Some Website Changes thanks to Botnets

Lately I’ve been getting tons and tons of login attempts from what appear to be botnets.  Since I’m getting tired of banning the IPs individually, I’m temporary taking to banning entire countries and ISP’s from hitting my blog.  If you’re in that group, sorry guys.  Take it up with your ISP.

Here are some stats I’ve been gathering.

IP Addresses Grouped by ISPs

217.16.9.99 ab connect
174.142.104.207 angmalta.net ltd.
80.97.64.148 astral telecom sa
79.182.60.204 bezeq international-ltd
112.196.2.36 chandigarh
60.12.119.200 china unicom zhejiang province network
14.147.73.105 chinanet guangdong province network
216.222.148.52 chl
119.82.71.107 citycom networks pvt ltd
69.64.65.10 codero
203.195.184.151 comsenz technology ltd
88.190.45.37 dedibox sas
177.70.21.29 desenvolve solucoes de internet ltda
176.9.195.105 desokey mohamed hassan centerarabs
66.147.235.81 dotblock.com
166.63.127.244 ecommerce corporation
122.213.243.131 erfahren co. ltd.
198.50.112.114 faan international
50.7.139.53 fdcservers.net
87.255.57.169 fiberring b.v.
42.62.24.250 forest eternal communication tech. co.ltd
216.98.196.14 forethought.net
42.112.19.220 fpt telecom company
117.18.73.66 gigahost limited
67.215.7.226 globotech communications
188.121.62.249 go daddy netherlands b.v.
118.139.162.178 godaddy.com
50.62.41.168 godaddy.com llc
50.63.57.211 godaddy.com llc
50.63.85.76 godaddy.com llc
50.63.130.155 godaddy.com llc
50.63.141.164 godaddy.com llc
97.74.127.145 godaddy.com llc
184.168.109.23 godaddy.com llc
184.168.112.26 godaddy.com llc
188.64.170.221 h1 llc
188.64.171.181 h1 llc
5.9.121.109 hetzner online ag
46.4.20.133 hetzner online ag
221.132.33.175 ho chi minh city post and telecom company
69.28.199.40 host papa inc.
184.171.240.27 hostdime.com inc
69.85.84.194 hostigation
82.145.45.104 iomart hosting limited
182.18.175.246 ip pool for ctrls
212.112.232.106 ipx server gmbh
195.93.180.34 itsoft ltd
64.15.138.14 iweb dedicated cl
46.165.206.78 leaseweb germany gmbh
64.31.25.60 limestone networks inc
173.255.217.143 linode
106.187.47.170 linode llc
188.191.53.8 lubos hutar
64.202.240.136 mainstream consulting group inc
64.207.147.191 media temple inc
70.32.107.181 media temple inc
205.186.142.240 media temple inc.
216.70.68.242 media temple inc.
89.200.138.207 memset ltd
85.112.29.210 nap de las americas-madrid s.a.
212.82.217.9 neocom-service isp
69.163.164.235 new dream network llc
85.204.118.142 nixway srl
41.190.76.5 onesolutions
125.253.118.46 online data services jsc
212.83.164.81 online s.a.s.
88.151.245.66 openminds bvba
142.4.208.97 ovh hosting inc
5.39.106.19 ovh sas
5.135.165.206 ovh sas
5.135.188.80 ovh sas
37.59.29.48 ovh sas
37.59.35.4 ovh sas
37.187.67.49 ovh sas
46.105.105.58 ovh sas
91.121.86.86 ovh sas
188.165.202.118 ovh sas
162.211.82.114 privatesystems networks
83.96.132.85 proserve b.v.
210.210.178.20 pt. cyberindo aditama
112.78.44.28 pt. des teknologi informasi
31.210.117.13 radore veri merkezi hizmetleri a.s.
82.79.27.158 rcs & rds business
185.9.157.31 salay telekomunikasyon ticaret limited sirketi
89.47.253.2 sc eurosistem srl
46.102.232.243 sc webfactor srl
64.34.173.227 serverbeach
31.24.36.35 serverspace limited
69.175.111.218 singlehop inc
108.178.57.146 singlehop inc
173.236.21.58 singlehop inc
91.189.219.107 skyware sp. z o.o.
190.107.177.102 soc. comercial wirenet chile ltda.
108.59.252.133 softcom america inc.
108.59.254.26 softcom america inc.
50.97.138.111 softlayer technologies inc
85.214.27.40 strato ag
85.214.64.100 strato ag
85.214.153.62 strato ag
46.235.9.199 teknik data internet teknolojileri san.tic.ltd. sti
37.205.32.122 tolvu- og rafeindapjonusta sudurlands ehf
95.0.26.85 turk telekomunikasyon anonim sirketi
123.30.208.178 vietnam data communication company
222.255.29.39 vietnam data communication company
37.122.210.63 webfusion internet solutions
91.109.3.166 webfusion internet solutions
212.48.67.110 webfusion internet solutions
192.254.202.144 websitewelcome.com
62.212.130.150 xenosite b.v.

As you can see, I get a bunch from Godaddy and French ISP Ovh.  I’ve also banned Godaddy IP’s, Ovh, and Media Temple.  I’ll be adding others once I find all of their allocated net ranges.

For reference, here’s a copy of my current list along with attempts:

IPs Attempts
106.187.47.170 34
108.59.252.133 26
118.139.162.178 20
122.213.243.131 1
123.30.208.178 3
142.4.208.97 12
162.211.82.114 1
166.63.127.244 63
174.142.104.207 1
182.18.175.246 8
184.168.109.23 16
184.168.112.26 23
185.9.157.31 26
188.121.62.249 43
188.165.202.118 12
188.191.53.8 3
188.64.170.221 232
188.64.171.181 5
190.107.177.102 13
195.93.180.34 34
198.50.112.114 52
203.195.184.151 53
205.186.142.240 43
210.210.178.20 87
212.112.232.106 1
212.48.67.110 4
216.222.148.52 1
216.70.68.242 12
216.98.196.14 1
221.132.33.175 1
222.255.29.39 18
31.210.117.13 1
37.122.210.63 6
37.205.32.122 33
37.59.29.48 81
37.59.35.4 27
41.190.76.5 14
42.62.24.250 6
46.102.232.243 9
46.105.105.58 28
46.165.206.78 112
46.235.9.199 18
46.4.20.133 3
5.135.165.206 180
5.135.188.80 6
5.39.106.19 46
5.9.121.109 61
50.62.41.168 7
50.63.130.155 19
50.63.141.164 13
50.97.138.111 2
60.12.119.200 32
62.212.130.150 24
64.202.240.136 48
64.207.147.191 13
64.31.25.60 83
64.34.173.227 244
66.147.235.81 39
67.215.7.226 19
69.175.111.218 1
69.64.65.10 3
70.32.107.181 1
80.97.64.148 4
82.145.45.104 8
83.96.132.85 46
85.112.29.210 58
85.204.118.142 1
85.214.153.62 4
85.214.64.100 27
87.255.57.169 175
88.190.45.37 1
89.200.138.207 1
89.47.253.2 58
91.109.3.166 2
95.0.26.85 20
97.74.127.145 36
Total Attempts: 2469

Guess I should be flattered that I’m getting all of this “attention” 🙂

Leave a Reply