Welcome to PinTheTaleOnTheDonkey.com
Updated April 4, 2018
After many months of "practicing" their "HEAD / HTTP" requests to perfect their near-simultaneous arrivals, [apparently] the Russians tried out the open Windows Remote Desktop Port (No.3389) on each of their originating servers in December 2017, January 2018 and February 2018. They activated nearly one hundred zombified servers ( most of which have one or more blacklistings) with a variety of malicious attempts to POST disruptive files to vulnerable plugins (see the linked items in Column H) to a nonexistent WordPress installation at MiDomane.com, all of which arrived within a time span of about twenty minutes at MiDomane.com's server in February, only to be summarily rejected by the server's .htaccess file, which is set to block HEAD, POST & PUT requests. There seems not to be any attempt to match the specific Russian servers with the zombified servers to achieve closer arrival times. That would require matching the latencies of the widely separated variety of zombified servers to all the other zombified servers, an immense task. You might try finding the various phrases and applications in Column H with the sourcecodes captured from a number of Intermediary domains: Examples (AS9123) and Examples (AS24940). The upper table is sorted by Columns F & G. In March the hacking attempts have become more diversified, with additional operators and mechanisms.
Key to the table's columns:
A: IPv4 addresses of zombified servers
B: History of blacklisting - and - open ports & their numbers
C: Autonomous System Numbers & Country Codes of zombified servers
D: GPS coordinates of zombified servers
E: Distance of zombified servers from MiDomane.com's server
F: Dates of attacks: Dec. 19, 2017; Jan. 9, 2018; and Feb. 15, 2018.
G: Time of arrival of hacking attempts
H: Content of attempted postings to nonexistent WordPress folder at MiDomane.com
I: Error Codes: 403 = Forbidden; 404 = Not Found; 406 = Not Allowed
J: Bytes transferred
K: User agents (not to be taken as absolutely true)


