List With Ips That Are Trying To Hack Cs-Cart Trought Api

Hi,

A while back we start monitoring the API requests and we found out that is in a continues trying to be hacked and bellow we share with you a list with IPs and also some parts of the requests









1.80.3.229
1.192.147.162
23.27.103.197 - Baiduspider
23.27.117.182 - Baiduspider
23.239.96.10
27.16.212.50
27.110.254.120
36.248.19.178
39.109.126.36
42.85.131.5
42.85.131.5
42.180.124.114
43.251.118.67 - Fake Baiduspider
50.117.40.70
58.56.96.52
60.176.228.251
61.218.40.100
81.88.49.35
91.107.64.185
101.75.146.107
103.45.70.72
103.231.12.179
106.45.1.143
111.224.218.54
112.66.107.96
112.117.17.8
113.233.161.79
113.238.169.77
113.247.33.244
114.199.68.65
115.84.71.25
115.84.71.34
115.84.71.205
115.84.97.206
115.84.97.210
115.84.98.16
115.84.98.22
115.84.98.53
115.84.98.83
115.84.98.92
115.84.117.190
116.253.143.197
118.113.21.147
118.250.115.138
119.84.99.2
119.84.99.5
120.10.18.238
120.10.45.226
120.79.209.163
120.200.69.32
120.200.68.18
120.200.69.32
120.200.69.59
120.200.70.100
120.200.71.48
121.16.172.25
121.40.20.81
121.58.213.122
122.97.174.139
122.97.174.163
122.97.174.198
122.97.178.158
122.97.178.165
122.97.178.208
122.97.179.88
122.114.171.128
122.114.193.70
122.226.184.68
125.46.207.74
122.114.171.128
122.226.184.68
122.114.193.70
122.226.184.76
124.47.22.86
124.235.138.100
125.41.80.127
125.46.206.61
125.68.15.176
125.84.176.125
139.205.4.205
141.101.166.199
142.54.172.210
148.163.168.82
152.32.140.196
152.32.140.254
153.3.195.194
171.36.135.110
171.42.159.139
173.245.77.219
175.11.230.143
175.148.145.158
175.148.161.162
180.143.55.68
180.232.7.5
182.109.177.41
182.109.183.255
182.124.97.214
182.242.105.247
183.42.49.82
183.214.196.29
183.214.196.81
183.214.196.83
202.178.116.122
203.177.158.165
205.164.26.80
216.172.155.152
218.14.55.82
219.156.64.184
220.200.158.119
220.250.62.132
221.3.160.180
221.193.59.216
221.195.215.163
221.232.20.247
222.86.227.236
222.137.31.99
222.137.167.228
222.186.10.28
222.186.10.54
222.186.10.142
222.186.46.6
222.186.46.122
222.186.57.34
222.186.57.109
222.186.57.142
222.186.57.149
222.186.59.29
222.186.59.44
222.186.150.193
222.186.150.234
222.186.150.239
222.186.160.61
222.218.251.83
222.244.138.71
223.73.88.207
223.88.244.203
223.166.74.211

Hmm, Can I block access to /api directory?

Hmm, Can I block access to /api directory?


For all our customers that don't use API we rename the file /api.php

Are you updating this list IP?

IP lists are going to be fairly useless the longer time goes by,

The question really is .. what are they manipulating through your cart via the API?

Have you locked down your API at all? Nothing should be push/pulling without some baseline security and key pairs established.