tencent cloud computing CN
    /phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    39.108.157.173 Aliyun Computing Co. Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    82.102.27.10 Venus Business Communications Limited M247 LTD Oslo Infrastructure NO
    /blog/wp-login.php
    /wp/wp-login.php
    /wordpress/wp-login.php
    120.25.67.89 Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    103.231.78.228 Kcomputers CtrlS Datacenters IN
    /sftp-config.json~
    /sftp-config.json.save
    /.remote-sync.json.save
    /deployment-config.json
    /.vscode/ftp-sync.json~
    /.vscode/sftp.json~
    /deployment-config.json.save
    /.vscode/ftp-sync.json.save
    5.189.183.206 Contabo GmbH DE
    /js/ccard.js
    /etc/local.xml
    /app/local.xml
    154.121.251.148 Algerie Telecom Mobile MOBILIS DZ
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/V5.php
    /wp-content/plugins/downloads-manager/upload/V5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    105.158.83.65 Maroc Telecom MA
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/V5.php
    /wp-content/plugins/downloads-manager/upload/V5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    /wp-content/plugins/showbiz/temp/update_extract/V5.php
    185.171.91.91 Chronos Tuncay SAYLIK trading as NET DC TR
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    35.204.232.23 Google Cloud
    /raiz0.php
    /index.php
    /images/jdownloads/screenshots/raiz0worm.php3.g
    /components/Raiz0WorM_153848367.php
    /modules/mod_simplefileuploadv1.3/elements/udd.phpRaiz0WorM_153848367.php
    /modules/mod_simplefileuploadv1.3/elements/Raiz0WorM_153848367.php
    /components/com_creativecontactform/fileupload/index.php
    /components/com_creativecontactform/fileupload/files/raiz0.php
    /wp-content/plugins/revslider/js/rev_admin.js
    188.226.151.173 Digital Ocean NL
    /wp-content/themes/stendhal/theme/templates/sliders/usquare/timthumb/timthumb.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.10.01

Черный Список IP адресов: WordPress +0, RDP +3, Remotely Anywhere +9, FTP +0, xScan +12, Reg-Bot +0, DDoS +0, Zombie +0

223.71.151.194, 91.193.253.66, 95.218.205.54, 119.192.113.96, 120.237.124.115, 178.128.227.28, 194.182.73.185, 198.255.103.49, 205.185.125.142, 31.184.197.252, 60.223.226.154, 80.211.134.87, 185.27.192.118, 112.175.184.135, 122.152.201.33, 186.121.246.146, 47.52.220.102, 5.103.116.50, 51.75.5.158, 62.112.10.152, 47.100.247.173, 104.156.255.190, 66.249.65.109, 66.249.65.121


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.65.109 Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    66.249.65.121 Googlebot US
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
  • Remotely Anywhere BruteForce
    IP Address Host
    205.185.125.142 FranTech Solutions US
    198.255.103.49 FDCservers.net US
    31.184.197.252 Petersburg Internet Network ltd. RU
    80.211.134.87 Aruba S.p.A. IT
    60.223.226.154 China Unicom Shanxi CN
    120.237.124.115 China Mobile Guangdong China Mobile CN
    119.192.113.96 Korea Telecom KR
    194.182.73.185 Aruba S.p.A. CZ
    178.128.227.28 Digital Ocean CA
  • RDP BruteForce
    IP Address Host
    223.71.151.194 China Mobile Guangdong China Mobile CN
    91.193.253.66 Online Technologies LTD UA
    95.218.205.54 SaudiNet SA
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    47.100.247.173 Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    62.112.10.152 WorldStream B.V. NL
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    186.121.246.146 AXS Bolivia S. A. BO
    /index.old.php
    /phpthumb/phpThumb.libs.php
    /thumb/phpThumb.libs.php
    /libraries/phpthumb/phpThumb.libs.php
    104.156.255.190 Choopa, LLC US
    /wp-content/plugins/simple-ads-manager/js/slider/tmpl.js
    /wp-content/plugins/wp-mobile-detector/cache/db.php
    /wp-content/plugins/formcraft/file-upload/server/upload.php
    /wp-content/plugins/revslider/temp/update_extract/revslider/db.php
    /wp-content/plugins/wp-symposium/server/index.php
    /wp-content/plugins/wp-symposium/server/ctlNksleStXpwm.php
    51.75.5.158 OVH SAS FR
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/V5.php
    /wp-content/plugins/downloads-manager/upload/V5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    122.152.201.33 Tencent cloud computing CN
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    112.175.184.135 Korea Telecom KR
    /statistics/plugins/wp-admin/admin-ajax.php
    /wp-admin/admin-ajax.php
    185.27.192.118 Stek Kazan LLC RU
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    5.103.116.50 FIBIA P/S DK
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    47.52.220.102 Alicloud-hk Alibaba HK
    /phpMyAdmin/scripts/setup.php
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.09.30

