Advertisement
MalwareMustDie

Mapping of PC Spambot April 2014 Upatre/GMO

Apr 25th, 2014
4,243
0
Never
Not a member of Pastebin yet? Sign Up, it unlocks many cool features!
text 36.36 KB | None | 0 0
  1. #MalwareMustDie! Project: Mapping of compromised PC used to send Upatre/GMO/Zbot
  2. #Purpose: We launch this project for the CERT & ISP to clean up these soam bots from their network,
  3. and supporting research/investigation to the threat of Upatre/GMO/Zbot
  4. #Range: APRIL 2014 (April 1st - April 29th 2014)
  5. #Volume Detected: 134 Hosts SMTP Success Spam Sessions, 124 IP (unique), 46 countries, 45 IP ALIVE (now)
  6. #Samples: 500+ from US, DE & Japan network
  7. #Graph: http://malwaremustdie.org/stat/spambot.html
  8. #Comment: There are older data but better we started to the new ones.
  9. If you think we should also put older data pls message to @malwaremustdie (twitter)
  10. It's a new project, please kindly help to contribute your known data. Thank's!
  11. #Source: MMD SMTP Honeypot
  12.  
  13. // 1. The SMTP Session of the Spambot
  14. // (total: 134 campaigns hosts, multiple spams per host is uncounted, further will be referred as "Session")
  15. // FQDN is unknown, some of the HELO are fakes, the IPs are correctly detected.
  16.  
  17. FQDN: unknown | Session: (HELO 109-228-l2199.crnagora.net) (109.228.72.151)
  18. FQDN: unknown | Session: (HELO reverse.completel.net) (92.103.44.112)
  19. FQDN: unknown | Session: (HELO aexp.com) (41.221.29.38)
  20. FQDN: unknown | Session: (HELO ?41.249.67.22?) (41.249.67.22)
  21. FQDN: unknown | Session: (HELO co.za) (105.224.90.36)
  22. FQDN: unknown | Session: (HELO ?85.132.57.50?) (85.132.57.50)
  23. FQDN: unknown | Session: (HELO ?42.113.40.211?) (42.113.40.211)
  24. FQDN: unknown | Session: (HELO 5aceeeff.bb.sky.com) (90.206.238.255)
  25. FQDN: unknown | Session: (HELO ?87.238.105.205?) (87.238.105.205)
  26. FQDN: unknown | Session: (HELO aexp.com) (190.21.163.4)
  27. FQDN: unknown | Session: (HELO mail.gcples.ie) (86.47.53.42)
  28. FQDN: unknown | Session: (HELO host-176-42-96-76.reverse.superonline.net) (176.42.96.76)
  29. FQDN: unknown | Session: (HELO klntrm-fld-01.forthnet.gr) (62.1.46.12)
  30. FQDN: unknown | Session: (HELO 79.Red-79-159-181.staticIP.rima-tde.net) (79.159.181.79)
  31. FQDN: unknown | Session: (HELO owa.themanorassn.com) (71.6.111.34)
  32. FQDN: unknown | Session: (HELO bb-66-63-69-26.static.gwi.net) (66.63.69.26)
  33. FQDN: unknown | Session: (HELO JEXVJQV) (1.54.240.239)
  34. FQDN: unknown | Session: (HELO ROUTER) (190.190.196.103)
  35. FQDN: unknown | Session: (HELO localhost) (113.172.105.76)
  36. FQDN: unknown | Session: (HELO ?14.47.238.211?) (14.47.238.211)
  37. FQDN: unknown | Session: (HELO ?197.155.140.130?) (197.155.140.130)
  38. FQDN: unknown | Session: (HELO 190-82-83-98.static.tie.cl) (190.82.83.98)
  39. FQDN: unknown | Session: (HELO ip-78-94-74-96.unitymediagroup.de) (78.94.74.96)
  40. FQDN: unknown | Session: (HELO 79.109.232.90.dyn.user.ono.com) (79.109.232.90)
  41. FQDN: unknown | Session: (HELO 50-223-114-200.fibertel.com.ar) (200.114.223.50)
  42. FQDN: unknown | Session: (HELO pt.lu) (83.99.38.205)
  43. FQDN: unknown | Session: (HELO h69-129-183-234.applwi.dedicated.static.tds.net) (69.129.183.234)
  44. FQDN: unknown | Session: (HELO 058177202202.ctinets.com) (58.177.202.202)
  45. FQDN: unknown | Session: (HELO RDTOGGV) (210.64.55.245)
  46. FQDN: unknown | Session: (HELO 23-25-95-101-static.hfc.comcastbusiness.net) (23.25.95.101)
  47. FQDN: unknown | Session: (HELO cust.static.109-164-236-147.swisscomdata.ch) (109.164.236.147)
  48. FQDN: unknown | Session: (HELO co.za) (105.224.111.249)
  49. FQDN: unknown | Session: (HELO cpc13-rdng22-2-0-cust455.15-3.cable.virginm.net) (80.7.141.200)
  50. FQDN: unknown | Session: (HELO vidin-110-99.vidaoptics.com) (89.106.110.99)
  51. FQDN: unknown | Session: (HELO ?14.162.160.131?) (14.162.160.131)
  52. FQDN: unknown | Session: (HELO 111-248-116-210.dynamic.hinet.net) (111.248.116.210)
  53. FQDN: unknown | Session: (HELO rs.tbroad) (124.80.45.30)
  54. FQDN: unknown | Session: (HELO localhost) (123.16.131.243)
  55. FQDN: unknown | Session: (HELO host86-171-56-89.range86-171.btcentralplus.com) (86.171.56.89)
  56. FQDN: unknown | Session: (HELO NMHHBIZEK) (116.226.24.104)
  57. FQDN: unknown | Session: (HELO ?179.32.248.54?) (179.32.248.54)
  58. FQDN: unknown | Session: (HELO customer-static-210-26-113.iplannetworks.net) (190.210.26.113)
  59. FQDN: unknown | Session: (HELO energized.webserversystems.com) (184.173.82.213)
  60. FQDN: unknown | Session: (HELO sciolli.webserversystems.com) (50.22.40.226)
  61. FQDN: unknown | Session: (HELO aexp.com) (190.21.163.4)
  62. FQDN: unknown | Session: (HELO mail.gcples.ie) (86.47.53.42)
  63. FQDN: unknown | Session: (HELO host-176-42-96-76.reverse.superonline.net) (176.42.96.76)
  64. FQDN: unknown | Session: (HELO klntrm-fld-01.forthnet.gr) (62.1.46.12)
  65. FQDN: unknown | Session: (HELO 79.Red-79-159-181.staticIP.rima-tde.net) (79.159.181.79)
  66. FQDN: unknown | Session: (HELO owa.themanorassn.com) (71.6.111.34)
  67. FQDN: unknown | Session: (HELO bb-66-63-69-26.static.gwi.net) (66.63.69.26)
  68. FQDN: unknown | Session: (HELO JEXVJQV) (1.54.240.239)
  69. FQDN: unknown | Session: (HELO 109-184-228-134.dynamic.mts-nn.ru) (109.184.228.134)
  70. FQDN: unknown | Session: (HELO ROUTER) (190.190.196.103)
  71. FQDN: unknown | Session: (HELO fttu-67-223-13-64.btes.tv) (67.223.13.64)
  72. FQDN: unknown | Session: (HELO ovh.fr) (109.190.52.100)
  73. FQDN: unknown | Session: (HELO 058177202202.ctinets.com) (58.177.202.202)
  74. FQDN: unknown | Session: (HELO AIPCDRXNX) (41.224.167.244)
  75. FQDN: unknown | Session: (HELO NUNDLXZDFF) (96.54.161.154)
  76. FQDN: unknown | Session: (HELO mx.kaitaty.biz) (174.127.126.2)