A
B
C
D
E
F
G
H
I
J
K
35.196.219.234 1 BL – no Google – US 37.4056 -122.0780 507.19 12/19/2017 05:08:22 POST /wp-admin/admin-post.php HTTP/1.1 403 228 SeaMonkey/9.18 (OS 10.5 3.3; en_SG;)
103.254.207.7 3 BL – no AS59162 – IN 28.6327 77.3935 7140.53 12/19/2017 05:08:39 POST /wp-content/plugins/cardoza-facebook-like-box/cardoza_facebook_like_box.php HTTP/1.1 403 228 GNU IceCat/16.18 (Debian Linux 4.4; de_DE;)
35.196.219.234 1 BL – no Google – US 37.4056 -122.0780 507.19 12/19/2017 05:08:54 POST /wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.1 403 228 Safari/1.17 (Windows 3.1 1.5; hr;)
31.173.218.199 HTTPS AS31163 – RU 43.6419 43.9456 8796.13 12/19/2017 05:09:02 POST /wp-content/plugins/font-uploader/font-upload.php HTTP/1.1 406 300 Firefox/19.18 (OS 10.5 4.5; cs;)
61.91.251.235 HTTPS AS7470 – TH 13.7531 100.5480 6696.50 12/19/2017 05:09:42 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/admin/upload.php HTTP/1.1 403 228 GNU IceCat/8.4 (OS 10.5 4.3; zh_SG;)
182.108.37.233 1 BL – no AS4134 – CN 30.2660 120.1590 9389.81 12/19/2017 05:09:52 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/upload.php HTTP/1.1 403 228 GNU IceCat/8.4 (OS 10.5 4.3; zh_SG;)
101.236.48.238 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:10:22 POST /wp-content/plugins/formcraft/file-upload/server/content/upload.php HTTP/1.1 403 228 SeaMonkey/2.19 (iPad 2.9; fr_CA;)
101.236.49.139 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:10:30 POST /wp-content/plugins/dzs-videogallery/admin/upload.php HTTP/1.1 403 228 Chrome/7.17 (iPad 2.3; sk-SK;)
47.199.215.106 1 BL – no AS5650 – US 28.0095 -82.5856 3465.73 12/19/2017 05:10:35 POST //wp-content/plugins/gallery-slider/register.php HTTP/1.0 403 228 SeaMonkey/9.2 (CentOS Linux 5.4; en_AU;)
35.196.147.33 1 BL – 22 Google – US 37.4056 -122.0780 507.19 12/19/2017 05:10:56 POST /wp-content/plugins/google-maps-by-daniel-martyn/inuse.php HTTP/1.1 403 228 SeaMonkey/6.10 (Windows 98 2.6; en;)
101.236.53.103 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:11:42 POST /wp-content/plugins/mm-forms-community/includes/doajaxfileupload.php HTTP/1.1 403 228 GNU IceCat/20.16 (BeOS 1.0; pt-BR;)
182.254.247.171 0 BL – no AS45090 - CN 39.9576 116.3360 9927.55 12/19/2017 05:11:44 POST /wp-content/plugins/page-google-maps/pr.php HTTP/1.0 403 228 Maxthon/7.4 (Arch Linux 5.4; fr_LU;)
101.236.62.229 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:11:47 POST /wp-content/plugins/mailpress/mp-includes/action.php HTTP/1.1 403 228 Internet Explorer/19.4 (Windows 2000 1.7; fr_FR;)
182.254.247.171 0 BL – no AS45090 - CN 39.9576 116.3360 9927.55 12/19/2017 05:11:48 POST /wp-admin/admin-ajax.php HTTP/1.0 403 228 Seamonkey/15.4 (Ubuntu 1.8; cs-CZ;)
195.142.153.194 1 BL – no AS199484 – TR 40.9777 28.7365 8966.25 12/19/2017 05:11:52 POST /wp-content/plugins/php-event-calendar/server/file-uploader/ HTTP/1.1 403 228 Konqueror/2.2 (DeLi Linux 1.0; ar_BH;)
41.193.222.58 2 BL – 5060 AS11845 – ZA -25.8800 28.1943 3314.17 12/19/2017 05:11:53 POST /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library HTTP/1.1 403 228 Netscape/16.1 (Windows Vista 4.5; sq_AL;)
36.67.20.251 7 BL – five AS17974 – ID -0.0274 109.3360 6212.21 12/19/2017 05:12:14 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Tor Browser/3.9 (Ubuntu 3.2; ar_OM;)
52.163.62.13 HTTPS Microsoft – SG 1.2830 103.8500 5876.63 12/19/2017 05:12:15 POST /wp-content/plugins/sharexy/ajaxresponder.php HTTP/1.1 403 228 Internet Explorer/20.6 (Android 5.4; en_SG;)
61.91.235.226 HTTPS AS7470 – TH 13.7531 100.5480 6696.50 12/19/2017 05:12:18 POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 403 228 Seamonkey/2.6 (Debian Linux 2.5; ca;)
34.225.15.50 1 BL – no Amazon – US 39.0329 -77.4866 3677.29 12/19/2017 05:12:35 POST /wp-content/plugins/simple-dropbox-upload-form/dragup/ HTTP/1.1 403 228 CriOS/4.13 (Edubuntu 7.2; en-US;)
101.236.19.202 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:12:35 POST /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php HTTP/1.1 403 228 Dragon/9.19 (CRUX Linux 5.5; et;)
101.236.60.145 1 BL – 22,8080 SKBJNET – CN 39.9576 116.3360 9927.55 12/19/2017 05:13:15 POST /wp-admin/admin-ajax.php?action=widgets_init&Action=UPCP_AddProductSpreadsheet HTTP/1.1 403 228 SeaMonkey/2.16 (Redhat Linux 4.2; sk-SK;)
A
B
C
D
E
F
G
H
I
J
K
183.52.150.71 1 BL – no AS4134 – CN 30.6611 104.0820 8431.55 01/09/2018 21:39:01 POST /wp-content/plugins/simple-dropbox-upload-form/dragup/ HTTP/1.1 406 300 Dragon/8.0 (Ubuntu 3.6; en_NZ;)
109.169.21.205 3 BL – 5 AS20860 – GB 51.4596 -0.0060 8803.16 01/09/2018 21:39:03 POST /wp-admin/admin-post.php?task=wpmp_upload_previews HTTP/1.1 406 300 Tor Browser/16.0 (FreeBSD 7.6; ca_ES;)
36.77.154.248 HTTPS AS17974 – ID -5.1346 105.3180 5503.74 01/09/2018 21:39:03 POST /wp-content/plugins/wp-property/third-party/uploadify/uploadify.php HTTP/1.1 406 300 Seamonkey/10.15 (BigLinux 7.1; en_NZ;)
41.86.155.218 1 BL – 21,23,80 AS35074 – NG 6.4412 3.4180 7551.42 01/09/2018 21:39:03 POST /wp-content/plugins/font-uploader/font-upload.php HTTP/1.1 406 300 Internet Explorer/4.7 (iPad 1.3; ar_SY;)
114.215.102.168 2 BL – no AS37963 – CN 31.2382 121.4690 9554.41 01/09/2018 21:39:04 POST //wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.0 403 228 Safari/9.11 (Windows 3.1 7.1; cs_CZ;)
119.28.50.37 HTTPS AS133478 – CN 22.5431 114.0980 8355.63 01/09/2018 21:39:05 POST /wp-content/plugins/cardoza-facebook-like-box/cardoza_facebook_like_box.php HTTP/1.0 403 228 Flock/19.0 (Ark Linux 1.8; cs-CZ;)
122.183.242.54 HTTPS AS9498 – IN 13.0286 80.2677 5572.61 01/09/2018 21:39:05 POST /wp-content/plugins/sharexy/ajaxresponder.php HTTP/1.1 404
Firefox/2.19 (BitLinux 6.1; hr;)
103.90.200.226 10 BL – no AS136300 – IN 19.9925 73.7795 6123.29 01/09/2018 21:39:06 POST /wp-content/plugins/wp-symposium/server/php/index.php HTTP/1.1 406 300 SeaMonkey/3.16 (Conectiva (Mandriva) 2.2; cs-CZ;)
144.76.176.72 HTTPS AS24940 – DE 49.1009 10.7140 9522.20 01/09/2018 21:39:06 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Tor Browser/2.1 (AmigaOS 1.9; nl_BE;)
186.46.156.202 HTTPS Equador -0.2544 -79.1727 5575.13 01/09/2018 21:39:06 POST /wp-content/plugins/formcraft/file-upload/server/content/upload.php HTTP/1.1 406 300 CriOS/6.3 (BackTrack Linux 4.7; ar_TN;)
118.212.135.110 HTTPS AS4837 – CN 28.4433 117.9760 9097.75 01/09/2018 21:39:07 POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 406 300 Konqueror/9.11 (Unix 5.7; zh_HK;)
147.135.210.114 HTTPS AS16276 – PL 52.2244 21.0329 9676.56 01/09/2018 21:39:07 POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 403 228 Konqueror/9.11 (Unix 5.7; zh_HK;)
