[nsp-sec] Abuser IP's, possible bots
Maher, Kevin E.
kmaher at ebay.com
Wed Jul 29 09:09:06 EDT 2009
The following IP addresses participated in a GET / type flood against
slando.com, which is a classifieds site serving users in ten different
countries, including Russia and Ukraine, where most of this traffic also
originated. Ebay is a minority investor in the company, if their logo seems
oddly familiar.
Each of these had over 1000 ³GET /² requests at a rate of ~5/second, and
were subsequently blocked at various times between 22 July 02:27 UTC and 26
July 18:47 UTC.
I can provide exact timestamps and web access_log information for individual
IP addresses as needed.
Thanks,
Kevin
2854 | 194.84.56.192 | ROSPRINT-AS &Equant Russia AS
3239 | 94.50.24.144 | RU-SURNET Uralsvyazinform, Chelyabinsk branch
3249 | 85.29.229.247 | ESTPAK Elion Enterprises Ltd.
3253 | 213.191.6.222 | Ural Relcom Ltd.
5598 | 194.44.18.125 | NETLUX-AS ISP Netlux Networks
6697 | 93.85.126.70 | BELPAK-AS BELPAK
6697 | 93.85.127.137 | BELPAK-AS BELPAK
6767 | 80.80.116.37 | RU-CTSRND-AS Rostov-on-Don CTS/ICOMM Node
6767 | 94.77.153.28 | RU-CTSRND-AS Rostov-on-Don CTS/ICOMM Node
6828 | 94.51.141.191 | USI Uralsviazinform
6849 | 92.112.197.120 | UKRTELNET JSC UKRTELECOM,
6849 | 95.133.10.195 | UKRTELNET JSC UKRTELECOM,
6849 | 95.133.106.149 | UKRTELNET JSC UKRTELECOM,
6849 | 95.133.114.93 | UKRTELNET JSC UKRTELECOM,
6849 | 95.133.55.226 | UKRTELNET JSC UKRTELECOM,
7643 | 123.22.210.149 | VNN-AS-AP Vietnam Posts and Telecommunications
(VNPT)
8359 | 85.140.215.123 | COMSTAR COMSTAR-Direct Moscow region network
8359 | 85.141.230.140 | COMSTAR COMSTAR-Direct Moscow region network
8359 | 89.175.185.194 | COMSTAR COMSTAR-Direct Moscow region network
8359 | 89.209.84.42 | COMSTAR COMSTAR-Direct Moscow region network
8359 | 91.76.141.244 | COMSTAR COMSTAR-Direct Moscow region network
8359 | 91.76.221.24 | COMSTAR COMSTAR-Direct Moscow region network
8402 | 78.106.160.45 | CORBINA-AS Corbina Telecom
8402 | 78.106.160.72 | CORBINA-AS Corbina Telecom
8402 | 78.106.176.61 | CORBINA-AS Corbina Telecom
8402 | 78.106.246.74 | CORBINA-AS Corbina Telecom
8402 | 89.178.36.225 | CORBINA-AS Corbina Telecom
8402 | 89.178.4.137 | CORBINA-AS Corbina Telecom
8402 | 89.178.59.29 | CORBINA-AS Corbina Telecom
8402 | 89.178.83.97 | CORBINA-AS Corbina Telecom
8402 | 89.179.23.193 | CORBINA-AS Corbina Telecom
8402 | 89.179.66.104 | CORBINA-AS Corbina Telecom
8402 | 93.80.234.7 | CORBINA-AS Corbina Telecom
8402 | 93.81.100.162 | CORBINA-AS Corbina Telecom