Черный Список IP адресов: WordPress +0, RDP +0, Remotely Anywhere +5, FTP +0, xScan +11, Reg-Bot +0, DDoS +0, Zombie +0

142.93.170.135, 146.148.73.241, 198.199.71.73, 210.29.32.2, 62.210.148.133, 209.141.61.108, 62.149.230.16, 125.161.104.19, 160.176.129.205, 178.137.92.187, 180.149.244.234, 203.78.116.250, 46.109.84.197, 78.190.227.91, 81.175.164.98, 66.249.65.121


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.65.121 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
  • Remotely Anywhere BruteForce
    IP Address Host
    62.210.148.133 Free SAS ONLINE SAS FR
    142.93.170.135 Digital Ocean DE
    210.29.32.2 China Education and Research Network Jiangsu Province Education & Reseach Network, Sout CN
    146.148.73.241 Google Cloud US
    198.199.71.73 Digital Ocean US
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    46.109.84.197 SIA Lattelecom LV
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/plugins/hd-webplayer/playlist.php
    /wp-content/vuln.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php
    /wp-content/plugins/formcraft/file-upload/server/content/upload.php
    /wp-content/plugins/wp-mobile-detector/resize.php
    203.78.116.250 PT. Excelcomindo Pratama XL Axiata ID
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/plugins/hd-webplayer/playlist.php
    /wp-content/vuln.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php
    /wp-content/plugins/formcraft/file-upload/server/content/upload.php
    78.190.227.91 Turk Telekom TR
    /administrator
    /admin.php
    /bitrix/admin
    /admin/login.php
    /admin
    /user
    81.175.164.98 DNA Oyj FI
    /_phpMyAdmin/scripts/setup.php
    /admin/scripts/setup.php
    /scripts/setup.php
    125.161.104.19 PT Telkom Indonesia ID
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/plugins/hd-webplayer/playlist.php
    /wp-content/vuln.php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/settings_auto.php
    /wp-content/plugins/formcraft/file-upload/server/content/upload.php
    62.149.230.16 Aruba S.p.A. Aruba S.p.A. — Dedicated servers IT
    /blog/wp-login.php
    /wordpress/wp-login.php
    /wp/wp-login.php
    209.141.61.108 FranTech Solutions US
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/vuln.php
    /fckeditor/editor/filemanager/connectors/upload.php
    160.176.129.205 Maroc Telecom ADSL MA
    /administrator
    /wp-content/plugins/simple-ads-manager/jsspwned.php
    /wp-content/plugins/barclaycart/uploadify/jsspwned.php
    /wp-content/themes/betheme/muffin-options/fields/upload/Files/jsspwned.php
    /wp-content/plugins/cherry-plugin/admin/import-export/jsspwned.php
    /wp-content/plugins/omni-secure-files/plupload/examples/uploads/jsspwned.php
    /wp-content/themes/konzept/includes/uploadify/uploads/jsspwned.php
    /wp-content/plugins/contus-video-galleryversion-10/jsspwned.php
    180.149.244.234 Web Werks India Pvt. Web Werks IN
    /admin
    /statistics/admin
    /etc/local.xml
    /statistics/etc/local.xml
    /index.php/xmlrpc
    /statistics/index.php/xmlrpc
    178.137.92.187 Kyivstar PJSC Kyivstar GSM UA
    /license.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.09.29

Черный Список IP адресов: WordPress +0, RDP +0, Remotely Anywhere +10, FTP +0, xScan +12, Reg-Bot +0, DDoS +0, Zombie +0