185.82.212.95 HTTPS AS60592 – CZ 50.0672 14.4644 9608.56 01/09/2018 21:39:07 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Konqueror/7.6 (AmigaOS 3.9; ar_YE;)
51.143.97.158 3 BL – 22 Microsoft – US 47.1264 -119.2960 1464.30 01/09/2018 21:39:07 POST /wp-content/plugins/simple-dropbox-upload-form/dragup/ HTTP/1.1 403 228 Dragon/8.0 (Ubuntu 3.6; en_NZ;)
117.141.99.38 HTTPS AS9808 – CN 45.2951 130.9690 8801.10 01/09/2018 21:39:08 POST /modules/homepageadvertise2/uploadimage.php HTTP/1.1 406 300 Dragon/19.18 (Edubuntu 7.4; ar_KW;)
122.183.242.54 HTTPS AS9498 – IN 13.0286 80.2677 5572.61 01/09/2018 21:39:08 POST /wp-admin/post.php?task=wpdm_upload_files HTTP/1.1 404
SeaMonkey/20.10 (Ark Linux 6.6; fi;)
52.70.148.50 1 BL – no Amazon – US 39.0329 -77.4866 3677.29 01/09/2018 21:39:08 POST /wp-content/plugins/real3d-flipbook/includes/process.php HTTP/1.1 403 228 CriOS/10.7 (Linux 2.4.22-10mdk 5.8; cs-CZ;)
121.242.130.177 0 BL - 4 AS4755 – IN 12.9297 77.5452 5467.61 01/09/2018 21:39:09 POST /modules/pk_vertflexmenu/ajax/upload.php HTTP/1.1 406 300 SeaMonkey/19.0 (Debian Linux 3.7; da;)
62.14.191.139 1 BL – no AS12715 – ES 39.2947 -1.4675 9626.98 01/09/2018 21:39:09 POST /modules/wdoptionpanel/wdoptionpanel_ajax.php HTTP/1.1 406 300 Seamonkey/7.15 (Windows 98 2.9; de_AT;)
52.21.148.228 1 BL – no Amazon – US 39.0329 -77.4866 3677.29 01/09/2018 21:39:10 POST /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library HTTP/1.1 403 228 Internet Explorer/13.14 (Windows NT 6.4; ar_AE;)
84.95.87.84 HTTPS AS9116 – IL 32.0886 34.8722 7841.09 01/09/2018 21:39:10 POST /index.php?option=com_adsmanager&task=upload&tmpl=component HTTP/1.1 406 300 Safari/15.11 (Ark Linux 5.5; en_NZ;)
54.197.236.138 5 BL – 22,80,443 Amazon – US 39.0329 -77.4866 3677.29 01/09/2018 21:39:13 POST /wp-admin/admin-ajax.php?action=load_ajax_function HTTP/1.1 403 228 Opera/9.1 (BackTrack Linux 7.4; et_EE;)
169.50.141.71 1 L – no NET169 – ES 40.0000 -4.0000 9412.23 01/09/2018 21:39:16 POST /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php HTTP/1.1 403 228 Netscape/20.8 (Windows 98 6.3; ar_JO;)
202.73.51.102 HTTPS AS18106 – SG 1.2830 103.8500 5876.63 01/09/2018 21:39:16 POST /wp-admin/admin-post.php HTTP/1.1 403 228 Opera/19.4 (Conectiva (Mandriva) 4.2; ar_BH;)
137.74.58.243 1 BL –no AS16276 – BE 50.8330 4.0000 9054.51 01/09/2018 21:39:18 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Konqueror/7.6 (AmigaOS 3.9; ar_YE;)
13.73.1.69 3 BL – no Microsoft – JP 35.6838 139.7540 8824.90 01/09/2018 21:39:19 POST /wp-content/plugins/wp-handy-lightbox/begin.php HTTP/1.1 403 228 Mobile/3.17 (Windows 3.1 3.5; en_PH;)
103.90.200.226 10 BL – no AS136300 – IN 19.9925 73.7795 6123.29 01/09/2018 21:39:21 POST /wp-content/plugins/php-event-calendar/server/file-uploader/ HTTP/1.1 406 300 Tor Browser/15.0 (Linux 2.4.22-10mdk 6.8; zh_TW;)
217.182.67.115 HTTPS AS16276 – FR 50.6913 3.1732 9024.08 01/09/2018 21:39:26 POST /wp-content/plugins/google-maps-by-daniel-martyn/inuse.php HTTP/1.1 403 228 Chrome/15.17 (Windows NT 6.1 5.3; ar_OM;)
36.66.87.18 HTTPS AS17974 – ID -6.2803 106.8790 5551.75 01/09/2018 21:39:28 POST /wp-content/plugins/mm-forms-community/includes/doajaxfileupload.php HTTP/1.1 406 300 Flock/3.19 (AmigaOS 7.3; hr;)
122.183.242.54 HTTPS AS9498 – IN 13.0286 80.2677 5572.61 01/09/2018 21:39:42 POST /wp-content/plugins/dzs-portfolio/upload.php HTTP/1.1 404
SeaMonkey/15.8 (Debian Linux 1.2; fr_CA;)
218.248.42.133 4 BL – 53,80 AS9829 – IN 10.6460 77.0045 5208.32 01/09/2018 21:39:42 POST /wp-content/plugins/dzs-portfolio/admin/upload.php HTTP/1.1 406 300 SeaMonkey/15.8 (Debian Linux 1.2; fr_CA;)
64.76.24.66 HTTPS AS6410 – AR -35.4718 -62.9104 9611.73 01/09/2018 21:39:48 POST /wp-content/plugins/dzs-portfolio/upload.php HTTP/1.1 406 300 SeaMonkey/15.8 (Debian Linux 1.2; fr_CA;)
66.70.217.179 HTTPS AS16276 – US 40.7326 -74.1718 3947.60 01/09/2018 21:39:50 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 406 300 Opera/6.4 (Conectiva (Mandriva) 2.6; de_DE;)
88.157.149.250 HTTPS AS31513 – PT 38.4434 -9.1010 9180.47 01/09/2018 21:39:52 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 404
Opera/6.4 (Conectiva (Mandriva) 2.6; de_DE;)
163.172.27.213 HTTPS AS12876 – FR 48.8742 2.3111 9120.33 01/09/2018 21:39:56 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/upload.php HTTP/1.1 403 228 Konqueror/10.2 (Android 5.1; en_US;)
91.234.183.15 2 BL – 53,1723 AS198438 – RU 55.3276 38.8179 9876.21 01/09/2018 21:39:56 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/admin/upload.php HTTP/1.1 406 300 Konqueror/10.2 (Android 5.1; en_US;)
163.172.27.213 HTTPS AS12876 – FR 48.8742 2.3111 9120.33 01/09/2018 21:42:11 POST /wp-content/plugins/dzs-videogallery/admin/upload.php HTTP/1.1 403 228 Seamonkey/15.1 (Ubuntu 1.0; en_CA;)
36.66.87.18 HTTPS AS17974 – ID -6.2803 106.8790 5551.75 01/09/2018 21:42:15 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 406 300 Seamonkey/15.1 (Ubuntu 1.0; en_CA;)
118.114.77.47 HTTPS AS4134 – CN 30.6616 104.0610 8430.44 01/09/2018 21:42:17 POST /wp-content/plugins/dzs-portfolio/admin/upload.php HTTP/1.1 404
Seamonkey/19.4 (DeLi Linux 3.3; zh_HK;)
122.183.242.54 HTTPS AS9498 – IN 13.0286 80.2677 5572.61 01/09/2018 21:42:21 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 404
Seamonkey/15.1 (Ubuntu 1.0; en_CA;)
175.45.134.96 2 BL – no AS38220 – AU -33.9527 151.1380 7928.10 01/09/2018 21:42:46 POST /wp-content/plugins/dzs-portfolio/admin/upload.php HTTP/1.1 403 228 Seamonkey/19.4 (DeLi Linux 3.3; zh_HK;)
111.68.45.227 2 BL – 8 AS23944 – PH 14.5478 120.9970 8245.87 01/09/2018 21:45:52 POST /modules/columnadverts/uploadimage.php HTTP/1.1 406 300 TenFourFox/17.11 (FreeBSD 3.3; bg_BG;)
176.126.252.11 HTTPS AS60118 – RO 44.4810 26.1162 9410.12 01/09/2018 22:12:27 POST /wp-content/plugins/real3d-flipbook/includes/process.php HTTP/1.1 403 228 GNU IceCat/18.14 (Windows 98 1.3; en_US;)
62.144.211.124 2 BL – 80 AS12312 – DE 52.3330 9.5016 9193.81 01/09/2018 22:12:31 POST /modules/homepageadvertise/uploadimage.php HTTP/1.1 403 228 Safari/13.14 (Windows 2000 6.9; sk-SK;)
A
B
C
D
E
F
G
H
I
J
K
182.253.130.122 3 BL – 53,80,8080 AS17451 – ID -7.7612 111.9540 5886.64 02/15/2018 03:00:09 POST /modules/homepageadvertise2/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.2; Trident/3.1)
182.253.66.42 HTTPS AS17451 – ID -8.1170 113.7500 6021.00 02/15/2018 03:00:10 POST /modules/pk_flexmenu/ajax/upload.php HTTP/1.1 406 300 Opera/9.27 (X11; Linux i686; sl-SI) Presto/2.9.179 Version/11.00
103.43.202.18 HTTPS AS132556 – IN 11.1616 78.6132 5317.43 02/15/2018 03:00:11 POST /wp-content/plugins/simple-dropbox-upload-form/dragup/ HTTP/1.1 406 300 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/5341 (KHTML, like Gecko) Chrome/36.0.864.0 Mobile Safari/5341
