Proxy Attack Summaries 2015/08/01 thru 2015/08/31

Sorted by Source Network Range
Sorted by Total Connections From Source Network
Sorted by Source Country
Sorted by Total Connections From Source Country
Counts by fetch target URL.
Counts by fetch target URL - sorted by URL in rev. domain order.

Sorted by Source Network Range


Source Network Registered owner Local Target IP or range Target Ports
5.34.32.72 - 5.34.32.72 undefined ?? attacked MULTIPLE-IPs for ports 25x3 6000 23x6 80 53x2 993 114
23.94.0.0 - 23.95.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x20 993x6 53x11 25x12 23x10 465x3 6000
49.144.0.0 - 49.151.255.255 IPG PH attacked MULTIPLE-IPS for ports 80x41
54.176.0.0 - 54.191.255.255 Amazon Technologies Inc. Seattle, WA, US attacked MULTIPLE-IPS for ports 80x6
58.17.0.0 - 58.17.127.255 undefined ?? attacked MULTIPLE-IPs for ports 80x24 21x10 993x12 3306x10 23x6 25x3 6000 465
107.170.0.0 - 107.170.255.255 Digital Ocean, Inc. New York, NY, US attacked MULTIPLE-IPS for ports 80x4
111.192.0.0 - 111.207.255.255 China Unicom Beijing province network CN attacked 132.235.1.2 for ports 80
113.53.0.0 - 113.53.255.255 TOT Public Company Limited 89/2 Moo 3, Chaengwattana Rd, Tungsonghong, Laksi, Bangkok TH attacked MULTIPLE-IPS for ports 80x11
114.160.0.0 - 114.191.255.255 NTT Communications Corporation 1-6 Uchisaiwai-cho 1-chome Chiyoda-ku, Tokyo 100-8019 Japan JP attacked MULTIPLE-IPs for ports 80x19
119.94.96.0 - 119.94.127.255 PLDT_CDOHME60i01_DHCP PH attacked MULTIPLE-IPs for ports 80x12
121.40.0.0 - 121.43.255.255 Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN attacked MULTIPLE-IPs for ports 80x6 53x3
123.16.0.0 - 123.31.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x89 21 23x4 465 6000 25x3 53x2 993
180.96.0.0 - 180.127.255.255 Chinanet Jiangsu Province Network China Telecom No.31,jingrong street CN attacked MULTIPLE-IPS for ports 80x4 10080x2
183.64.0.0 - 183.71.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x2 53x2 25 993
191.32/14 undefined ?? attacked MULTIPLE-IPs for ports 80x8 23x4 993 25x2 53x2
219.148.0.0 - 219.148.159.255 CHINANET hebei province network China Telecom No.31,jingrong street CN attacked MULTIPLE-IPs for ports 995x7 53x6 79x2 21x4 32780x9 32778x9 32790x4 515x13 32775x37 32786x18 32776x9 111x44 4045x51 32774x13 7100x36 6000x18 993x22 32779x11 32794x8 5432x2 32781x4 631x4 636x5 465x2 32782x8
222.184.0.0 - 222.191.255.255 CHINANET jiangsu province network China Telecom A12,Xin-Jie-Kou-Wai Street CN attacked MULTIPLE-IPS for ports 80x35
222.254.0.0 - 222.254.63.255 Ha Noi Post and Telecom Company VietNam Post and Telecom Corporation (VNPT) VNPT-AS-AP VietNam Post and Telecom Corporation (VNPT) VN attacked MULTIPLE-IPS for ports 80x12