  77. FQDN: unknown | Session: (HELO host-195.242.232.122.c3.net.pl) (195.242.232.122)
  78. FQDN: unknown | Session: (HELO adsl-068-213-079-187.sip.jax.bellsouth.net) (68.213.79.187)
  79. FQDN: unknown | Session: (HELO LPuteaux-656-01-08-233.w82-127.abo.wanadoo.fr) (82.127.139.233)
  80. FQDN: unknown | Session: (HELO h25.242.55.139.static.ip.windstream.net) (139.55.242.25)
  81. FQDN: unknown | Session: (HELO localhost) (113.170.25.97)
  82. FQDN: unknown | Session: (HELO 204.red-83-61-81.dynamicip.rima-tde.net) (83.61.81.204)
  83. FQDN: unknown | Session: (HELO ?216.68.130.22?) (216.68.130.22)
  84. FQDN: unknown | Session: (HELO ?220.241.219.141?) (220.241.219.141)
  85. FQDN: unknown | Session: (HELO host89-248-static.43-85-b.business.telecomitalia.it) (85.43.248.89)
  86. FQDN: unknown | Session: (HELO ?190.40.214.13?) (190.40.214.13)
  87. FQDN: unknown | Session: (HELO gvt.net.br) (179.176.97.77)
  88. FQDN: unknown | Session: (HELO aexp.com) (14.165.147.163)
  89. FQDN: unknown | Session: (HELO m91-187-92-207.andorpac.ad) (91.187.92.207)
  90. FQDN: unknown | Session: (HELO 173-161-174-69-philadelphia.hfc.comcastbusiness.net) (173.161.174.69)
  91. FQDN: unknown | Session: (HELO host36-121-static.90-94-b.business.telecomitalia.it) (94.90.121.36)
  92. FQDN: unknown | Session: (HELO static-pppoe-209-91-139-250.vianet.ca) (209.91.139.250)
  93. FQDN: unknown | Session: (HELO 98-64-206-175.mia.bellsouth.net) (98.64.206.175)
  94. FQDN: unknown | Session: (HELO wsip-24-249-49-137.ks.ks.cox.net) (24.249.49.137)
  95. FQDN: unknown | Session: (HELO telesp.net.br) (189.111.113.46)
  96. FQDN: unknown | Session: (HELO viettel.vn) (115.78.114.177)
  97. FQDN: unknown | Session: (HELO bb118-200-233-105.singnet.com.sg) (118.200.233.105)
  98. FQDN: unknown | Session: (HELO price-a2-occam-dsl-74-214-235-177.dynamic.etv.net) (74.214.235.177)
  99. FQDN: unknown | Session: (HELO 165-146-237-85.telkomadsl.co.za) (165.146.237.85)
  100. FQDN: unknown | Session: (HELO pp01513573197.pndsl.co.uk) (84.92.51.83)
  101. FQDN: unknown | Session: (HELO host-61-70-220-59.static.kbtelecom.net) (61.70.220.59)
  102. FQDN: unknown | Session: (HELO ?213.163.172.193?) (213.163.172.193)
  103. FQDN: unknown | Session: (HELO aexp.com) (186.67.71.101)
  104. FQDN: unknown | Session: (HELO client-201.240.6.190.speedy.net.pe) (201.240.6.190)
  105. FQDN: unknown | Session: (HELO bell.ca) (76.65.166.54)
  106. FQDN: unknown | Session: (HELO 123-241-200-147.nty.dynamic.tbcnet.net.tw) (123.241.200.147)
  107. FQDN: unknown | Session: (HELO ?94.99.76.81?) (94.99.76.81)
  108. FQDN: unknown | Session: (HELO 124.126.103.218.static.netvigator.com) (218.103.126.124)
  109. FQDN: unknown | Session: (HELO device.lan) (2.90.39.32)
  110. FQDN: unknown | Session: (HELO my.firewall) (62.0.111.29)
  111. FQDN: unknown | Session: (HELO mail.haulmont.com) (213.156.200.225)
  112. FQDN: unknown | Session: (HELO ?175.136.243.201?) (175.136.243.201)
  113. FQDN: unknown | Session: (HELO LMontsouris-656-01-144-127.w217-128.abo.wanadoo.fr) (217.128.77.127)
  114. FQDN: unknown | Session: (HELO 181-21-158-244.speedy.com.ar) (181.21.134.155)
  115. FQDN: unknown | Session: (HELO aexp.com) (200.31.65.170)
  116. FQDN: unknown | Session: (HELO 109.68.246.220.static.netvigator.com) (220.246.68.109)
  117. FQDN: unknown | Session: (HELO 177-100-38-254.viacaboip.com.br) (177.100.38.254)
  118. FQDN: unknown | Session: (HELO static-4-6-27-46.ipcom.comunitel.net) (46.27.6.4)
  119. FQDN: unknown | Session: (HELO 201-249-204-194.estatic.cantv.net) (201.249.204.194)
  120. FQDN: unknown | Session: (HELO ?195.208.179.19?) (195.208.179.19)
  121. FQDN: unknown | Session: (HELO XWUYYUNHFB) (77.86.92.34)
  122. FQDN: unknown | Session: (HELO 6.207.126.177.cpnet.com.br) (177.126.207.6)
  123. FQDN: unknown | Session: (HELO rrcs-97-79-49-98.se.biz.rr.com) (97.79.49.98)
  124. FQDN: unknown | Session: (HELO localhost) (113.189.81.133)
  125. FQDN: unknown | Session: (HELO XSFJWPY) (124.137.227.254)
  126. FQDN: unknown | Session: (HELO p29069-ipngnfx01osakakita.osaka.ocn.ne.jp) (180.43.69.69)
  127. FQDN: unknown | Session: (HELO CKHSABBGOM) (103.9.88.146)
  128. FQDN: unknown | Session: (HELO QENQNYVXOG) (212.34.12.20)
  129. FQDN: unknown | Session: (HELO mail.42.fskn.gov.ru) (95.181.56.74)
  130. FQDN: unknown | Session: (HELO ?183.100.213.187?) (183.100.213.187)
  131. FQDN: unknown | Session: (HELO aexp.com) (190.141.53.97)
  132. FQDN: unknown | Session: (HELO ?92.85.195.181?) (92.85.195.181)
  133. FQDN: unknown | Session: (HELO brasiltelecom.net.br) (177.1.109.148)
  134. FQDN: unknown | Session: (HELO 90.148.30.158.dynamic.saudi.net.sa) (90.148.30.158)
  135. FQDN: unknown | Session: (HELO 79-51-40-46.dynamic.stcable.net) (46.40.51.79)
  136. FQDN: unknown | Session: (HELO localhost) (117.5.135.201)
  137. FQDN: unknown | Session: (HELO YNOSRYKMEX) (82.129.222.1)
  138. FQDN: unknown | Session: (HELO ?113.162.101.78?) (113.162.101.78)
  139. FQDN: unknown | Session: (HELO MUQJYGPCBH) (121.130.145.243)
  140. FQDN: unknown | Session: (HELO 187-19-164-254-temp.static.brisanet.net.br) (187.19.164.254)
  141. FQDN: unknown | Session: (HELO ?205.201.149.56?) (205.201.149.56)
  142. FQDN: unknown | Session: (HELO ?117.218.71.93?) (117.218.71.93)
  143. FQDN: unknown | Session: (HELO servexchange.huglo-lepage.com) (81.255.80.193)
  144. FQDN: unknown | Session: (HELO ?119.195.219.132?) (119.195.219.132)
  145. FQDN: unknown | Session: (HELO ?201.251.91.101?) (201.251.91.101)
  146. FQDN: unknown | Session: (HELO NCXUAEY) (92.56.214.70)
  147. FQDN: unknown | Session: (HELO RXORHDM) (24.114.98.125)
  148. FQDN: unknown | Session: (HELO localhost) (113.184.73.67)
  149. FQDN: unknown | Session: (HELO aexp.com) (182.229.47.175)
  150. FQDN: unknown | Session: (HELO localhost) (113.189.106.130)
  151.  