190.186.58.232 13 BL – no Unknown – BO -17.7888 -63.1974 8185.46 02/15/2018 03:00:11 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.2; Trident/4.1)
46.218.73.162 HTTPS AS12670 – FR 48.8968 2.2565 9115.70 02/15/2018 03:00:19 POST /wp-content/plugins/formcraft/file-upload/server/content/upload.php HTTP/1.1 403 228 Mozilla/5.0 (iPhone; CPU iPhone OS 7_2_1 like Mac OS X; en-US) AppleWebKit/535.3.3 (KHTML, like Gecko) Version/4.0.5 Mobile/8B
211.110.140.205 8 BL – 22,80,3306 AS9318 – KR 37.5632 126.9930 9602.91 02/15/2018 03:00:23 POST /wp-content/plugins/font-uploader/font-upload.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 5.2; en-US; rv:1.9.0.20) Gecko/20110225 Firefox/36.0
47.206.51.67 4 BL – 443 AS5650 – US 27.7714 -82.3915 3492.78 02/15/2018 03:00:24 POST /wp-content/plugins/sharexy/ajaxresponder.php HTTP/1.1 403 228 Mozilla/5.0 (iPhone; CPU iPhone OS 8_0_1 like Mac OS X; sl-SI) AppleWebKit/535.42.3 (KHTML, like Gecko) Version/3.0.5 Mobile/8
138.59.232.2 2 BL – seven Unknown – BR -18.7572 -44.4306 9761.79 02/15/2018 03:00:27 POST /wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 11.0; Windows 98; Win 9x 4.90; Trident/5.1)
203.121.64.39 2 BL – 80,443 AS9930 - MY 3.1507 101.7130 5866.39 02/15/2018 03:00:29 POST /modules/fieldvmegamenu/ajax/upload.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_1 rv:5.0) Gecko/20130810 Firefox/35.0
178.134.216.46 5 BL – five AS35805 – GE 41.7215 44.7828 8572.46 02/15/2018 03:00:32 POST /wp-content/plugins/google-maps-by-daniel-martyn/inuse.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 6.0) AppleWebKit/5352 (KHTML, like Gecko) Chrome/40.0.853.0 Mobile Safari/5352
190.186.59.22 9 BL – 80 Unknown – BO -17.7888 -63.1974 8185.46 02/15/2018 03:00:33 POST /wp-admin/post.php?task=wpdm_upload_files HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.01; Trident/3.1)
78.94.172.42 HTTPS AS20825 – DE 51.4953 7.5322 9172.55 02/15/2018 03:00:33 POST /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library HTTP/1.1 406 300 Opera/8.78 (Windows NT 5.2; en-US) Presto/2.8.289 Version/12.00
80.78.73.116 HTTPS AS21183 – AL 41.3010 19.8501 9371.55 02/15/2018 03:00:33 POST /wp-content/plugins/wp-property/third-party/uploadify/uploadify.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_8 rv:6.0; en-US) AppleWebKit/531.50.6 (KHTML, like Gecko) Version/5.0.3 Safari/531
185.18.131.114 1 BL – no AS42652 – DE 49.9101 6.7457 9264.10 02/15/2018 03:00:36 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_2 rv:4.0; sl-SI) AppleWebKit/535.1.4 (KHTML, like Gecko) Version/5.0.2 Safari/535.
222.73.68.144 HTTPS AS4812 – CN 31.2307 121.4730 9554.11 02/15/2018 03:00:36 POST /wp-admin/admin-ajax.php HTTP/1.0 403 228 Mozilla/5.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/3.1)
176.110.120.142 HTTPS AS59498 – RU 55.6802 37.6483 9814.85 02/15/2018 03:00:42 POST /modules/homepageadvertise2/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.2; Trident/3.1)
46.150.172.128 HTTPS AS49106 – RU 55.9591 37.7326 9787.38 02/15/2018 03:00:43 POST /wp-content/plugins/wpstorecart/php/upload.php HTTP/1.1 406 300 Opera/8.27 (Windows NT 6.2; sl-SI) Presto/2.12.207 Version/10.00
75.28.138.159 3 BL – 80 AT&T – US 32.8001 -80.0109 3553.33 02/15/2018 03:00:43 POST /wp-content/plugins/wp-symposium/server/php/index.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_5 rv:6.0; sl-SI) AppleWebKit/533.9.2 (KHTML, like Gecko) Version/5.0 Safari/533.9.
103.90.200.2 HTTPS AS136300 – IN 18.5439 73.5938 5962.07 02/15/2018 03:00:44 POST /wp-admin/admin-post.php?task=wpmp_upload_previews HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/5.1)
165.227.16.49 10 BL – 22,111 AS14061 – US 35.3167 -118.9750 159.79 02/15/2018 03:00:44 POST /wp-content/plugins/page-google-maps/pr.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_8 rv:4.0; sl-SI) AppleWebKit/531.50.3 (KHTML, like Gecko) Version/4.0 Safari/531.5
216.86.41.129 2 BL – no AS11696 – US 39.9538 -75.1763 3868.19 02/15/2018 03:00:44 POST /modules/wdoptionpanel/wdoptionpanel_ajax.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 9.0; Windows 95; Trident/4.0)
40.114.14.173 1 BL – 22 AS8075 – US 39.0329 -77.4866 3677.29 02/15/2018 03:00:44 POST /modules/attributewizardpro/file_upload.php HTTP/1.1 403 228 Opera/8.96 (X11; Linux x86_64; en-US) Presto/2.10.231 Version/12.00
91.199.67.2 12 BL – 53,80,1723 AS44240 – RU 65.9667 78.3667 8832.60 02/15/2018 03:00:44 POST /wp-content/plugins/simple-dropbox-upload-form/dragup/ HTTP/1.1 406 300 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/5341 (KHTML, like Gecko) Chrome/36.0.864.0 Mobile Safari/5341
163.172.27.213 HTTPS AS12876 – FR 48.8742 2.3111 9120.33 02/15/2018 03:00:49 POST /modules/homepageadvertise/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8 rv:3.0) Gecko/20120515 Firefox/36.0
171.255.199.129 HTTPS 7552 – VN 21.0170 105.8670 7677.73 02/15/2018 03:00:49 POST /modules/pk_vertflexmenu/ajax/upload.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.01; Trident/3.1)
94.158.70.65 HTTPS AS43668 – UA 50.4292 30.4620 9850.81 02/15/2018 03:00:50 POST /wp-admin/admin-post.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_1 rv:6.0; sl-SI) AppleWebKit/534.39.2 (KHTML, like Gecko) Version/5.0.4 Safari/
184.1.150.219 3 BL – 23,443 Qwest – US 41.4669 -85.5884 2990.55 02/15/2018 03:00:53 POST /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php?Year=2018&Month=02 HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_8) AppleWebKit/5361 (KHTML, like Gecko) Chrome/36.0.814.0 Mobile Safari/5361
99.194.153.51 5 BL – no AS5668 – US 30.2968 -87.5486 2928.07 02/15/2018 03:00:53 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/5312 (KHTML, like Gecko) Chrome/39.0.808.0 Mobile Safari/5312
35.195.53.53 3 BL – 22,443 Google – US 37.4056 -122.0780 507.19 02/15/2018 03:00:54 POST /wp-content/plugins/uploader/uploadify/uploadify.php HTTP/1.1 403 228 Mozilla/5.0 (iPhone; CPU iPhone OS 7_0_1 like Mac OS X; en-US) AppleWebKit/531.28.5 (KHTML, like Gecko) Version/4.0.5 Mobile/8
96.9.79.20 5 BL – 80 AS131207 – KH 11.5504 104.9290 6800.41 02/15/2018 03:00:55 POST /wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 11.0; Windows 98; Win 9x 4.90; Trident/5.1)
41.71.119.195 18 BL – 22 AS37053 – ZA -33.9289 18.4172 3940.00 02/15/2018 03:00:57 POST /wp-admin/admin-ajax.php?param=upload_slide&action=upload_library HTTP/1.1 406 300 Opera/8.78 (Windows NT 5.2; en-US) Presto/2.8.289 Version/12.00
212.200.246.24 HTTPS AS8400 – RS 44.8330 20.5000 9670.98 02/15/2018 03:00:58 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.01; Trident/3.1)