8402 | 95.24.239.24 | CORBINA-AS Corbina Telecom
8402 | 95.25.107.176 | CORBINA-AS Corbina Telecom
8470 | 87.118.225.189 | MACOMNET MAcomnet Autonomous System
8470 | 87.118.227.45 | MACOMNET MAcomnet Autonomous System
8482 | 78.140.200.162 | DEMOS-SPB Demos-SPb Autonomous System
8570 | 195.34.252.14 | LES Public Data Network of Lipetsk region
8615 | 213.85.129.145 | CNT-AS CNT Autonomous System
8615 | 213.85.189.4 | CNT-AS CNT Autonomous System
8728 | 89.235.245.186 | INFONET.EE ISP Autonomous System
8997 | 78.36.169.98 | ASN-SPBNIT OJSC North-West Telecom Autonomous
System
8997 | 78.37.139.53 | ASN-SPBNIT OJSC North-West Telecom Autonomous
System
8997 | 78.37.2.44 | ASN-SPBNIT OJSC North-West Telecom Autonomous
System
8997 | 92.100.87.150 | ASN-SPBNIT OJSC North-West Telecom Autonomous
System
9198 | 82.200.172.59 | KAZTELECOM-AS Kazakhtelecom Corporate Sales
Administration
9198 | 82.200.193.124 | KAZTELECOM-AS Kazakhtelecom Corporate Sales
Administration
9198 | 92.47.185.156 | KAZTELECOM-AS Kazakhtelecom Corporate Sales
Administration
9198 | 95.57.136.221 | KAZTELECOM-AS Kazakhtelecom Corporate Sales
Administration
9198 | 95.58.145.190 | KAZTELECOM-AS Kazakhtelecom Corporate Sales
Administration
12332 | 77.35.164.9 | PRIMORYE-AS Far East Telecommunications Company
12332 | 77.35.60.153 | PRIMORYE-AS Far East Telecommunications Company
12452 | 93.157.184.198 | PROVRU AS for Prov.RU
12530 | 89.162.150.195 | GOLDENTELECOM-UKRAINE Golden Telecom
12695 | 89.208.20.90 | DINET-AS Digital Network JSC
12714 | 79.120.104.91 | TI-AS NetByNet Holding
12714 | 79.120.120.1 | TI-AS NetByNet Holding
12714 | 95.220.0.227 | TI-AS NetByNet Holding
12730 | 95.106.50.156 | INECO_AS INECO Autonomous System
12883 | 93.178.228.27 | UCOMLINE Vega Telecom
13367 | 66.41.239.169 | COMCAST-13367 - Comcast Cable Communications
Holdings, Inc
15468 | 62.148.147.105 | KLGELECS-AS ru.klgelecs Local Registry
Autonomous System
15468 | 62.148.148.226 | KLGELECS-AS ru.klgelecs Local Registry
Autonomous System
15582 | 83.167.116.19 | AKADO-STOLITSA-AS _AKADO-Stolitsa_ JSC
15582 | 92.243.183.6 | AKADO-STOLITSA-AS _AKADO-Stolitsa_ JSC
16287 | 217.116.157.26 | KUZBASSNET Kemerovo regional branch of OJSC
_Sibirtelecom_
16345 | 217.118.93.84 | BEE-AS JSC _VimpelCom_
16345 | 217.118.95.37 | BEE-AS JSC _VimpelCom_
20485 | 83.234.161.122 | TRANSTELECOM JSC Company TransTeleCom
20485 | 83.234.239.25 | TRANSTELECOM JSC Company TransTeleCom
20632 | 84.204.215.54 | SYNTERRA-NW-AS Synterra
20632 | 93.153.168.28 | SYNTERRA-NW-AS Synterra
20632 | 93.153.212.118 | SYNTERRA-NW-AS Synterra