Sorted By Total Connections From Source Network

Count Source Network Registered Owner Local Target IP or Range Target Ports
1 111.192.0.0 - 111.207.255.255 China Unicom Beijing province network CN attacked 132.235.1.2 for ports 80
4 107.170.0.0 - 107.170.255.255 Digital Ocean, Inc. New York, NY, US attacked MULTIPLE-IPS for ports 80x4
6 54.176.0.0 - 54.191.255.255 Amazon Technologies Inc. Seattle, WA, US attacked MULTIPLE-IPS for ports 80x6
6 180.96.0.0 - 180.127.255.255 Chinanet Jiangsu Province Network China Telecom No.31,jingrong street CN attacked MULTIPLE-IPS for ports 80x4 10080x2
6 183.64.0.0 - 183.71.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x2 53x2 25 993
9 121.40.0.0 - 121.43.255.255 Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN attacked MULTIPLE-IPs for ports 80x6 53x3
11 113.53.0.0 - 113.53.255.255 TOT Public Company Limited 89/2 Moo 3, Chaengwattana Rd, Tungsonghong, Laksi, Bangkok TH attacked MULTIPLE-IPS for ports 80x11
12 119.94.96.0 - 119.94.127.255 PLDT_CDOHME60i01_DHCP PH attacked MULTIPLE-IPs for ports 80x12
12 222.254.0.0 - 222.254.63.255 Ha Noi Post and Telecom Company VietNam Post and Telecom Corporation (VNPT) VNPT-AS-AP VietNam Post and Telecom Corporation (VNPT) VN attacked MULTIPLE-IPS for ports 80x12
15 5.34.32.72 - 5.34.32.72 undefined ?? attacked MULTIPLE-IPs for ports 25x3 6000 23x6 80 53x2 993 114
17 191.32/14 undefined ?? attacked MULTIPLE-IPs for ports 80x8 23x4 993 25x2 53x2
19 114.160.0.0 - 114.191.255.255 NTT Communications Corporation 1-6 Uchisaiwai-cho 1-chome Chiyoda-ku, Tokyo 100-8019 Japan JP attacked MULTIPLE-IPs for ports 80x19
35 222.184.0.0 - 222.191.255.255 CHINANET jiangsu province network China Telecom A12,Xin-Jie-Kou-Wai Street CN attacked MULTIPLE-IPS for ports 80x35
41 49.144.0.0 - 49.151.255.255 IPG PH attacked MULTIPLE-IPS for ports 80x41
63 23.94.0.0 - 23.95.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x20 993x6 53x11 25x12 23x10 465x3 6000
67 58.17.0.0 - 58.17.127.255 undefined ?? attacked MULTIPLE-IPs for ports 80x24 21x10 993x12 3306x10 23x6 25x3 6000 465
102 123.16.0.0 - 123.31.255.255 undefined ?? attacked MULTIPLE-IPs for ports 80x89 21 23x4 465 6000 25x3 53x2 993
346 219.148.0.0 - 219.148.159.255 CHINANET hebei province network China Telecom No.31,jingrong street CN attacked MULTIPLE-IPs for ports 995x7 53x6 79x2 21x4 32780x9 32778x9 32790x4 515x13 32775x37 32786x18 32776x9 111x44 4045x51 32774x13 7100x36 6000x18 993x22 32779x11 32794x8 5432x2 32781x4 631x4 636x5 465x2 32782x8

Summarized By Source Country

Source Country Local Target IP or Range Target Ports
?? attacked MULTIPLE-IPs for ports 25x24 6000x4 23x30 80x51 53x19 993x22 114 465x5 21x11 3306x10
BR attacked 132.235.1.1 for ports 80x4
CN attacked MULTIPLE-IPs for ports 80x50 53x9 10080x2 995x7 79x2 21x4 32780x9 32778x9 32790x4 515x13 32775x37 32786x18 32776x9 111x44 4045x51 32774x13 7100x36 6000x18 993x22 32779x11 32794x8 5432x2 32781x4 631x4 636x5 465x2 32782x8
JP attacked MULTIPLE-IPs for ports 80x19
PH attacked MULTIPLE-IPs for ports 80x53
TH attacked MULTIPLE-IPS for ports 80x11
US attacked MULTIPLE-IPS for ports 80x24
VN attacked MULTIPLE-IPS for ports 80x83

Summarized By Source Country

Total Connection Counts Source Country Local Target IP or Range Target Ports
4 BR attacked 132.235.1.1 for ports 80x4
11 TH attacked MULTIPLE-IPS for ports 80x11
19 JP attacked MULTIPLE-IPs for ports 80x19
24 US attacked MULTIPLE-IPS for ports 80x24
53 PH attacked MULTIPLE-IPs for ports 80x53
83 VN attacked MULTIPLE-IPS for ports 80x83
177 ?? attacked MULTIPLE-IPs for ports 25x24 6000x4 23x30 80x51 53x19 993x22 114 465x5 21x11 3306x10
401 CN attacked MULTIPLE-IPs for ports 80x50 53x9 10080x2 995x7 79x2 21x4 32780x9 32778x9 32790x4 515x13 32775x37 32786x18 32776x9 111x44 4045x51 32774x13 7100x36 6000x18 993x22 32779x11 32794x8 5432x2 32781x4 631x4 636x5 465x2 32782x8