71.213.0.189 5 BL – no Qwest – US 40.2657 -83.7380 3137.97 02/15/2018 03:00:58 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.2; Trident/4.1)
94.253.34.6 11 BL – no AS21453 – RU 55.7616 37.6411 9806.16 02/15/2018 03:00:59 POST /wp-content/plugins/cardoza-facebook-like-box/cardoza_facebook_like_box.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 5.0) AppleWebKit/5322 (KHTML, like Gecko) Chrome/36.0.889.0 Mobile Safari/5322
181.30.101.242 HTTPS AS10318 – AR -38.0000 -57.5667 9831.56 02/15/2018 03:01:00 POST /modules/columnadverts/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_7 rv:6.0) Gecko/20101231 Firefox/37.0
145.255.242.110 0 BL – no AS60257 – GB 53.5231 -1.1348 8593.66 02/15/2018 03:01:05 POST /wp-content/plugins/Tevolution/tmplconnector/monetize/templatic-custom_fields/single-upload.php HTTP/1.1 404
Mozilla/5.0 (Windows NT 5.2; sl-SI; rv:1.9.2.20) Gecko/20140703 Firefox/36.0
85.105.84.48 6 BL – 23,110 AS9121 – TR 36.8924 30.7093 8484.15 02/15/2018 03:01:08 POST /modules/wdoptionpanel/wdoptionpanel_ajax.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 9.0; Windows 95; Trident/4.0)
182.61.117.113 HTTPS AS55967 – CN 39.9760 116.2950 9926.71 02/15/2018 03:01:11 POST /modules/advancedslider/ajax_advancedsliderUpload.php?action=submitUploadImage&id_slide=php HTTP/1.0 403 228 Opera/8.98 (X11; Linux x86_64; sl-SI) Presto/2.9.331 Version/11.00
201.167.56.18 HTTPS AS16960 – MX 20.7263 -101.3460 2229.23 02/15/2018 03:01:16 POST /wp-content/plugins/reflex-gallery/admin/scripts/FileUploader/php.php?Year=2018&Month=02 HTTP/1.1 404
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_7_8) AppleWebKit/5361 (KHTML, like Gecko) Chrome/36.0.814.0 Mobile Safari/5361
103.75.45.134 1 BL – 23,25,110 AS132839 – HK 22.2759 114.1670 8338.66 02/15/2018 03:01:17 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.2; Trident/4.1)
69.85.70.37 3 BL – 22 AS27569 – US 39.0805 -108.5410 1049.10 02/15/2018 03:01:18 POST /modules/homepageadvertise/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8 rv:3.0) Gecko/20120515 Firefox/36.0
123.182.255.52 7 BL – four AS4134 – CN 37.0715 115.6720 9651.52 02/15/2018 03:01:19 POST /wp-admin/post.php?task=wpdm_upload_files HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.01; Trident/3.1)
103.15.251.76 4 BL – 80,443 AS131737 – ID -6.1136 106.8910 5564.62 02/15/2018 03:01:20 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/5312 (KHTML, like Gecko) Chrome/39.0.808.0 Mobile Safari/5312
78.36.39.220 5 BL – no AS8997 – RU 61.5965 31.3613 9067.37 02/15/2018 03:01:21 POST /plugins/mm-forms-community/includes/doajaxfileupload.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; PPC Mac OS X 10_6_1 rv:5.0; sl-SI) AppleWebKit/531.15.1 (KHTML, like Gecko) Version/5.0.3 Safari/531.1
203.121.64.206 0 BL – no AS9930 – MY 3.1507 101.7130 5866.39 02/15/2018 03:01:25 POST /modules/homepageadvertise2/uploadimage.php HTTP/1.1 404
Mozilla/5.0 (compatible; MSIE 11.0; Windows NT 6.2; Trident/3.1)
185.98.26.21 HTTPS AS200697 – IQ 36.3731 43.1354 8035.47 02/15/2018 03:01:29 POST /wp-content/plugins/cardoza-facebook-like-box/cardoza_facebook_like_box.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 5.0) AppleWebKit/5322 (KHTML, like Gecko) Chrome/36.0.889.0 Mobile Safari/5322
77.122.149.211 HTTPS AS25229 – UA 47.9646 33.4374 9512.61 02/15/2018 03:01:29 POST /wp-admin/admin-ajax.php?action=load_ajax_function HTTP/1.1 406 300 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/5360 (KHTML, like Gecko) Chrome/40.0.862.0 Mobile Safari/5360
183.89.42.130 4 BL – no AS45758 – TH 14.3628 100.6720 6758.69 02/15/2018 03:01:31 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Opera/9.98 (X11; Linux x86_64; sl-SI) Presto/2.11.352 Version/10.00
113.86.223.62 3 BL – 3389 AS4134 – CN 23.4018 116.6590 8604.14 02/15/2018 03:01:33 POST /wp-admin/admin-post.php?page=wysija_campaigns&action=themes HTTP/1.1 404
Mozilla/5.0 (compatible; MSIE 8.0; Windows 98; Trident/3.0)
144.217.241.5 HTTPS AS16276 – CA 45.5029 -73.5728 3992.47 02/15/2018 03:01:33 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.01) AppleWebKit/534.19.1 (KHTML, like Gecko) Version/5.0.4 Safari/534.19.1
41.164.64.138 HTTPS AS36937 – ZA -33.9192 18.4786 3934.72 02/15/2018 03:01:36 POST /modules/simpleslideshow/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 4.0; en-US; rv:1.9.1.20) Gecko/20160701 Firefox/36.0
95.0.242.21 9 BL – seven AS9121 – TR 36.2672 36.5737 8211.56 02/15/2018 03:01:36 POST /modules/wdoptionpanel/wdoptionpanel_ajax.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 9.0; Windows 95; Trident/4.0)
50.224.108.182 3 BL – 443 AS7922 – US 36.1869 -86.6005 2897.77 02/15/2018 03:01:37 POST /wp-content/plugins/google-maps-by-daniel-martyn/inuse.php HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 6.0) AppleWebKit/5352 (KHTML, like Gecko) Chrome/40.0.853.0 Mobile Safari/5352
95.24.130.204 8 BL – four AS8402 – RU 55.6950 37.6847 9814.06 02/15/2018 03:01:38 POST /wp-content/plugins/page-google-maps/pr.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_8 rv:4.0; sl-SI) AppleWebKit/531.50.3 (KHTML, like Gecko) Version/4.0 Safari/531.5
110.77.212.232 2 BL – no AS131090 – TH 16.3440 102.8030 7071.12 02/15/2018 03:01:40 POST /modules/columnadverts/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_7 rv:6.0) Gecko/20101231 Firefox/37.0
159.203.181.50 2 BL – 22 AS62567 – US 40.7935 -74.0225 3959.77 02/15/2018 03:01:40 POST /wp-content/plugins/gallery-slider/register.php HTTP/1.1 406 300 Mozilla/5.0 (iPhone; CPU iPhone OS 7_1_1 like Mac OS X; en-US) AppleWebKit/535.28.4 (KHTML, like Gecko) Version/3.0.5 Mobile/8
220.181.165.199 2 BL – no 17676 – CN 39.9152 116.3740 9926.25 02/15/2018 03:01:43 POST /wp-content/plugins/wp-handy-lightbox/begin.php HTTP/1.1 403 228 Opera/8.31 (X11; Linux x86_64; sl-SI) Presto/2.9.285 Version/10.00
88.147.142.25 2 BL – no AS12389 – RU 51.5431 45.9987 9612.38 02/15/2018 03:01:51 POST /plugins/mm-forms-community/includes/doajaxfileupload.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; PPC Mac OS X 10_6_1 rv:5.0; sl-SI) AppleWebKit/531.15.1 (KHTML, like Gecko) Version/5.0.3 Safari/531.1
159.192.226.108 2 BL – no AS131090 – TH 14.7098 103.2990 6960.37 02/15/2018 03:01:52 POST /wp-admin/post.php?task=wpdm_upload_files HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.01; Trident/3.1)
103.76.23.7 2 BL- 21,2,3-53 Unknown – ID 3.6229 98.8814 5700.91 02/15/2018 03:01:53 POST /wp-admin/admin-post.php?task=wpmp_upload_previews HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/5.1)