21378 | 84.42.29.182 | CTCTVER JSC _CenterTelecom_ Tver branch
21479 | 87.117.3.111 | ROSTOV-TELEGRAF-AS Autonomous system of
23456 | 83.143.32.7 | -Reserved AS-
24612 | 80.95.36.67 | PENZA-SVIAZINFORM-AS JSC Volgatelecom, Penza
branch
24697 | 195.69.248.206 | SATURN-ASN Saturn ISP AS
24955 | 94.41.78.208 | UBN-AS JSC _Ufanet_, Ufa, Russia
25229 | 93.73.139.78 | VOLIA-AS Volia Autonomous System
25272 | 80.92.96.15 | SINSTELECOM-AS Autonomous System for IKAR
INVEST (SINSTELECOM NET)
25299 | 217.199.226.85 | DEXP-AS Data Express
25308 | 212.118.33.45 | CITYLAN-AS CityLanCom, ISP, Moscow, Russia
25405 | 95.37.151.173 | NMTS-AS OJSC VolgaTelecom, Nizhny Novgorod
25405 | 95.37.171.238 | NMTS-AS OJSC VolgaTelecom, Nizhny Novgorod
25515 | 77.51.107.166 | CTCNET-AS Joint-Stock Central Telecommunication
Company Autonomous System
25515 | 77.51.107.245 | CTCNET-AS Joint-Stock Central Telecommunication
Company Autonomous System
25515 | 77.51.41.93 | CTCNET-AS Joint-Stock Central Telecommunication
Company Autonomous System
25515 | 77.51.65.56 | CTCNET-AS Joint-Stock Central Telecommunication
Company Autonomous System
25515 | 95.72.26.110 | CTCNET-AS Joint-Stock Central Telecommunication
Company Autonomous System
28812 | 94.75.22.98 | JSCBIS-AS BashInformSvyaz Autonomous System
28840 | 89.232.105.128 | TATTELECOM-AS Tattelecom.ru/Tattelecom
Autonomous System
28843 | 62.205.225.153 | DAUTKOM-AS The SIA DauTKom TV serve customers
of cable network,
28843 | 62.205.225.195 | DAUTKOM-AS The SIA DauTKom TV serve customers
of cable network,
28858 | 194.242.117.42 | LECOS Lecos ISP
29124 | 81.200.20.98 | SU29-AS ISP _SU29-TELECOM_
29385 | 213.206.54.167 | BUZTON-JV-AS AS of BUZTON J.V. - fixed line
telecom operator in UZBEKISTAN
30944 | 82.135.148.183 | DKD-AS UAB DKD
31148 | 94.76.80.164 | FREENET-AS FreeNet ISP
31257 | 94.73.251.112 | ORIONNET-NET JSC _Orion telecom_ ISP for
Krasnoyarsk city
31272 | 217.77.223.31 | WILDPARK-AS ISP WildPark, Ukraine, Nikolaev
31692 | 77.236.72.6 | SATURN-R-AS Saturn-R Perm
33287 | 98.225.236.6 | COMCAST-33287 - Comcast Cable Communications,
Inc.
33892 | 83.172.35.5 | SELS-AS The municipal enterprise
_Severskelektrosviaz_ AS
34046 | 195.245.81.67 | SHIELD-AS ShieldTelecom, Kiev, Ukraine
34145 | 79.136.212.240 | TOMTEL City Cable TV Network Operator Company
34241 | 193.138.178.57 | NCT-AS New Communication Technologies AS
34300 | 85.93.132.114 | SPACENET-AS Internet-Cosmos Ltd.
34300 | 85.93.137.144 | SPACENET-AS Internet-Cosmos Ltd.
34590 | 94.181.97.147 | NEOLINK Udmurt Investment Company, Ltd.