  152. // 2. List of 134 IP Addresses (session base/not unique) with Success Relay Spam Malware
  153.  
  154. 109.228.72.151
  155. 92.103.44.112
  156. 41.221.29.38
  157. 41.249.67.22
  158. 105.224.90.36
  159. 85.132.57.50
  160. 42.113.40.211
  161. 90.206.238.255
  162. 87.238.105.205
  163. 190.21.163.4
  164. 86.47.53.42
  165. 176.42.96.76
  166. 62.1.46.12
  167. 79.159.181.79
  168. 71.6.111.34
  169. 66.63.69.26
  170. 1.54.240.239
  171. 190.190.196.103
  172. 113.172.105.76
  173. 14.47.238.211
  174. 197.155.140.130
  175. 190.82.83.98
  176. 78.94.74.96
  177. 79.109.232.90
  178. 200.114.223.50
  179. 83.99.38.205
  180. 69.129.183.234
  181. 58.177.202.202
  182. 210.64.55.245
  183. 23.25.95.101
  184. 109.164.236.147
  185. 105.224.111.249
  186. 80.7.141.200
  187. 89.106.110.99
  188. 14.162.160.131
  189. 111.248.116.210
  190. 124.80.45.30
  191. 123.16.131.243
  192. 86.171.56.89
  193. 116.226.24.104
  194. 179.32.248.54
  195. 190.210.26.113
  196. 184.173.82.213
  197. 50.22.40.226
  198. 190.21.163.4
  199. 86.47.53.42
  200. 176.42.96.76
  201. 62.1.46.12
  202. 79.159.181.79
  203. 71.6.111.34
  204. 66.63.69.26
  205. 1.54.240.239
  206. 109.184.228.134
  207. 190.190.196.103
  208. 67.223.13.64
  209. 109.190.52.100
  210. 58.177.202.202
  211. 41.224.167.244
  212. 96.54.161.154
  213. 174.127.126.2
  214. 195.242.232.122
  215. 68.213.79.187
  216. 82.127.139.233
  217. 139.55.242.25
  218. 113.170.25.97
  219. 83.61.81.204
  220. 216.68.130.22
  221. 220.241.219.141
  222. 85.43.248.89
  223. 190.40.214.13
  224. 179.176.97.77
  225. 14.165.147.163
  226. 91.187.92.207
  227. 173.161.174.69
  228. 94.90.121.36
  229. 209.91.139.250
  230. 98.64.206.175
  231. 24.249.49.137
  232. 189.111.113.46
  233. 115.78.114.177
  234. 118.200.233.105
  235. 74.214.235.177
  236. 165.146.237.85
  237. 84.92.51.83
  238. 61.70.220.59
  239. 213.163.172.193
  240. 186.67.71.101
  241. 201.240.6.190
  242. 76.65.166.54
  243. 123.241.200.147
  244. 94.99.76.81
  245. 218.103.126.124
  246. 2.90.39.32
  247. 62.0.111.29
  248. 213.156.200.225
  249. 175.136.243.201
  250. 217.128.77.127
  251. 181.21.134.155
  252. 200.31.65.170
  253. 220.246.68.109
  254. 177.100.38.254
  255. 46.27.6.4
  256. 201.249.204.194
  257. 195.208.179.19
  258. 77.86.92.34
  259. 177.126.207.6
  260. 97.79.49.98
  261. 113.189.81.133
  262. 124.137.227.254
  263. 180.43.69.69
  264. 103.9.88.146
  265. 212.34.12.20
  266. 95.181.56.74
  267. 183.100.213.187
  268. 190.141.53.97
  269. 92.85.195.181
  270. 177.1.109.148
  271. 90.148.30.158
  272. 46.40.51.79
  273. 117.5.135.201
  274. 82.129.222.1
  275. 113.162.101.78
  276. 121.130.145.243
  277. 187.19.164.254
  278. 205.201.149.56
  279. 117.218.71.93
  280. 81.255.80.193
  281. 119.195.219.132
  282. 201.251.91.101
  283. 92.56.214.70
  284. 24.114.98.125
  285. 113.184.73.67
  286. 182.229.47.175
  287. 113.189.106.130
  288.  
  289. // 3. GeoIP per IP address in CSV (SMTP session base/not unique)
  290.  
  291. IP Address, City, Region, Country Name, DMA Code
  292. 109.228.72.151, Podgorica, 00, Montenegro, 0
  293. 92.103.44.112, Paris, A8, France, 0
  294. 41.221.29.38, , , Algeria, 0
  295. 41.249.67.22, , , Morocco, 0
  296. 105.224.90.36, Cape Town, 11, South Africa, 0
  297. 85.132.57.50, , , Azerbaijan, 0
  298. 42.113.40.211, Hanoi, 44, Vietnam, 0
  299. 90.206.238.255, High Wycombe, B9, United Kingdom, 0
  300. 87.238.105.205, , , France, 0
  301. 190.21.163.4, , , Chile, 0
  302. 86.47.53.42, Dublin, 07, Ireland, 0
  303. 176.42.96.76, Istanbul, 34, Turkey, 0
  304. 62.1.46.12, , , Greece, 0
  305. 79.159.181.79, Malgrat De Mar, 56, Spain, 0
  306. 71.6.111.34, Modesto, CA, United States, 862
  307. 66.63.69.26, Biddeford, ME, United States, 500
  308. 1.54.240.239, Hanoi, 44, Vietnam, 0
  309. 190.190.196.103, Buenos Aires, 07, Argentina, 0
  310. 113.172.105.76, Hanoi, 44, Vietnam, 0
  311. 14.47.238.211, , , Korea Republic of, 0
  312. 197.155.140.130, , , Mali, 0
  313. 190.82.83.98, Santiago, 12, Chile, 0
  314. 78.94.74.96, Frankfurt Am Main, 05, Germany, 0
  315. 79.109.232.90, Inca, 07, Spain, 0
  316. 200.114.223.50, , , Argentina, 0
  317. 83.99.38.205, Dippach, 03, Luxembourg, 0
  318. 69.129.183.234, Appleton, WI, United States, 658
  319. 58.177.202.202, Central District, 00, Hong Kong, 0
  320. 210.64.55.245, Taipei, 03, Taiwan, 0
  321. 23.25.95.101, Pittsburgh, PA, United States, 508
  322. 109.164.236.147, Dudingen, 06, Switzerland, 0
  323. 105.224.111.249, Johannesburg, 06, South Africa, 0
  324. 80.7.141.200, , , United Kingdom, 0
  325. 89.106.110.99, , , Bulgaria, 0
  326. 14.162.160.131, Hanoi, 44, Vietnam, 0
  327. 111.248.116.210, , , Taiwan, 0
  328. 124.80.45.30, , , Korea Republic of, 0
  329. 123.16.131.243, Hanoi, 44, Vietnam, 0
  330. 86.171.56.89, , , United Kingdom, 0
  331. 116.226.24.104, Shanghai, 23, China, 0
  332. 179.32.248.54, Bogotá, 34, Colombia, 0