60.246.255.63 3 BL – no AS4609 – MO 22.2031 113.5450 8289.53 02/15/2018 03:01:53 POST /wp-content/plugins/cherry-plugin/admin/import-export/upload.php HTTP/1.0 403 228 Mozilla/5.0 (compatible; MSIE 11.0; Windows 98; Win 9x 4.90; Trident/5.1)
138.68.178.219 8 BL – 23,80 DigitalOcean – GB 51.5154 -0.0925 8794.54 02/15/2018 03:01:54 POST /wp-content/plugins/dzs-videogallery/admin/upload.php HTTP/1.1 403 228 Opera/8.54 (Windows 95; sl-SI) Presto/2.9.338 Version/11.00
14.207.153.237 1 BL – no 3BB.CO – TH 7.6754 99.0706 6063.34 02/15/2018 03:02:06 POST /modules/homepageadvertise/uploadimage.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8 rv:3.0) Gecko/20120515 Firefox/36.0
165.16.54.220 9 BL – no AS37284 – LY 32.7922 12.4842 8998.02 02/15/2018 03:02:06 POST /wp-content/plugins/contus-hd-flv-player/uploadVideo.php HTTP/1.1 406 300 Opera/8.18 (X11; Linux x86_64; sl-SI) Presto/2.11.317 Version/12.00
80.211.241.187 7 BL – 22 AS205727 – PL 52.2244 21.0329 9676.56 02/15/2018 03:02:09 POST /wp-content/plugins/mailpress/mp-includes/action.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/5331 (KHTML, like Gecko) Chrome/37.0.801.0 Mobile Safari/5331
149.202.38.124 HTTPS AS16276 – FR 50.6913 3.1732 9024.08 02/15/2018 03:02:10 POST /wp-content/plugins/php-event-calendar/server/file-uploader/ HTTP/1.1 406 300 Opera/9.63 (X11; Linux i686; en-US) Presto/2.9.174 Version/12.00
173.249.0.222 2 BL – five AS51167 – DE 48.1373 11.5755 9645.16 02/15/2018 03:02:11 POST /wp-admin/admin-post.php?page=wysija_campaigns&action=themes HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 8.0; Windows 98; Trident/3.0)
83.140.125.158 2 BL – 53,80,443 AS16150 – SE 56.7056 12.7177 8957.17 02/15/2018 03:02:11 POST /wp-admin/post.php?task=wpdm_upload_files HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 5.01; Trident/3.1)
120.194.249.244 1 BL – five AS9808- CN 36.7145 117.5340 9734.25 02/15/2018 03:02:18 POST /modules/columnadverts/uploadimage.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_5_7 rv:6.0) Gecko/20101231 Firefox/37.0
109.238.208.242 HTTPS AS48574 – CZ 50.3907 14.5910 9585.49 02/15/2018 03:02:23 POST /wp-admin/admin-ajax.php HTTP/1.1 406 300 Opera/9.98 (X11; Linux x86_64; sl-SI) Presto/2.11.352 Version/10.00
187.32.93.225 1 BL – 80 AS16735 – BR -21.1783 -47.8067 9645.15 02/15/2018 03:02:23 POST /modules/megamenu/uploadify/uploadify.php?id=xz9vw.php.png HTTP/1.1 403 228 Opera/8.53 (X11; Linux i686; en-US) Presto/2.8.255 Version/11.00
174.70.241.8 4 BL – no AS22773 – US 37.6882 -97.3430 1942.68 02/15/2018 03:02:24 POST /components/com_sexycontactform/fileupload/index.php HTTP/1.1 406 300 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/5330 (KHTML, like Gecko) Chrome/40.0.892.0 Mobile Safari/5330
103.251.164.14 2 BL – no AS60404 – NL 51.5805 5.0898 9049.03 02/15/2018 03:02:25 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/upload.php HTTP/1.1 406 300 Opera/8.90 (Windows NT 5.01; sl-SI) Presto/2.10.308 Version/10.00
174.70.241.14 4 BL – no AS22773 – US 37.6882 -97.3430 1942.68 02/15/2018 03:02:25 POST /wp-content/plugins/dzs-portfolio/admin/upload.php HTTP/1.1 406 300 Mozilla/5.0 (Windows 98; Win 9x 4.90) AppleWebKit/5330 (KHTML, like Gecko) Chrome/36.0.864.0 Mobile Safari/5330
14.207.11.253 1 BL – no 3BB.CO – TH 13.6918 100.4140 6682.44 02/15/2018 03:02:41 POST /wp-admin/admin-post.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_1 rv:6.0; sl-SI) AppleWebKit/534.39.2 (KHTML, like Gecko) Version/5.0.4 Safari/
139.59.45.164 22 BL – 22,80 AS135340 – IN 12.9472 77.5789 5470.55 02/15/2018 03:02:43 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/upload.php HTTP/1.1 403 228 Opera/8.90 (Windows NT 5.01; sl-SI) Presto/2.10.308 Version/10.00
36.82.217.209 3 BL – no AS17974 – ID -0.5022 117.1540 6834.62 02/15/2018 03:02:54 POST /wp-content/plugins/font-uploader/font-upload.php HTTP/1.1 406 300 Mozilla/5.0 (Windows NT 5.2; en-US; rv:1.9.0.20) Gecko/20110225 Firefox/36.0
174.125.15.189 5 BL – no AS5668 – US 37.9161 -90.7103 2527.10 02/15/2018 03:03:02 POST /wp-admin/admin-post.php HTTP/1.1 406 300 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_1 rv:6.0; sl-SI) AppleWebKit/534.39.2 (KHTML, like Gecko) Version/5.0.4 Safari/
192.169.140.100 HTTPS AS26496 – US 33.5996 -111.8900 604.00 02/15/2018 03:03:05 POST /wp-content/plugins/codecanyon-157782-video-gallery-wordpress-plugin-w-youtube-vimeo-/admin/upload.php HTTP/1.1 406 300 Opera/8.90 (Windows NT 5.01; sl-SI) Presto/2.10.308 Version/10.00
177.24.63.145 2 BL – no AS26599 – BR -23.3965 -46.3200 9917.09 02/15/2018 03:03:08 POST /wp-content/plugins/simple-ads-manager/sam-ajax-admin.php HTTP/1.1 406 300 Opera/8.18 (Windows NT 6.2; en-US) Presto/2.9.337 Version/12.00
36.37.225.50 HTTPS AS38623 – KH 11.3704 104.7470 6772.41 02/15/2018 03:03:11 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 406 300 Opera/8.54 (Windows 95; sl-SI) Presto/2.9.338 Version/11.00
193.112.3.225 2 BL – four AS5413 – CN 39.9576 116.3360 9927.55 02/15/2018 03:03:14 POST /wp-content/plugins/mm-forms-community/includes/doajaxfileupload.php HTTP/1.0 403 228 Mozilla/5.0 (Macintosh; PPC Mac OS X 10_6_1 rv:5.0; sl-SI) AppleWebKit/531.15.1 (KHTML, like Gecko) Version/5.0.3 Safari/531.1
171.97.81.161 3 BL – 443 ASIANET.CO – TH 13.7306 100.5090 6691.99 02/15/2018 03:03:48 POST /wp-content/plugins/php-event-calendar/server/file-uploader/ HTTP/1.1 406 300 Opera/9.63 (X11; Linux i686; en-US) Presto/2.9.174 Version/12.00
185.184.1.176 12 BL – seven AS50564 – ES 37.6674 -0.9540 9781.90 02/15/2018 03:04:14 POST /wp-content/plugins/dzs-portfolio/upload.php HTTP/1.1 406 300 Mozilla/5.0 (Windows 98; Win 9x 4.90) AppleWebKit/5330 (KHTML, like Gecko) Chrome/36.0.864.0 Mobile Safari/5330
121.129.127.209 HTTPS Unknown – KR 37.5632 126.9930 9602.91 02/15/2018 03:17:25 POST /wp-content/plugins/dzs-portfolio/upload.php HTTP/1.1 403 228 Opera/8.62 (X11; Linux x86_64; en-US) Presto/2.12.319 Version/11.00
23.129.64.102 HTTPS AS396507 – US 47.6047 -122.3260 1550.83 02/15/2018 03:18:31 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/4.1)
181.196.50.238 HTTPS AS28006 – EC -0.9892 -77.8153 5738.00 02/15/2018 03:18:54 POST /wp-content/plugins/dzs-portfolio/upload.php HTTP/1.1 406 300 Opera/8.62 (X11; Linux x86_64; en-US) Presto/2.12.319 Version/11.00
178.32.57.216 5 BL – 80,1723 AS16276 – FR 50.6913 3.1732 9024.08 02/15/2018 03:19:16 POST /wp-content/plugins/dzs-videogallery/admin/upload.php HTTP/1.1 406 300 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/4.1)
13.73.235.122 1 BL – no AS8075 – JP 34.6965 135.4910 9204.73 02/15/2018 03:19:17 POST /wp-content/plugins/dzs-videogallery/upload.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 5.0; Windows NT 5.0; Trident/4.1)


