Proxy Attack Summaries 2013/10/24 thru 2013/10/31

Sorted by Total Connections From Source Network

Sorted by Total Connections From Source Country

Counts by fetch target URL - sorted by URL in rev. domain order.

Sorted by Source Network Range

Source Network	Registered owner	Local Target IP or range	Target Ports
54.212.0.0 - 54.213.255.255	Amazon.com, Inc. Seattle, WA, US	attacked 132.235.1.249	for ports 21x2
71.91.112.0 - 71.91.127.255	Charter Communications St. Louis, MO, US	attacked MULTIPLE-IPs	for ports 111 465 2401
76.72.160.0 - 76.72.175.255	Database by Design, LLC Philadelphia, PA, US	attacked 132.235.1.249	for ports 21
85.114.128.0 - 85.114.135.255	fast IT Colocation DE	attacked MULTIPLE-IPs	for ports 80x11
88.80.9.0 - 88.80.10.255	prq Inet POP STH0 Co-located customer servers SE	attacked MULTIPLE-IPs	for ports 80x2301
92.240.68.0 - 92.240.69.255	Institute of Mathematics and Computer Science of University of Latvia IMCS UL Raina bulvaris 29 LV-1459 Riga LATVIA LV	attacked MULTIPLE-IPs	for ports 80x10
115.24.160.0 - 115.24.175.255	~{:S119$R54sQ'~} Hebei University of Technology Tianjin 300130, China CN	attacked MULTIPLE-IPS	for ports 80x3
118.186.0.0 - 118.186.255.255	Beijing Neteon Tech Co, Ltd. 306,Ideal Building three layers,111 zhichun Road, CN	attacked MULTIPLE-IPs	for ports 80x18
125.36.0.0 - 125.39.255.255	China Unicom Tianjin province network China Unicom CN	attacked 132.235.3.154	for ports 80
146.185.246.0 - 146.185.247.255	Unikalnie Technologii ltd. Russia, Saint-petersburg, Bolshoy Smolenskiy prospekt 6, office 335. RU	attacked MULTIPLE-IPs	for ports 80x23
183.0.0.0 - 183.63.255.255	CHINANET Guangdong province network Data Communication Division CN	attacked MULTIPLE-IPS	for ports 80x5
212.250.127.0 - 212.250.127.127	OBJECT POWER LTD GB	attacked 132.235.3.154	for ports 80x2

Sorted By Total Connections From Source Network

Count	Source Network	Registered Owner	Local Target IP or Range	Target Ports
1	76.72.160.0 - 76.72.175.255	Database by Design, LLC Philadelphia, PA, US	attacked 132.235.1.249	for ports 21
1	125.36.0.0 - 125.39.255.255	China Unicom Tianjin province network China Unicom CN	attacked 132.235.3.154	for ports 80
2	54.212.0.0 - 54.213.255.255	Amazon.com, Inc. Seattle, WA, US	attacked 132.235.1.249	for ports 21x2
2	212.250.127.0 - 212.250.127.127	OBJECT POWER LTD GB	attacked 132.235.3.154	for ports 80x2
3	71.91.112.0 - 71.91.127.255	Charter Communications St. Louis, MO, US	attacked MULTIPLE-IPs	for ports 111 465 2401
3	115.24.160.0 - 115.24.175.255	~{:S119$R54sQ'~} Hebei University of Technology Tianjin 300130, China CN	attacked MULTIPLE-IPS	for ports 80x3
5	183.0.0.0 - 183.63.255.255	CHINANET Guangdong province network Data Communication Division CN	attacked MULTIPLE-IPS	for ports 80x5
10	92.240.68.0 - 92.240.69.255	Institute of Mathematics and Computer Science of University of Latvia IMCS UL Raina bulvaris 29 LV-1459 Riga LATVIA LV	attacked MULTIPLE-IPs	for ports 80x10
11	85.114.128.0 - 85.114.135.255	fast IT Colocation DE	attacked MULTIPLE-IPs	for ports 80x11
18	118.186.0.0 - 118.186.255.255	Beijing Neteon Tech Co, Ltd. 306,Ideal Building three layers,111 zhichun Road, CN	attacked MULTIPLE-IPs	for ports 80x18
23	146.185.246.0 - 146.185.247.255	Unikalnie Technologii ltd. Russia, Saint-petersburg, Bolshoy Smolenskiy prospekt 6, office 335. RU	attacked MULTIPLE-IPs	for ports 80x23
2301	88.80.9.0 - 88.80.10.255	prq Inet POP STH0 Co-located customer servers SE	attacked MULTIPLE-IPs	for ports 80x2301

Summarized By Source Country

Source Country	Local Target IP or Range	Target Ports
CN	attacked MULTIPLE-IPs	for ports 80x27
DE	attacked MULTIPLE-IPs	for ports 80x11
GB	attacked 132.235.3.154	for ports 80x2
LV	attacked MULTIPLE-IPs	for ports 80x10
RU	attacked MULTIPLE-IPs	for ports 80x23
SE	attacked MULTIPLE-IPs	for ports 80x2301
US	attacked MULTIPLE-IPs	for ports 21x3 111 465 2401