  333. 190.210.26.113, Buenos Aires, 07, Argentina, 0
  334. 184.173.82.213, Houston, TX, United States, 618
  335. 50.22.40.226, Dallas, TX, United States, 623
  336. 190.21.163.4, , , Chile, 0
  337. 86.47.53.42, Dublin, 07, Ireland, 0
  338. 176.42.96.76, Istanbul, 34, Turkey, 0
  339. 62.1.46.12, , , Greece, 0
  340. 79.159.181.79, Malgrat De Mar, 56, Spain, 0
  341. 71.6.111.34, Modesto, CA, United States, 862
  342. 66.63.69.26, Biddeford, ME, United States, 500
  343. 1.54.240.239, Hanoi, 44, Vietnam, 0
  344. 109.184.228.134, Nizhniy Novgorod, 51, Russian Federation, 0
  345. 190.190.196.103, Buenos Aires, 07, Argentina, 0
  346. 67.223.13.64, Bristol, TN, United States, 531
  347. 109.190.52.100, , , France, 0
  348. 58.177.202.202, Central District, 00, Hong Kong, 0
  349. 41.224.167.244, , , Tunisia, 0
  350. 96.54.161.154, , , Canada, 0
  351. 174.127.126.2, Providence, UT, United States, 770
  352. 195.242.232.122, Poznan, 86, Poland, 0
  353. 68.213.79.187, Jacksonville, FL, United States, 561
  354. 82.127.139.233, , , France, 0
  355. 139.55.242.25, Yutan, NE, United States, 652
  356. 113.170.25.97, Hanoi, 44, Vietnam, 0
  357. 83.61.81.204, , , Spain, 0
  358. 216.68.130.22, , , United States, 0
  359. 220.241.219.141, , , Hong Kong, 0
  360. 85.43.248.89, , , Italy, 0
  361. 190.40.214.13, Lima, 15, Peru, 0
  362. 179.176.97.77, , , Brazil, 0
  363. 14.165.147.163, Hanoi, 44, Vietnam, 0
  364. 91.187.92.207, Andorra La Vella, 07, Andorra, 0
  365. 173.161.174.69, Philadelphia, PA, United States, 504
  366. 94.90.121.36, Milan, 09, Italy, 0
  367. 209.91.139.250, Sudbury, ON, Canada, 0
  368. 98.64.206.175, Miami, FL, United States, 528
  369. 24.249.49.137, Hutchinson, KS, United States, 678
  370. 189.111.113.46, , , Brazil, 0
  371. 115.78.114.177, Ho Chi Minh City, 20, Vietnam, 0
  372. 118.200.233.105, Singapore, 00, Singapore, 0
  373. 74.214.235.177, Price, UT, United States, 770
  374. 165.146.237.85, , , South Africa, 0
  375. 84.92.51.83, , , United Kingdom, 0
  376. 61.70.220.59, , , Taiwan, 0
  377. 213.163.172.193, Courbevoie, A8, France, 0
  378. 186.67.71.101, Santiago, 12, Chile, 0
  379. 201.240.6.190, , , Peru, 0
  380. 76.65.166.54, , , Canada, 0
  381. 123.241.200.147, Taipei, 03, Taiwan, 0
  382. 94.99.76.81, Riyadh, 10, Saudi Arabia, 0
  383. 218.103.126.124, Central District, 00, Hong Kong, 0
  384. 2.90.39.32, Dammam, 06, Saudi Arabia, 0
  385. 62.0.111.29, , , Israel, 0
  386. 213.156.200.225, Samara, 65, Russian Federation, 0
  387. 175.136.243.201, Kuala Lumpur, 14, Malaysia, 0
  388. 217.128.77.127, , , France, 0
  389. 181.21.134.155, , , Argentina, 0
  390. 200.31.65.170, Bogotá, 34, Colombia, 0
  391. 220.246.68.109, Kwai Chung, 00, Hong Kong, 0
  392. 177.100.38.254, Brusque, 26, Brazil, 0
  393. 46.27.6.4, , , Spain, 0
  394. 201.249.204.194, , , Venezuela, 0
  395. 195.208.179.19, , , Russian Federation, 0
  396. 77.86.92.34, , , United Kingdom, 0
  397. 177.126.207.6, , , Brazil, 0
  398. 97.79.49.98, Bradenton, FL, United States, 539
  399. 113.189.81.133, Hanoi, 44, Vietnam, 0
  400. 124.137.227.254, , , Korea Republic of, 0
  401. 180.43.69.69, Osaka, , Japan, 0
  402. 103.9.88.146, Ulaanbaatar, 20, Mongolia, 0
  403. 212.34.12.20, Amman, 02, Jordan, 0
  404. 95.181.56.74, Kemerovo, 29, Russian Federation, 0
  405. 183.100.213.187, , , Korea Republic of, 0
  406. 190.141.53.97, Pueblo Nuevo, 02, Panama, 0
  407. 92.85.195.181, Chichis, 15, Romania, 0
  408. 177.1.109.148, , , Brazil, 0
  409. 90.148.30.158, , , Saudi Arabia, 0
  410. 46.40.51.79, Backa Topola, 00, Serbia, 0
  411. 117.5.135.201, Hanoi, 44, Vietnam, 0
  412. 82.129.222.1, , , Egypt, 0
  413. 113.162.101.78, Ninh Bình, 59, Vietnam, 0
  414. 121.130.145.243, , , Korea Republic of, 0
  415. 187.19.164.254, , , Brazil, 0
  416. 205.201.149.56, Tampa, FL, United States, 539
  417. 117.218.71.93, Kanchipuram, India, AS, 0
  418. 81.255.80.193, , France, EU, 0
  419. 119.195.219.132, , Korea Republic of, AS, 0
  420. 201.251.91.101, , Argentina, SA, 0
  421. 92.56.214.70, , Spain, EU, 0
  422. 24.114.98.125, Montréal, Canada, NA, 0
  423. 113.184.73.67, Dong Nai, Vietnam, AS, 0
  424. 182.229.47.175, Seoul, Korea Republic of, AS, 0
  425. 113.189.106.130, Hanoi, Vietnam, AS, 0
  426.  
  427. // 4. Reverse IP (session base/not unique) , ASN, Hoster, Network Prefix, ISP Name
  428.  
  429. 109.228.72.151|adsl-109-228-l2199.crnagora.net.|8585 | 109.228.64.0/18 | INTERNET | ME | TELEKOM.ME | CRNOGORSKI TELEKOM A.D.PODGORICA
  430. 92.103.44.112|reverse.completel.net.|12670 | 92.103.0.0/18 | AS | FR | COMPLETEL.NET | MONT DE MARSAN
  431. 41.221.29.38||36947 | 41.221.16.0/20 | ALGTEL | DZ | ALGERIETELECOM.DZ | TELECOM ALGERIA
  432. 41.249.67.22||6713 | 41.249.64.0/21 | IAM | MA | MAROCTELECOM.COM | OFFICE NATIONAL DES POSTES ET TELECOMMUNICATIONS ONPT (MAROC TELECOM)/IAM
  433. 105.224.90.36|ti-224-90-36.telkomadsl.co.za.|37457 | 105.224.0.0/16 | Telkom | ZA | TELKOM-IPNET.CO.ZA | TELKOM SA LTD.