In March 2018 nearly all the attacks were still against [my nonexistent] WordPress installations. Groups 3, 8 & 10 were most extensive but Group 3 had the most exquisite timing, suggesting a continuation of the earlier Russian (?) attacks of December 2017, January 2018 and February 2018. The attacks of Groups 8, 9 & 10 all came from a few Ukranian servers ... again suggesting a Russian influence, judging from their timing, but with less sophistication or timing control.The use of the NYU Internet Census in Groups 8 through 10 is rather odd in the present context, as is its IP address (162.213.255.52) and NameCheap.com registrar.
Key to the March table's columns:
A: IPv4s or Hostnames of servers
B: CIDR address range of originating servers
C: Autonomous System Numbers & Country Codes of servers
D: Dates
E: Time of arrival of hacking attempts F: POST specifics & Groupings
G: Error Code 403 = Forbidden H: Bytes transferred
I: User agents (not to be taken as absolutely true)

A
B
C
D
E
F
G
H
I





Group 01


80.82.67.214 80.82.67.0/24 AS29073 – SC 03/01/2018 23:18:32 POST /blog/xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
80.82.67.214 80.82.67.0/24 AS29073 – SC 03/01/2018 23:18:32 POST /xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8





Group 02



68.65.120.48 68.65.120.0/22 AS16626 – US 03/04/2018 12:48:36 POST /blog/xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
68.65.120.48 68.65.120.0/22 AS16626 – US 03/04/2018 12:48:36 POST /xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8