154.80.151.137, 154.80.151.174, 176.240.182.248, 199.19.224.83, 23.254.165.124, 37.204.249.22, 39.161.242.19, 51.255.16.202, 51.68.187.153, 95.84.142.72, 78.84.207.64, 102.158.123.99, 109.228.46.104, 112.215.230.41, 203.78.116.40, 23.239.84.69, 34.196.174.252, 34.229.128.250, 91.121.84.133, 192.144.173.202, 66.249.65.104, 66.249.65.121


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.65.104 Googlebot Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.65.121 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/comment-rating/ck-karma.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
  • Remotely Anywhere BruteForce
    IP Address Host
    51.68.187.153 OVH Hosting DE
    51.255.16.202 OVH SAS FR
    154.80.151.137 MacroLAN DXTL Tseung Kwan O Service ZA
    95.84.142.72 Rostelecom RU
    39.161.242.19 China Mobile Guangdong CN
    176.240.182.248 Turksat Uydu-Net Internet Turksat Cable TV and Internet Services TR
    154.80.151.174 MacroLAN DXTL Tseung Kwan O Service ZA
    199.19.224.83 FranTech Solutions US
    37.204.249.22 Rostelecom RU
    23.254.165.124 Hostwinds LLC. US
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    91.121.84.133 OVH SAS FR
    /register.php
    34.229.128.250 Amazon.com US
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/v5.php
    /wp-content/plugins/downloads-manager/upload/v5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    78.84.207.64 SIA Lattelecom LV
    /admin/images/cal_date_over.gif
    /admin/login.php
    /fckeditor/editor/filemanager/connectors/upload.php
    192.144.173.202 Tencent cloud computing CN
    /phpMyAdmin/scripts/setup.php
    /scripts/setup.php
    34.196.174.252 Amazon.com US
    /wp-license.php
    /wp-content/plugins/revslider/temp/update_extract/revslider/xml.php
    109.228.46.104 1&1 Internet AG GB
    /administrator
    /wp-content/plugins/simple-ads-manager/jsspwned.php
    /wp-content/plugins/barclaycart/uploadify/jsspwned.php
    /wp-content/themes/betheme/muffin-options/fields/upload/Files/jsspwned.php
    /wp-content/plugins/cherry-plugin/admin/import-export/jsspwned.php
    /wp-content/plugins/omni-secure-files/plupload/examples/uploads/jsspwned.php
    /wp-content/themes/konzept/includes/uploadify/uploads/jsspwned.php
    /wp-content/plugins/contus-video-galleryversion-10/jsspwned.php
    102.158.123.99 TOPNET TN
    /administrator
    /wp-content/plugins/simple-ads-manager/jsspwned.php
    /wp-content/plugins/barclaycart/uploadify/jsspwned.php
    /wp-content/themes/betheme/muffin-options/fields/upload/Files/jsspwned.php
    /wp-content/plugins/cherry-plugin/admin/import-export/jsspwned.php
    /wp-content/plugins/omni-secure-files/plupload/examples/uploads/jsspwned.php
    /wp-content/themes/konzept/includes/uploadify/uploads/jsspwned.php
    /wp-content/plugins/contus-video-galleryversion-10/jsspwned.php
    112.215.230.41 XL Axiata ID
    /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php
    /wp-content/themes/qualifire/scripts/admin/uploadify/RxR__amjdz.php
    /wp-content/themes/Coldfusion/includes/uploadify/upload_settings_image.php
    /wp-content/plugins/magic-fields/RCCWP_upload_ajax.php
    /wp-content/files_mf/RxR__amjdz.php
    /wp-content/themes/Ghost/includes/uploadify/upload_settings_image.php
    /wp-content/plugins/social-networking-e-commerce-1/classes/views/social-options/form_cat_add.php
    23.239.84.69 Nodes Direct US
    /wp-license.php
    /wp-content/plugins/revslider/temp/update_extract/revslider/xml.php
    203.78.116.40 PT. Excelcomindo Pratama XL Axiata ID
    /wp-content/themes/qualifire/scripts/admin/uploadify/uploadify.php
    /wp-content/themes/qualifire/scripts/admin/uploadify/RxR__lsbrq.php
    /wp-content/themes/Coldfusion/includes/uploadify/upload_settings_image.php
    /wp-content/plugins/magic-fields/RCCWP_upload_ajax.php
    /wp-content/files_mf/RxR__lsbrq.php
    /wp-content/themes/Ghost/includes/uploadify/upload_settings_image.php
    /wp-content/plugins/social-networking-e-commerce-1/classes/views/social-options/form_cat_add.php
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/themes/qualifire/scripts/admin/uploadify/RxR__palgr.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.