  434. 85.132.57.50||29049 | 85.132.57.0/24 | DELTA-TELECOM | AZ | DELTA-TELECOM.NET | DELTA TELECOM LTD
  435. 42.113.40.211||18403 | 42.113.32.0/20 | FPT-AS | VN | FPT.COM.VN | FPT TELECOM COMPANY
  436. 90.206.238.255|5aceeeff.bb.sky.com.|5607 | 90.192.0.0/11 | BSKYB-BROADBAND | GB | EASYNET.COM | EASYNET LTD
  437. 87.238.105.205||25186 | 87.238.105.0/24 | TRANSIT-VPN | FR | SONEMA.COM | SONEMA
  438. 190.21.163.4|190-21-163-4.baf.movistar.cl.|7418 | 190.21.0.0/16 | TELEFモNICA | CL | TELEFONICACHILE.CL | TELEFONICA CHILE S.A.
  439. 86.47.53.42|mail.gcples.ie.|5466 | 86.40.0.0/13 | EIRCOM | IE | EIRCOM.NET | EIRCOM
  440. 176.42.96.76|host-176-42-96-76.reverse.superonline.net.|34984 | 176.42.96.0/20 | TELLCOM | TR | SUPERONLINE.NET | TELLCOM BUR-GANT-KOCA FIBER DYNAMIC
  441. 62.1.46.12|klntrm-fld-01.forthnet.gr.|1241 | 62.1.0.0/16 | FORTHNET | GR | FORTHNET.GR | KOLONOS DATACENTER
  442. 79.159.181.79|79.Red-79-159-181.staticIP.rima-tde.net.|3352 | 79.159.0.0/16 | TELEFONICA_DE_ESPANA | ES | TELEFONICA.COM | TELEFONICA DE ESPANA SAU
  443. 71.6.111.34|owa.themanorassn.com.|14265 | 71.6.96.0/20 | US-TELEPACIFIC | US | TELEPACIFIC.NET | THE MANOR ASSOCIATION
  444. 66.63.69.26|bb-66-63-69-26.static.gwi.net.|5760 | 66.63.64.0/20 | BIDDEFORD1 | US | GWI.NET | GREAT WORKS INTERNET
  445. 1.54.240.239||18403 | 1.54.240.0/20 | FPT-AS | VN | FPT.COM.VN | FPT TELECOM COMPANY
  446. 190.190.196.103|103-196-190-190.cab.prima.net.ar.|10481 | 190.190.192.0/19 | Prima | AR | PRIMA.COM.AR | PRIMA S.A.
  447. 113.172.105.76|localhost.|45899 | 113.172.96.0/19 | VNPT-AS | VN | VINAPHONE.COM.VN | 3G + GPRS VINAPHONE
  448. 14.47.238.211||4766 | 14.40.0.0/13 | KIXS-AS | KR | KT.COM | KOREA TELECOM
  449. 197.155.140.130||30985 | 197.155.128.0/18 | IKATELNET,M | ML | IKATELNET.NET | ORANGE MALI SA
  450. 190.82.83.98|190-82-83-98.static.tie.cl.|15311 | 190.82.64.0/19 | Telefonica | CL | - | IVERSIONES ALCA LTDA.
  451. 78.94.74.96|ip-78-94-74-96.unitymediagroup.de.|20825 | 78.94.0.0/17 | UNITYMEDIA | DE | UNITYMEDIA.DE | UNITYMEDIA NRW GMBH
  452. 79.109.232.90|79.109.232.90.dyn.user.ono.com.|6739 | 79.109.128.0/17 | ONO | ES | ONO.COM | RANGOS CABLEMODEMS
  453. 200.114.223.50|50-223-114-200.fibertel.com.ar.|10318 | 200.114.192.0/19 | CABLEVISION | AR | CABLEVISION.COM.AR | CABLEVISION S.A.
  454. 83.99.38.205|ip-83-99-38-205.dyn.luxdsl.pt.lu.|6661 | 83.99.0.0/17 | EPT | LU | PT.LU | ENTREPRISE DES POSTES ET TELECOMMUNICATIONS
  455. 69.129.183.234|h69-129-183-234.applwi.dedicated.static.tds.net.|4181 | 69.128.0.0/14 | TDS-AS | US | TDS.NET | INOMETA AKL FLEXO SYSTEMS
  456. 58.177.202.202|058177202202.ctinets.com.|9269 | 58.177.192.0/18 | HKBN-AS | HK | CTINETS.COM | SAN MIGUEL BREWERY HK LTD - CITIMARK PLAZA
  457. 210.64.55.245||4780 | 210.64.32.0/19 | SEEDNET | TW | DIGITALUNITED.COM | DIGITAL UNITED INC.
  458. 23.25.95.101|23-25-95-101-static.hfc.comcastbusiness.net.|7922 | 23.24.0.0/15 | COMCAST-7922 | US | COMCASTBUSINESS.NET | COMCAST BUSINESS COMMUNICATIONS LLC
  459. 109.164.236.147|cust.static.109-164-236-147.swisscomdata.ch.|3303 | 109.164.192.0/18 | SWISSCOM | CH | SWISSCOM.CH | SWISSCOM (SCHWEIZ) AG
  460. 105.224.111.249|ti-224-111-249.telkomadsl.co.za.|37457 | 105.224.0.0/16 | Telkom | ZA | TELKOM-IPNET.CO.ZA | TELKOM SA LTD.
  461. 80.7.141.200|cpc13-rdng22-2-0-cust455.15-3.cable.virginm.net.|5089 | 80.6.0.0/15 | NTL | GB | VIRGINMEDIA.COM | NTL INFRASTRUCTURE - OXFORD
  462. 89.106.110.99|vidin-110-99.vidaoptics.com.|42248 | 89.106.110.0/23 | VIDA | BG | VIDAOPTICS.COM | VIDA OPTICS TVV LTD.
  463. 14.162.160.131||45899 | 14.162.160.0/19 | VNPT-AS | VN | VNPT.COM.VN | VIETNAM POST AND TELECOM CORPORATION
  464. 111.248.116.210|111-248-116-210.dynamic.hinet.net.|3462 | 111.248.0.0/16 | HINET | TW | HINET.NET | DATA COMMUNICATION BUSINESS GROUP
  465. 124.80.45.30||17849 | 124.80.32.0/19 | GINAMHANVIT-AS | KR | - | HANVIT GINAM BROADCATING CO.
  466. 123.16.131.243|localhost.|45899 | 123.16.128.0/18 | VNPT-AS | VN | VNPT.COM.VN | VIETNAM POSTS AND TELECOMMUNICATIONS
  467. 86.171.56.89|host86-171-56-89.range86-171.btcentralplus.com.|2856 | 86.128.0.0/10 | BT-UK | GB | BT.COM | BT PUBLIC INTERNET SERVICE
  468. 116.226.24.104||4812 | 116.226.0.0/16 | CHINANET-SH | CN | CHINATELECOM.COM.CN | CHINANET SHANGHAI PROVINCE NETWORK
  469. 179.32.248.54||3816 | 179.32.240.0/20 | COLOMBIA | CO | TELEFONICA.CO | COLOMBIA TELECOMUNICACIONES S.A. ESP
  470. 190.210.26.113|customer-static-210-26-113.iplannetworks.net.|16814 | 190.210.24.0/22 | NSS | AR | NSS-SA.CO.ZA | NSS S.A.
  471. 184.173.82.213|energized.webserversystems.com.|36351 | 184.173.64.0/18 | SOFTLAYER | US | SOFTLAYER.COM | ABUSE ADMIN
  472. 50.22.40.226|sciolli.webserversystems.com.|36351 | 50.22.0.0/18 | SOFTLAYER | US | SOFTLAYER.COM | ABUSE ADMIN
  473. 190.21.163.4|190-21-163-4.baf.movistar.cl.|7418 | 190.21.0.0/16 | TELEFモNICA | CL | TELEFONICACHILE.CL | TELEFONICA CHILE S.A.