Summarized By Target URL to Fetch - sorted by attempts made

Count Target host name GET/PUT/etc Target URL to Fetch
1 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=mg2adea600143PQQJTUDY%40ZY
1 sapb.bandzior.pl POST http://sapb.bandzior.pl/test_ip.php?random=20402539251495526107195759547619270613941760692504
1 www.w3.org GET http://www.w3.org/
2 192.168.1.1 GET /web-console/ServerInfo.jsp
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDY%40ZY
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYPF
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYQ%40
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYQB
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCAFUBZ
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCAFUGS
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCZY
2 24x7-allrequestsallowed.com GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCZYRC
2 dx.doi.org GET http://dx.doi.org/
2 www.sciencedirect.com GET http://www.sciencedirect.com/
3 www.msftncsi.com GET http://www.msftncsi.com/ncsi.txt
4 www.google.com GET /
4 www.google.com:80 CONNECT www.google.com:80
6 www.nature.com GET http://www.nature.com/nature/journal/v415/n6867/pdf/415026a.pdf
6 www.wikipedia.org GET http://www.wikipedia.org/
7 httpheader.net GET http://httpheader.net
9 search.yhd.com GET http://search.yhd.com/c0-0/k%25E5%258F%2589%25E5%25AD%2590%2520
11 127.0.0.1 GET /
12 check2.zennolab.com GET http://check2.zennolab.com/proxy.php
12 chekfast.zennolab.com GET http://chekfast.zennolab.com/proxy.php
14 gameframe.net GET http://gameframe.net/headers
16 chek.zennolab.com GET http://chek.zennolab.com/proxy.php
23 www.sbjudge1.com GET http://www.sbjudge1.com:80/ip4.php
23 www.sbjudge3.com GET http://www.sbjudge3.com:80/ip4.php
26 www.sbjudge2.com GET http://www.sbjudge2.com:80/ip4.php
35 www.123yq.com GET /
83 cachefly.cachefly.net GET http://cachefly.cachefly.net/networkmap/index.html
107 gc.gamexp.ru GET http://gc.gamexp.ru/
346 219.148.111.195 GET http://219.148.111.195:88/checkip.aspx

Summarized By Target URL to Fetch - sorted in reverse domain order

Target host name Count GET/PUT/etc Target URL to Fetch
127.0.0.1 11 GET /
192.168.1.1 2 GET /web-console/ServerInfo.jsp
219.148.111.195 346 GET http://219.148.111.195:88/checkip.aspx
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDY%40ZY
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYPF
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYQ%40
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYAZYQB
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCAFUBZ
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCAFUGS
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCZY
24x7-allrequestsallowed.com 2 GET http://24x7-allrequestsallowed.com/?PHPSESSID=a45ad32b00143PQQJTUDYCZYRC
24x7-allrequestsallowed.com 1 GET http://24x7-allrequestsallowed.com/?PHPSESSID=mg2adea600143PQQJTUDY%40ZY
cachefly.cachefly.net 83 GET http://cachefly.cachefly.net/networkmap/index.html
check2.zennolab.com 12 GET http://check2.zennolab.com/proxy.php
chek.zennolab.com 16 GET http://chek.zennolab.com/proxy.php
chekfast.zennolab.com 12 GET http://chekfast.zennolab.com/proxy.php
dx.doi.org 2 GET http://dx.doi.org/
gameframe.net 14 GET http://gameframe.net/headers
gc.gamexp.ru 107 GET http://gc.gamexp.ru/
httpheader.net 7 GET http://httpheader.net
sapb.bandzior.pl 1 POST http://sapb.bandzior.pl/test_ip.php?random=20402539251495526107195759547619270613941760692504
search.yhd.com 9 GET http://search.yhd.com/c0-0/k%25E5%258F%2589%25E5%25AD%2590%2520
www.123yq.com 35 GET /
www.google.com 4 GET /
www.google.com:80 4 CONNECT www.google.com:80
www.msftncsi.com 3 GET http://www.msftncsi.com/ncsi.txt
www.nature.com 6 GET http://www.nature.com/nature/journal/v415/n6867/pdf/415026a.pdf
www.sbjudge1.com 23 GET http://www.sbjudge1.com:80/ip4.php
www.sbjudge2.com 26 GET http://www.sbjudge2.com:80/ip4.php
www.sbjudge3.com 23 GET http://www.sbjudge3.com:80/ip4.php
www.sciencedirect.com 2 GET http://www.sciencedirect.com/
www.w3.org 1 GET http://www.w3.org/
www.wikipedia.org 6 GET http://www.wikipedia.org/