Summarized By Source Country

Total Connection Counts	Source Country	Local Target IP or Range	Target Ports
2	GB	attacked 132.235.3.154	for ports 80x2
6	US	attacked MULTIPLE-IPs	for ports 21x3 111 465 2401
10	LV	attacked MULTIPLE-IPs	for ports 80x10
11	DE	attacked MULTIPLE-IPs	for ports 80x11
23	RU	attacked MULTIPLE-IPs	for ports 80x23
27	CN	attacked MULTIPLE-IPs	for ports 80x27
2301	SE	attacked MULTIPLE-IPs	for ports 80x2301

Summarized By Target URL to Fetch - sorted by attempts made

Count	Target host name	GET/PUT/etc	Target URL to Fetch

1	2.imimg.com	GET	http://2.imimg.com : /data2/QJ/MM/MY-3533669/hobby-500tg-250x250.jpg
1	images4.byinter.net	GET	http://images4.byinter.net/IMG2211668.gif
1	images4.byinter.net	GET	http://images4.byinter.net/img-576.jpg
1	jeb.biologists.org	GET	http://jeb.biologists.org : /content/213/23/4043/F5.large.jpg
1	othersounds.sg	GET	http://othersounds.sg : /wp-content/uploads/2013/07/good-vibes-poster.png
1	radiohead1.tripod.com	GET	http://radiohead1.tripod.com : /disc/album/scan/bendsback.jpg
1	temp.carpanic.com	GET	http://temp.carpanic.com/ping.php
1	www.bonheurdeschiens.fr	GET	http://www.bonheurdeschiens.fr : /910-home/copeaux-de-lieges.jpg
1	www.gihealth.com	GET	http://www.gihealth.com : /images/imgSwallowing.gif
1	www.producciondemoda.net	GET	http://www.producciondemoda.net : /files/2010/10/milanasweaters_0003.jpg
1	www.sculpturegallery.com	GET	http://www.sculpturegallery.com : /italy_2/bias_3.jpg
2	the-proxy-list.com	GET	http://the-proxy-list.com/files/check.php?k=Hfk0UMwSqVU3+v883JCpfg==
2	webmail.nyc.rr.com	GET	http://webmail.nyc.rr.com/
3	proxyjudge3.proxyfire.net	GET	http://proxyjudge3.proxyfire.net/fastenv
4	www.sciencedirect.com	GET	http://www.sciencedirect.com/science/books/a/fulltext
5	tcpconn2.tencent.com:443	CONNECT	tcpconn2.tencent.com:443
7	www.ya.ru	GET	http://www.ya.ru/
11	btc-e.com	GET	/
16	www.alexa.com	GET	http://www.alexa.com/
18	www.sciencedirect.com	GET	http://www.sciencedirect.com/science/browse
2301	spam-chaos.com	GET	http://spam-chaos.com/pp/set-cookie.php

Summarized By Target URL to Fetch - sorted in reverse domain order

Target host name	Count	GET/PUT/etc	Target URL to Fetch

2.imimg.com	1	GET	http://2.imimg.com : /data2/QJ/MM/MY-3533669/hobby-500tg-250x250.jpg
btc-e.com	11	GET	/
images4.byinter.net	1	GET	http://images4.byinter.net/IMG2211668.gif
images4.byinter.net	1	GET	http://images4.byinter.net/img-576.jpg
jeb.biologists.org	1	GET	http://jeb.biologists.org : /content/213/23/4043/F5.large.jpg
othersounds.sg	1	GET	http://othersounds.sg : /wp-content/uploads/2013/07/good-vibes-poster.png
proxyjudge3.proxyfire.net	3	GET	http://proxyjudge3.proxyfire.net/fastenv
radiohead1.tripod.com	1	GET	http://radiohead1.tripod.com : /disc/album/scan/bendsback.jpg
spam-chaos.com	2301	GET	http://spam-chaos.com/pp/set-cookie.php
tcpconn2.tencent.com:443	5	CONNECT	tcpconn2.tencent.com:443
temp.carpanic.com	1	GET	http://temp.carpanic.com/ping.php
the-proxy-list.com	2	GET	http://the-proxy-list.com/files/check.php?k=Hfk0UMwSqVU3+v883JCpfg==
webmail.nyc.rr.com	2	GET	http://webmail.nyc.rr.com/
www.alexa.com	16	GET	http://www.alexa.com/
www.bonheurdeschiens.fr	1	GET	http://www.bonheurdeschiens.fr : /910-home/copeaux-de-lieges.jpg
www.gihealth.com	1	GET	http://www.gihealth.com : /images/imgSwallowing.gif
www.producciondemoda.net	1	GET	http://www.producciondemoda.net : /files/2010/10/milanasweaters_0003.jpg
www.sciencedirect.com	4	GET	http://www.sciencedirect.com/science/books/a/fulltext
www.sciencedirect.com	18	GET	http://www.sciencedirect.com/science/browse
www.sculpturegallery.com	1	GET	http://www.sculpturegallery.com : /italy_2/bias_3.jpg
www.ya.ru	7	GET	http://www.ya.ru/