  474. 86.47.53.42|mail.gcples.ie.|5466 | 86.40.0.0/13 | EIRCOM | IE | EIRCOM.NET | EIRCOM
  475. 176.42.96.76|host-176-42-96-76.reverse.superonline.net.|34984 | 176.42.96.0/20 | TELLCOM | TR | SUPERONLINE.NET | TELLCOM BUR-GANT-KOCA FIBER DYNAMIC
  476. 62.1.46.12|klntrm-fld-01.forthnet.gr.|1241 | 62.1.0.0/16 | FORTHNET | GR | FORTHNET.GR | KOLONOS DATACENTER
  477. 79.159.181.79|79.Red-79-159-181.staticIP.rima-tde.net.|3352 | 79.159.0.0/16 | TELEFONICA_DE_ESPANA | ES | TELEFONICA.COM | TELEFONICA DE ESPANA SAU
  478. 71.6.111.34|owa.themanorassn.com.|14265 | 71.6.96.0/20 | US-TELEPACIFIC | US | TELEPACIFIC.NET | THE MANOR ASSOCIATION
  479. 66.63.69.26|bb-66-63-69-26.static.gwi.net.|5760 | 66.63.64.0/20 | BIDDEFORD1 | US | GWI.NET | GREAT WORKS INTERNET
  480. 1.54.240.239||18403 | 1.54.240.0/20 | FPT-AS | VN | FPT.COM.VN | FPT TELECOM COMPANY
  481. 109.184.228.134|109-184-228-134.dynamic.mts-nn.ru.|25405 | 109.184.0.0/16 | NMTS | RU | MTS-NN.RU | PPPOE CLIENTS TERMINATIONS IN
  482. 190.190.196.103|103-196-190-190.cab.prima.net.ar.|10481 | 190.190.192.0/19 | Prima | AR | PRIMA.COM.AR | PRIMA S.A.
  483. 67.223.13.64|fttu-67-223-13-64.btes.tv.|22051 | 67.223.13.0/24 | BTES-AS | US | BTES.TV | BRISTOL TENNESSEE ESSENTIAL SERVICES
  484. 109.190.52.100|100-52-190-109.dsl.ovh.fr.|35540 | 109.190.0.0/16 | OVH | FR | OVH.COM | OVH SAS
  485. 58.177.202.202|058177202202.ctinets.com.|9269 | 58.177.192.0/18 | HKBN-AS | HK | CTINETS.COM | SAN MIGUEL BREWERY HK LTD - CITIMARK PLAZA
  486. 41.224.167.244||37492 | 41.224.128.0/18 | ORANGE | TN | ATI.TN | AGENCE TUNISIENNE INTERNET - ATI
  487. 96.54.161.154||6327 | 96.54.0.0/16 | SHAW | CA | SHAWCABLE.NET | SHAW COMMUNICATIONS INC.
  488. 174.127.126.2|phnx.meatarsh.biz.|32780 | 174.127.120.0/21 | HOSTINGSERVICES-INC | US | MIDPHASE.COM | HOSTING SERVICES INC.
  489. 195.242.232.122|host-195.242.232.122.c3.net.pl.|50606 | 195.242.232.0/22 | PL-FUZ | PL | C3.NET.PL | DARIUSZ JAWORSKI FIRMA C3
  490. 68.213.79.187|adsl-068-213-079-187.sip.jax.bellsouth.net.|6389 | 68.213.64.0/20 | BELLSOUTH-NET-BLK | US | BELLSOUTH.NET | BELLSOUTH.NET INC.
  491. 82.127.139.233|LPuteaux-656-01-08-233.w82-127.abo.wanadoo.fr.|3215 | 82.127.0.0/16 | AS3215 | FR | ORANGE.COM | ORANGE S.A.
  492. 139.55.242.25|h25.242.55.139.static.ip.windstream.net.|7029 | 139.55.240.0/22 | WINDSTREAM | US | WINDSTREAM.NET | WINDSTREAM COMMUNICATIONS INC
  493. 113.170.25.97|localhost.|45899 | 113.170.0.0/19 | VNPT-AS | VN | VINAPHONE.COM.VN | 3G + GPRS VINAPHONE
  494. 83.61.81.204|204.Red-83-61-81.dynamicIP.rima-tde.net.|3352 | 83.61.0.0/16 | TELEFONICA_DE_ESPANA | ES | TELEFONICA.COM | TELEFONICA DE ESPANA SAU
  495. 216.68.130.22|Vogt-Warehouse-SharonRd.STATIC.fuse.net.|6181 | 216.68.0.0/16 | FUSE-NET | US | FUSE.NET | FUSE INTERNET ACCESS
  496. 220.241.219.141||4515 | 220.241.192.0/19 | ERX | HK | - | AKIN PROFESSIONALS LTD
  497. 85.43.248.89|host89-248-static.43-85-b.business.telecomitalia.it.|3269 | 85.43.0.0/16 | ASN | IT | TELECOMITALIA.IT | TELECOM ITALIA SPA
  498. 190.40.214.13||6147 | 190.40.0.0/16 | Telefonica | PE | SPEEDY.NET.PE | TDPERX5 LACNIC
  499. 179.176.97.77|179.176.97.77.dynamic.adsl.gvt.net.br.|18881 | 179.176.96.0/21 | Global | BR | GVT.NET.BR | GLOBAL VILLAGE TELECOM
  500. 14.165.147.163||45899 | 14.165.128.0/19 | VNPT-AS | VN | VNPT.COM.VN | VIETNAM POST AND TELECOM CORPORATION
  501. 91.187.92.207|m91-187-92-207.andorpac.ad.|6752 | 91.187.92.0/22 | ANDORRA | AD | ANDORPAC.AD | ANDORRA TELECOM
  502. 173.161.174.69|173-161-174-69-Philadelphia.hfc.comcastbusiness.net.|7922 | 173.160.0.0/13 | COMCAST-7922 | US | COMCASTBUSINESS.NET | COMCAST BUSINESS COMMUNICATIONS LLC
  503. 94.90.121.36|host36-121-static.90-94-b.business.telecomitalia.it.|3269 | 94.90.0.0/15 | ASN | IT | TELECOMITALIA.IT | AGENZIA STUDI E SERVIZI PER L'OCCUPAZIONE S.R.L.
  504. 209.91.139.250|static-pppoe-209-91-139-250.vianet.ca.|5690 | 209.91.128.0/18 | VIANET-NO | CA | VIANET.CA | VIANET
  505. 98.64.206.175|adsl-98-64-206-175.mia.bellsouth.net.|6389 | 98.64.0.0/16 | BELLSOUTH-NET-BLK | US | BELLSOUTH.NET | BELLSOUTH.NET INC.
  506. 24.249.49.137|wsip-24-249-49-137.ks.ks.cox.net.|22773 | 24.249.48.0/20 | ASN-CXA-ALL-CCI-2277 | US | COX.COM | COX COMMUNICATIONS
  507. 189.111.113.46|189-111-113-46.dsl.telesp.net.br.|27699 | 189.110.0.0/15 | TELEFヤNICA | BR | TELEFONICA.COM.BR | TELEFONICA BRASIL S.A
  508. 115.78.114.177|adsl.viettel.vn.|7552 | 115.78.112.0/20 | VIETEL-AS | VN | VIETTEL.VN | DAI IP SU DUNG CHO MANG KHACH HANG FTTH O HCMC
  509. 118.200.233.105|bb118-200-233-105.singnet.com.sg.|9506 | 118.200.0.0/16 | MAGIX-SG | SG | SINGNET.COM.SG | SINGNET PTE LTD
  510. 74.214.235.177|price-a2-occam-dsl-74-214-235-177.dynamic.etv.net.|36728 | 74.214.224.0/19 | EMERYTELCOM | US | EMERYTELCOM.COM | EMERY TELCOM
  511. 165.146.237.85|dsl-165-146-237-85.telkomadsl.co.za.|5713 | 165.146.0.0/16 | SAIX | ZA | TELKOM.CO.ZA | TELKOM SA LIMITED
  512. 84.92.51.83|pp01513573197.pndsl.co.uk.|6871 | 84.92.0.0/15 | PLUSNET | GB | PLUS.NET | PLUSNET PLC.