BlackList IP Digest: 2018.09.28

Черный Список IP адресов: WordPress +0, RDP +0, Remotely Anywhere +9, FTP +0, xScan +11, Reg-Bot +0, DDoS +0, Zombie +0

104.248.224.156, 106.120.180.194, 118.24.168.131, 139.180.218.233, 159.226.20.83, 185.8.50.212, 78.129.130.57, 89.212.96.153, 89.23.144.249, 123.207.226.125, 114.142.169.47, 196.217.23.120, 198.211.113.88, 35.190.152.147, 59.110.237.76, 85.229.204.170, 94.23.39.31, 148.69.67.61, 66.249.65.179, 66.249.65.121


Восстановление сайтов WordPress после взлома.


  • xScan from Search-Bot and CDN. Achtung! (Scan Attempts: System & Plugins)
    IP Address Host
    66.249.65.179 Googlebot US
    /wp-content/plugins/wordpress-popular-posts/public/js/tracking.js
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    66.249.65.121 Googlebot US
    /wp-content/plugins/anti-spam/js/anti-spam-4.3.js
    /wp-content/plugins/comment-rating/ck-karma.js
  • Remotely Anywhere BruteForce
    IP Address Host
    89.212.96.153 T-2 Access Network SI
    78.129.130.57 Iomart Hosting Limited GB
    104.248.224.156 Server Network Technologies Cloud South US
    89.23.144.249 Lancom Ltd. PowerNet Ltd. RU
    118.24.168.131 Tencent cloud computing CN
    106.120.180.194 China Telecom Guangdong China Telecom Beijing CN
    139.180.218.233 Arconic Choopa, LLC US
    185.8.50.212 Aruba SAS Aruba SAS — Cloud Services Farm FR
    159.226.20.83 Computer Network Information Center CN
  • xScan (Scan Attempts: System & Plugins)
    IP Address Host
    94.23.39.31 OVH SAS FR
    /forum/register.php
    /administrator
    /admin
    /user/login
    /wp-content/themes/cubed_v1.2/functions/upload-handler.php
    85.229.204.170 Bredbandsbolaget AB SE
    /class.inc.php
    /myluph.php
    /files.php
    /index.inc.php
    /components/index.inc.php
    123.207.226.125 Tencent cloud computing CN
    /phpMyAdmin/scripts/setup.php
    /scripts/setup.php
    148.69.67.61 Vodafone Portugal — Communicacoes Pessoais S.A. PT
    /phpMyAdmin/scripts/setup.php
    /scripts/setup.php
    196.217.23.120 Maroc Telecom MA
    /admin
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    /wp-content/plugins/cherry-plugin/admin/import-export/v5.php
    /wp-content/plugins/downloads-manager/upload/v5.php
    /wp-content/plugins/formcraft/file-upload/server/php
    114.142.169.47 Three Indonesia ID
    /admin
    /wp-content/plugins/wp-mobile-detector/cache/cloudmobile.php
    /admin/images/cal_date_over.gif
    /admin/login.php
    /wp-content/plugins/formcraft/file-upload/server/php
    /wp-content/plugins/cherry-plugin/admin/import-export/upload.php
    198.211.113.88 Digital Ocean US
    /admin/categories.php/login.php
    /admin/file_manager.php/login.php
    /admin/banner_manager.php/login.php
    59.110.237.76 Hangzhou Alibaba Advertising Co.,Ltd. CN
    /phpMyAdmin/scripts/setup.php
    /scripts/setup.php
    35.190.152.147 Google Cloud US
    /wp-content/plugins/simple-ads-manager/js/slider/tmpl.js
    /wp-content/plugins/wp-mobile-detector/cache/db.php
    /wp-content/plugins/formcraft/file-upload/server/upload.php
    /wp-content/plugins/revslider/temp/update_extract/revslider/db.php
    /wp-content/plugins/wp-symposium/server/index.php
    /wp-content/plugins/wp-symposium/server/HnpNqqPvafpCnq.php
* Записи отсортированы по времени обнаружения.
накопительный файл IP адресов по каждой категории можно бесплатно скачать на странице Download Blacklist.
** Чтобы, автоматически получать регулярный BruteForce IP Digest на свой email - просто зарегистрируйте подписку.