Group 03


h88-150-210-25.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:30 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.20) Gecko/20081217 Firefox/2.0.0.20
no.rdns-yet.ukservers.com 94.46.192.0/22 AS42831 – GB 03/04/2018 15:57:30 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SIMBAR={82AC6A38-2BDF-482a-9D72-7CC68ECC2D2D})
h88-150-182-168.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:31 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; de; rv:1.8.1.4) Gecko/20070509 Camino/1.5 (MultiLang)
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:31 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 6.1; Trident/4.0; GTB7.1; SLCC2; .NET CLR 2.0.50727; .NET CLR 3.5.30729; .NET CLR 3.0.30729; .NET4.0C)
121.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:32 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 6.0; SLCC1; .NET CLR 2.0.50727; .NET CLR 3.0.04506; InfoPath.1; .NET CLR 1.1.4322)
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:32 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 6.0; en-us) AppleWebKit/525.28.3 (KHTML, like Gecko) Version/3.2.3 Safari/525.28.3
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:32 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 6.0; en-us) AppleWebKit/525.28.3 (KHTML, like Gecko) Version/3.2.3 Safari/525.28.3
no.rdns-yet.ukservers.com 94.46.192.0/22 AS42831 – GB 03/04/2018 15:57:32 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 4.0)
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:33 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061204 GranParadiso/3.0a1
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:33 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9a1) Gecko/20061204 GranParadiso/3.0a1
133.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:34 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
133.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:34 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)
4-181-243-80.rackcentre.redstation.net.uk 62.233.64.0/18 AS20860 – GB 03/04/2018 15:57:34 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; SIMBAR={587357DA-1E9B-4184-B7AE-D53D5D51A736}; FunWebProducts)
h88-150-210-25.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:34 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8 ( .NET CLR 3.5.30729) FirePHP/0.5
121.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:35 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US) AppleWebKit/525.13 (KHTML, like Gecko) Chrome/0.2.149.29 Safari/525.13
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:35 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.7 (KHTML, like Gecko) Chrome/16.0.911.0 Safari/535.7
156.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:36 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; .NET CLR 1.0.3705; .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; UCLBC)
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:36 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (compatible; Konqueror/3.5; Linux 2.6.23-gentoo-r3; X11; x86_64; de) KHTML/3.5.8 (like Gecko) (Gentoo)
133.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:37 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (iPad; U; CPU OS 4_3_3 like Mac OS X; en-us) AppleWebKit/533.17.9 (KHTML, like Gecko) version/5.0.2 Mobile/8J3 Safari/6533.18.5
219-79-73-109.rackcentre.redstation.net.uk 62.233.64.0/18 AS20860 – GB 03/04/2018 15:57:37 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; nb-NO; rv:1.9.0.19) Gecko/2010031422 Firefox/3.0.19 (.NET CLR 3.5.30729)
h88-150-182-195.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:37 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.8.1.4) Gecko/20070515 Firefox/2.0.0.4
16.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:38 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (X11; U; Linux i686; de; rv:1.8.1.12) Gecko/20080201 Firefox/2.0.0.12
165.231.45.11 165.231.32.0/20 AS37662 – GB 03/04/2018 15:57:38 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.1 (KHTML, like Gecko) Chrome/13.0.782.112 Safari/535.1
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:38 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:6.0a2) Gecko/20110527 Firefox/6.0a2
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:39 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9.0.3) Gecko/2008092417 Firefox/3.0.1 (de) (TL-FF)
h88-150-210-36.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:39 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/534.24 (KHTML, like Gecko) Chrome/11.0.696.68 Safari/534.24
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:40 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.04506.30; InfoPath.2; MS-RTC LM 8; .NET CLR 3.0.04506.648)
156.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:41 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9.0.10) Gecko/2009042315 Firefox/3.0.10
h37-220-22-187.host.redstation.co.uk 37.220.0.0/19 AS20860 – GB 03/04/2018 15:57:41 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; GTB6; DS_desktopsmiley; desktopsmiley_3_3_277900093213757613_1_74),gzip(gfe) (via translate.google.com)
h88-150-210-51.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:42 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.8.1.17) Gecko/20080829 Firefox/2.0.0.17
h88-150-210-44.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:43 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.9a1) Gecko/20070308 Minefield/3.0a1
no.rdns-yet.ukservers.com 94.46.192.0/22 AS42831 – GB 03/04/2018 15:57:44 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (X11; U; Linux i686; de; rv:1.9.1.8) Gecko/20100214 Ubuntu/9.10 (karmic) Firefox/3.5.8
h37-220-22-174.host.redstation.co.uk 37.220.0.0/19 AS20860 – GB 03/04/2018 15:57:45 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2.22) Gecko/20110902 Firefox/3.6.22
h88-150-210-51.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:45 POST /lesquereuxvoliii/botanicalnames-vols-i-ii-iii.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; YPC 3.0.0; FunWebProducts; PeoplePal 3.0)
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:46 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 5.1; de; rv:1.9b4) Gecko/2008030714 Firefox/2.0
uk.virtono.com 77.81.107.0/24 AS9009 – RO 03/04/2018 15:57:46 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; ImageShack Toolbar 4.4.3)
56-181-243-80.rackcentre.redstation.net.uk 62.233.64.0/18 AS20860 – GB 03/04/2018 15:57:47 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1; YPC 3.0.2; .NET CLR 1.1.4322; yplus 4.4.02b)
h88-150-210-51.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:48 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; U; Windows NT 6.0; de; rv:1.9.0.13) Gecko/2009073022 Firefox/3.0.13 (.NET CLR 3.5.30729)
188.79.44.185.baremetal.zare.com 185.44.79.0/24 AS199854 – GB 03/04/2018 15:57:49 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; PPC Mac OS X Mach-O; en-GB; rv:1.7.10) Gecko/20050717 Firefox/1.0.6
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:49 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Opera/9.50 (X11; Linux i686; U; en)
h88-150-182-216.host.redstation.co.uk 88.150.182.128/25 AS20860 – GB 03/04/2018 15:57:50 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/535.1 (KHTML, like Gecko) Ubuntu/11.04 Chromium/14.0.835.202 Chrome/14.0.835.202 Safari/535.1
h88-150-210-121.host.redstation.co.uk 88.150.210.0/25 AS20860 – GB 03/04/2018 15:57:51 POST /lesquereuxatlasp/lepidendron-to-corrugatum-lesquereux.htm/trackback/ HTTP/1.1 403 228 Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; SV1; .NET CLR 1.1.4322; .NET CLR 2.0.50727)





Group 04


123.57.254.142 123.56.0.0/15 AS45096 – CN 03/05/2018 02:51:11 POST /blog/xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8





Group 05


mail.soloworld.co.ke 197.248.0.0/18 AS37061- KE 03/08/2018 03:56:45 POST /blog/xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
mail.soloworld.co.ke 197.248.0.0/18 AS37061- KE 03/08/2018 03:56:45 POST /xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8





Group 06


98.143.159.154.static.quadranet.com 98.143.144.0/20 AS29761 – US 03/12/2018 08:01:46 POST / HTTP/1.1 403 228 Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
98.143.159.154.static.quadranet.com 98.143.144.0/20 AS29761 – US 03/12/2018 08:05:55 POST /wp-content/plugins/asset-manager/upload.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)
98.143.159.154.static.quadranet.com 98.143.144.0/20 AS29761 – US 03/12/2018 09:08:17 POST /uploadify/uploadify.php?folder=/ HTTP/1.1 403 228 Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
98.143.159.154 98.143.144.0/20 AS29761 – US 03/12/2018 10:22:09 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
98.143.159.154 98.143.144.0/20 AS29761 – US 03/12/2018 20:15:21 POST /license.php HTTP/1.1 403 228 Mozilla/5.0 (Windows; Windows NT 5.1; en-US) Firefox/3.5.0
98.143.159.154 98.143.144.0/20 AS29761 – US 03/12/2018 20:15:22 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.1; Trident/5.0)





Group 07


ip-166-62-45-148.ip.secureserver.net 166.62.0.0/17 AS26496 – US 03/22/2018 17:21:18 POST /blog/xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8
ip-166-62-45-148.ip.secureserver.net 166.62.0.0/17 AS26496 – US 03/22/2018 17:21:18 POST /xmlrpc.php HTTP/1.1 403 228 Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10.6; fr; rv:1.9.2.8) Gecko/20100722 Firefox/3.6.8





Group 08


5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:19:35 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:19:36 POST /wp/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:19:37 POST /blog/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:19:37 POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:57:31 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:57:31 POST /wp/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:57:32 POST /blog/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/22/2018 19:57:32 POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/22/2018 23:06:14 POST /wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/22/2018 23:06:15 POST /blog/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/22/2018 23:06:15 POST /wordpress/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/22/2018 23:06:15 POST /wp/wp-admin/admin-ajax.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)





Group 09


5.188.203.40 5.188.203.0/24 AS60117 – UA 03/25/2018 18:49:09 POST /RPC HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/25/2018 18:49:09 POST /RPC2 HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/25/2018 18:49:24 POST /RPC HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/25/2018 18:49:25 POST /XMLRPC HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/25/2018 19:03:14 POST /RPC2 HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/25/2018 21:12:52 POST /RPC2 HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)





Group 10


5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:28 POST /phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:29 POST /phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:29 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:30 POST /admin/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:30 POST /asset/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:31 POST /lib/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:31 POST /lib/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:32 POST /libraries/mailchimp/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:32 POST /wp-content/plugins/contact-form-7-to-database-extension/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:33 POST /wp-content/plugins/js_composer_theme/vendor/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:33 POST /wp-content/themes/howto_wp/metabox/tests/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:34 POST /wp-content/themes/Divi-child/inc/meta/tests/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:10:35 POST /admin/ckeditor/plugins/ajaxplorer/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:29:28 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 13:29:29 POST /wp-content/plugins/dzs-videogallery/class_parts/vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 22:25:19 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/28/2018 22:41:04 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/29/2018 00:07:06 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.203.40 5.188.203.0/24 AS60117 – UA 03/29/2018 11:36:00 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)
5.188.9.80 5.188.9.0/24 AS43350 – UA 03/29/2018 11:58:28 POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1 403 228 NYU Internet Census (https://scan.lol; research@scan.lol)