Exploited Vulnerabilities:
Remote File Upload Vulnerability in Fast-image-adder v1.1 Wordpress Plugin
WPO-Foundation WebPageTest Cross Site Scripting Vulnerability
Multiple Cross Site Scripting Vulnerabilities Found in FlightAirMap
Admin Custom Login WordPress Plugin affected by persistent Cross-Site Scripting via Logo URL field
Top 10 Attacker Countries:
CountryAttacks% of the total attacks of the world
China24043.1%
Argentina9116.3%
Russian Federation6111%
Brazil274.8%
Ecuador234.1%
United States223.9%
India213.8%
North Korea81.4%
Colombia71.3%
Iran71.3%
Top 10 Attacker Host
CountryHostOccurrences
China183.214.141.10245
China218.87.109.15029
China202.109.143.4710
China202.109.143.10410
China111.74.238.177
United States96.92.255.25
Brazil177.183.89.544
Taiwan219.71.36.1913
Russian Federation195.162.95.352
Detailed Report on Suspicious Hosts:
RP Intelligence System has detected IP addresses which are involved in suspicious behavior.
Behavior: Scanning hosts
Activity: Continuously using different username password combination existing and non existing usernames.
We have found following different types of events:
- Failed Password
- Invalid User
- Authentication Failure
- X more authentication failures
- Input userauth request invalid user
- userdel: Check pass
Type of Attack: Bruteforce
Source IP Addresses:
183.214.141.102
218.87.109.150
202.109.143.47
202.109.143.104
111.74.238.17
187.217.199.20
96.92.255.2
219.71.36.191
177.183.89.54
221.183.16.231
195.162.95.35
147.46.152.40
183.214.141.102
218.87.109.150
5.39.218.159
201.176.129.21
201.254.27.107
197.48.218.197
186.59.140.232
117.195.178.149
123.31.31.186
181.24.164.210
190.174.159.128