  513. 61.70.220.59|host-61-70-220-59.static.kbtelecom.net.|9416 | 61.70.128.0/17 | MULTIMEDIA-AS | TW | KBTELECOM.NET | HOSHIN MULTIMEDIA CENTER INC
  514. 213.163.172.193||20917 | 213.163.160.0/19 | KHEOPS-AUTONOMOUS | FR | KHEOPS.ORG | KHEOPS ORGANISATION
  515. 186.67.71.101||6471 | 186.67.0.0/17 | ENTEL | CL | ENTEL.CL | ENTEL CHILE S.A.
  516. 201.240.6.190|client-201.240.6.190.speedy.net.pe.|6147 | 201.240.0.0/18 | Telefonica | PE | SPEEDY.NET.PE | TDPERX9 LACNIC
  517. 76.65.166.54|bas1-montreal46-1279370806.dsl.bell.ca.|577 | 76.65.0.0/16 | BACOM | CA | BELL.CA | SYMPATICO HSE
  518. 123.241.200.147|123-241-200-147.nty.dynamic.tbcnet.net.tw.|4780 | 123.241.200.0/22 | SEEDNET | TW | TBC.US | TBC
  519. 94.99.76.81||25019 | 94.99.64.0/18 | SAUDINETSTC | SA | STC.COM.SA | SAUDINET SAUDI TELECOM COMPANY
  520. 218.103.126.124|124.126.103.218.static.netvigator.com.|4760 | 218.103.64.0/18 | HKTIMS | HK | PCCW.COM | PCCW LIMITED
  521. 2.90.39.32||25019 | 2.90.0.0/18 | SAUDINETSTC | SA | STC.COM.SA | SAUDINET SAUDI TELECOM COMPANY
  522. 62.0.111.29|TLV62-0-111-29.bb.netvision.net.il.|1680 | 62.0.0.0/16 | NV | IL | NETVISION.NET.IL | NV FIX IP
  523. 213.156.200.225|mail.haulmont.com.|13227 | 213.156.192.0/19 | KRAFT | RU | KRAFT-S.RU | KRAFT-S JSC.
  524. 175.136.243.201||4788 | 175.136.0.0/16 | TMNET-AS | MY | TM.NET.MY | TMNET
  525. 217.128.77.127|LMontsouris-656-01-144-127.w217-128.abo.wanadoo.fr.|3215 | 217.128.0.0/16 | AS3215 | FR | ORANGE.COM | ORANGE S.A.
  526. 181.21.134.155|181-21-134-155.speedy.com.ar.|22927 | 181.20.0.0/14 | Telefonica | AR | TELEFONICA.COM.AR | TELEFONICA DE ARGENTINA
  527. 200.31.65.170||27975 | 200.31.65.0/24 | SYNAPSIS | CO | - | CITIBANK COLOMBIA
  528. 220.246.68.109|109.68.246.220.static.netvigator.com.|4760 | 220.246.64.0/19 | HKTIMS | HK | PCCW.COM | PCCW LIMITED
  529. 177.100.38.254|177-100-38-254.viacaboip.com.br.|28281 | 177.100.38.0/23 | VCB | BR | VIACABOIP.COM.BR | VCB PROVEDOR DE ACESSO LTDA
  530. 46.27.6.4|static-4-6-27-46.ipcom.comunitel.net.|12357 | 46.24.0.0/14 | COMUNITEL | ES | VODAFONE.ES | VODAFONE ESPANA S.A.U.
  531. 201.249.204.194|201-249-204-194.estatic.cantv.net.|8048 | 201.249.0.0/16 | CANTV | VE | CANTV.NET | CANTV SERVICIOS VENEZUELA
  532. 195.208.179.19||56952 | 195.208.179.0/24 | DATATEH | RU | - | OOO DATATEH
  533. 77.86.92.34|adsl-77-86-92-34.karoo.kcom.com.|12390 | 77.86.0.0/17 | KINGSTON-UK | GB | KCOM.COM | KAROO ADSL
  534. 177.126.207.6|6.207.126.177.cpnet.com.br.|28224 | 177.126.192.0/20 | CPNET | BR | CPNET.COM.BR | CAPINZAL NET LTDA ME
  535. 97.79.49.98|rrcs-97-79-49-98.se.biz.rr.com.|33363 | 97.79.0.0/17 | BHN-TAMPA | US | TWCABLE.COM | TIME WARNER CABLE INTERNET LLC
  536. 113.189.81.133|localhost.|45899 | 113.189.64.0/19 | VNPT-AS | VN | VNPT.COM.VN | IP POOL ADSL TP HCM
  537. 124.137.227.254||18302 | 124.136.0.0/14 | SKG_NW-AS | KR | SKNETWORKS.COM | SK NETWORKS CO. LTD
  538. 180.43.69.69|p29069-ipngnfx01osakakita.osaka.ocn.ne.jp.|4713 | 180.0.0.0/10 | OCN | JP | OCN.NE.JP | OPEN COMPUTER NETWORK
  539. 103.9.88.146||58598 | 103.9.88.0/22 | COMTEL-NET | MN | COMTEL.MN | MONGOLIA
  540. 212.34.12.20||65536 | 212.34.12.0/24 | - | JO | JT.NET.JO | JORDAN TELECOMMUNICATIONS COMPANY
  541. 95.181.56.74|95-181-56-74.goodline.info.|39927 | 95.181.0.0/17 | ELIGHT | RU | ELTC.RU | E-LIGHT-TELECOM
  542. 183.100.213.187||4766 | 183.96.0.0/13 | KIXS-AS | KR | KT.COM | KOREA TELECOM
  543. 190.141.53.97|cpe-54e6fcc1dd55.cpe.cableonda.net.|18809 | 190.141.52.0/22 | Cable | PA | CABLEONDA.NET | CABLE ONDA
  544. 92.85.195.181||9050 | 92.85.0.0/16 | RTD | RO | ROMTELECOM.RO | ROMTELECOM S.A.
  545. 177.1.109.148|177-1-109-148.gnace702.dsl.brasiltelecom.net.br.|8167 | 177.1.64.0/18 | Brasil | BR | BRASILTELECOM.NET.BR | BRASIL TELECOM S/A - FILIAL DISTRITO FEDERAL
  546. 90.148.30.158|90.148.30.158.dynamic.saudi.net.sa.|25019 | 90.148.0.0/18 | SAUDINETSTC | SA | STC.COM.SA | SAUDINET SAUDI TELECOM COMPANY
  547. 46.40.51.79|79-51-40-46.dynamic.stcable.net.|41897 | 46.40.48.0/21 | SAT-TRAKT | RS | SATTRAKT.COM | SAT-TRAKT D.O.O.