34743 | 193.151.252.90 | NASHNET-AS NashNet network
34869 | 89.113.30.232 | EKANET-AS Ekaterinburg Networks Inc
35125 | 95.158.195.215 | SMOLENSK-AS Smolensk branch of the JSC
_CenterTelecom_
35125 | 95.158.244.34 | SMOLENSK-AS Smolensk branch of the JSC
_CenterTelecom_
35511 | 88.201.230.113 | IWAN1-AS iWAN JSC
35531 | 94.50.78.239 | RU-USI-KURGAN Kurgan branch JSC Uralsvyazinform
35649 | 194.187.230.133 | DILINES-AS ISP Dilines network
35805 | 94.43.215.71 | UTG-AS United Telecom AS
39462 | 91.151.35.140 | APEX-AS Apex AS-SET
39463 | 81.25.50.231 | ULTRANET-AS JSC Lan-Telecom
39697 | 194.50.116.41 | ALGORITHM DE _Algorithm_
39785 | 93.159.243.35 | RU-MULTINET-AS Krosline Ltd
39785 | 93.159.243.45 | RU-MULTINET-AS Krosline Ltd
39922 | 217.197.113.43 | NLN-AS http://tlcm.net, Project-Telecom Ltd.,
40995 | 89.189.170.105 | CITYNET-AS Sibirskie Seti Novokuznetsk Ltd
41232 | 94.240.168.17 | SSN SouthSide Network
41440 | 92.125.112.117 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 92.125.46.228 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 92.125.63.46 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 92.126.103.65 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 92.127.15.232 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 92.127.180.2 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41440 | 95.188.83.27 | SIBIRTELECOM-AS Sibirtelecom backbone AS
41462 | 89.19.169.93 | TC-EXE-AS Comcor-TV Autonomous System
41560 | 89.251.78.55 | UT-SVR UGMK-Telecom network, Sverdlovsk region
41592 | 81.18.114.20 | BWCCJSC-AS Baykalwestcom Autonomous system
41682 | 94.181.196.106 | ERTH-TMN-AS ZAO _ER-Telecom_ Company_ Tyumen
ISP AS
41727 | 94.181.240.220 | ERTH-KIROV-AS ZAO _ER-Telecom_ Company_ Kirov
ISP AS
41957 | 195.20.194.135 | MITRU-AS Join Stock Company Information
Technologies AS
41976 | 213.168.32.222 | SZKTI-AS SZKTI AS
42116 | 95.78.78.111 | ERTH-NCHLN-AS ZAO _Telemax_ Company_ Naberejnye
Chelny ISP AS
42289 | 77.234.217.194 | VTC-ITMO-AS Saint-Petersburg State University
of Information Technologies, Mechanics and Optics
42396 | 94.248.1.150 | PPLNETUA-AS PEOPLEnet Autonomous System
42574 | 91.201.204.86 | NSPLUS-AS Novaya Sibir Plus Ltd.
42610 | 95.84.143.5 | NCNET-AS National Cable Networks
42754 | 84.51.67.225 | AROMA-LESK-AS Aroma Lesk Ltd.
42869 | 77.75.15.0 | VSC-AS Volgograd Special Communications
43318 | 78.40.81.25 | SERVTEL-AS Service Telecom AS Number
44031 | 78.37.87.92 | FRPT-AS JSC _Sviaz-Electro_
44634 | 91.202.70.233 | SSS-NSK OOO _NordTelecom_
44775 | 86.110.187.151 | ECOM-DON-AS ZAO ELECTRO-COM DON Autonomous
system
44930 | 195.230.103.11 | QAREA-AS PP _KUERIA VAIELES_
45051 | 91.203.168.140 | INFOCENTRE-SPB-AS LLC _InfoCentre_ (InfoCentre
Ltd)
47313 | 95.83.160.5 | ECOM-RZN-AS CJSC _Electro-com Ryazan_
47313 | 95.83.172.9 | ECOM-RZN-AS CJSC _Electro-com Ryazan_
47635 | 91.204.252.5 | INFOSET-COM-AS InfoSet-Com Ltd.
47678 | 91.205.4.204 | SUNLINE-AS TOV _Sun-Line_
47926 | 91.205.168.93 | KURSK-BESTNET-AS Lutsche.net Ltd
48212 | 94.243.16.108 | MKS-CHITA-AS MultiCable networks of Chita, Ltd.
49170 | 95.64.195.11 | MKSBALASHIHI-AS Closed Joint Stock Company
MultyKabelnie Seti Balashihi
49184 | 83.136.48.141 | STV-AS Group of companies STV Ltd
More information about the nsp-security
mailing list