  548. 117.5.135.201|localhost.|7552 | 117.5.128.0/20 | VIETEL-AS | VN | VIETTEL.VN | DAI IP CHO DICH VU ADSL TAI HCM
  549. 82.129.222.1||24835 | 82.129.192.0/19 | RAYA | EG | RAYACORP.COM | RAYA TELECOM
  550. 113.162.101.78||45899 | 113.162.96.0/19 | VNPT-AS | VN | VDC.VN | IP ADSL STATIC + CABLE TV VOIP VPN
  551. 121.130.145.243||4766 | 121.128.0.0/13 | KIXS-AS | KR | KT.COM | KOREA TELECOM
  552. 187.19.164.254|187-19-164-254-temp.static.brisanet.net.br.|28126 | 187.19.160.0/21 | BRISANET | BR | BRISANET.NET.BR | BRISANET SERVICOS DE TELECOMUNICACOES LTDA
  553. 205.201.149.56||21889 | 205.201.149.0/24 | RAPIDSYSTEMS | US | RAPIDSYS.COM | RAPID SYSTEMS INC.
  554. 117.218.71.93||9829 | 117.218.64.0/20 | BSNL | IN | BSNL.IN | BROADBAND MULTIPLAY PROJECT
  555. 81.255.80.193|servexchange.huglo-lepage.com.| 3215 | 81.255.0.0/16 | AS3215 | FR | ORANGE.COM | ORANGE S.A.
  556. 119.195.219.132|| 4766 | 119.192.0.0/13 | KIXS-AS | KR | KT.COM | KOREA TELECOM
  557. 201.251.91.101|| 22927 | 201.251.64.0/18 | Telefonica | AR | TELEFONICA.COM.AR | TELEFONICA DE ARGENTINA
  558. 92.56.214.70|| 12479 | 92.56.208.0/21 | UNI2 | ES | ORANGE.ES | FRANCE TELECOM ESPANA S.A
  559. 24.114.98.125|| 812 | 24.114.0.0/16 | ROGERS-CABLE | CA | ROGERS.COM | ROGERS CABLE COMMUNICATIONS INC.
  560. 113.184.73.67|localhost.| 45899 | 113.184.64.0/19 | VNPT-AS | VN | VNPT.COM.VN | IP POOL ADSL DONG NAI
  561. 182.229.47.175|| 17858 | 182.228.0.0/14 | KRNIC-ASBLOCK | KR | POWERCOMM.COM | LG POWERCOMM
  562. 113.189.106.130|localhost.| 45899 | 113.189.96.0/19 | VNPT-AS | VN | VNPT.COM.VN | IP POOL ADSL TP HCM
  563.  
  564. // 5. Spambot IP UP Status per 2014-05-02 16:45 JST
  565. // 134 IP addresses (45 hosts up) scanned in 51.05 seconds
  566.  
  567. 41.221.29.38
  568. 85.132.57.50
  569. mail.gcples.ie (86.47.53.42)
  570. 197.155.140.130
  571. 190-82-83-98.static.tie.cl (190.82.83.98)
  572. ip-83-99-38-205.dyn.luxdsl.pt.lu (83.99.38.205)
  573. h69-129-183-234.applwi.dedicated.static.tds.net (69.129.183.234)
  574. 058177202202.ctinets.com (58.177.202.202)
  575. 210.64.55.245
  576. 14.162.160.131
  577. 111-248-116-210.dynamic.hinet.net (111.248.116.210)
  578. customer-static-210-26-113.iplannetworks.net (190.210.26.113)
  579. energized.webserversystems.com (184.173.82.213)
  580. sciolli.webserversystems.com (50.22.40.226)
  581. mail.gcples.ie (86.47.53.42)
  582. 058177202202.ctinets.com (58.177.202.202)
  583. host-195.242.232.122.c3.net.pl (195.242.232.122)
  584. h25.242.55.139.static.ip.windstream.net (139.55.242.25)
  585. 190.40.214.13
  586. m91-187-92-207.andorpac.ad (91.187.92.207)
  587. 173-161-174-69-Philadelphia.hfc.comcastbusiness.net (173.161.174.69)
  588. host36-121-static.90-94-b.business.telecomitalia.it (94.90.121.36)
  589. adsl-98-64-206-175.mia.bellsouth.net (98.64.206.175)
  590. bb118-200-233-105.singnet.com.sg (118.200.233.105)
  591. price-a2-occam-dsl-74-214-235-177.dynamic.etv.net (74.214.235.177)
  592. dsl-165-146-237-85.telkomadsl.co.za (165.146.237.85)
  593. 213.163.172.193
  594. client-201.240.6.190.speedy.net.pe (201.240.6.190)
  595. 124.126.103.218.static.netvigator.com (218.103.126.124)
  596. mail.haulmont.com (213.156.200.225)
  597. 175.136.243.201
  598. 181-21-134-155.speedy.com.ar (181.21.134.155)
  599. 200.31.65.170
  600. 201-249-204-194.estatic.cantv.net (201.249.204.194)
  601. 6.207.126.177.cpnet.com.br (177.126.207.6)
  602. 124.137.227.254
  603. 103.9.88.146
  604. 177-1-109-148.gnace702.dsl.brasiltelecom.net.br (177.1.109.148)
  605. 82.129.222.1
  606. 121.130.145.243
  607. 119.195.219.132
  608. 201.251.91.101
  609. localhost (113.184.73.67)
  610. 182.229.47.175
  611. localhost (113.189.106.130)
  612.  
  613. // 6. Ten (10) spambot IPs with more than one attempt to send malware spam campaign
  614. // Format: IP Address, City, Country Name, Continent, ASN, PREFIX, AS Name, CountryCode, ISP, ISP Name
  615.  
  616. 66.63.69.26, Biddeford, United States, NA, 5760 , 66.63.64.0/20 , BIDDEFORD1 , US , GWI.NET , GREAT WORKS INTERNET
  617. 71.6.111.34, Modesto, United States, NA, 14265 , 71.6.96.0/20 , US-TELEPACIFIC , US , TELEPACIFIC.NET , THE MANOR ASSOCIATION
  618. 1.54.240.239, Hanoi, Vietnam, 18403 , 1.54.240.0/20 , FPT-AS , VN , FPT.COM.VN , FPT TELECOM COMPANY
  619. 176.42.96.76, Istanbul, Turkey, EU, 34984 , 176.42.96.0/20 , TELLCOM , TR , SUPERONLINE.NET , TELLCOM BUR-GANT-KOCA FIBER DYNAMIC
  620. 190.190.196.103, Buenos Aires, Argentina, SA, 10481 , 190.190.192.0/19 , Prima , AR , PRIMA.COM.AR , PRIMA S.A.
  621. 190.21.163.4, , Chile, SA, 7418 , 190.21.0.0/16 , TELEFONICA , CL , TELEFONICACHILE.CL , TELEFONICA CHILE S.A.
  622. 58.177.202.202, Central District, Hong Kong, AS, 9269 , 58.177.192.0/18 , HKBN-AS , HK , CTINETS.COM , SAN MIGUEL BREWERY HK LTD - CITIMARK PLAZA
  623. 62.1.46.12, , Greece, EU, 1241 , 62.1.0.0/16 , FORTHNET , GR , FORTHNET.GR , KOLONOS DATACENTER
  624. 79.159.181.79, Malgrat De Mar, Spain, EU, 3352 , 79.159.0.0/16 , TELEFONICA_DE_ESPANA , ES , TELEFONICA.COM , TELEFONICA DE ESPANA SAU
  625. 86.47.53.42, Dublin, Ireland, EU, 5466 , 86.40.0.0/13 , EIRCOM , IE , EIRCOM.NET , EIRCOM
  626.  
  627. ---
  628. #MalwareMustDie!
  629. Report compiled by @unixfreaxjp
  630. *) Tools used will not published openly for security purpose
  631. *) Last Updated: Fri May 2 17:04:58 JST 2014
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement