Proxy Attack Summaries 2015/12/01 thru 2015/12/31

Sorted by Total Connections From Source Network

Sorted by Total Connections From Source Country

Counts by fetch target URL - sorted by URL in rev. domain order.

Sorted by Source Network Range

Source Network	Registered owner	Local Target IP or range	Target Ports
23.229.0.0 - 23.229.127.255	B2 Net Solutions Inc. Buffalo, NY, US	attacked MULTIPLE-IPs	for ports 53x2 25
42.1.60.0 - 42.1.63.255	undefined ??	attacked MULTIPLE-IPs	for ports 23x2 21x27
59.44.0.0 - 59.47.255.255	CHINANET liaoning province network China Telecom No.6,Feiyun Road,Hunnan New District CN	attacked 132.235.3.157	for ports 80x4
61.50.128.0 - 61.50.255.255	China Netcom Group Beijing Corporation He Ping Men Wai Chang Dian Jia 9 Xuan Wu CN	attacked MULTIPLE-IPS	for ports 80x2
61.216.0.0 - 61.219.255.255	Data Communication Business Group, Chunghwa Telecom Co.,Ltd. No.21, Sec.1, Xinyi Rd., Taipei City TW	attacked MULTIPLE-IPs	for ports 25 80
61.242.32.0 - 61.242.63.255	China United Network Communications Corporation Limited CN	attacked 132.235.3.141	for ports 80
73.174.0.0 - 73.174.255.255	Comcast IP Services, L.L.C. Mount Laurel, NJ, US	attacked MULTIPLE-IPs	for ports 23x4 995 53x4 993 80
74.96.0.0 - 74.111.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x36 21x3 993x3 3306x3
106.4.0.0 - 106.7.255.255	CHINANET JIANGXI PROVINCE NETWORK China Telecom No.31,jingrong street CN	attacked 132.235.1.81	for ports 10080
106.32.0.0 - 106.47.255.255	CHINANET HUNAN PROVINCE NETWORK China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPS	for ports 80x5
107.150.32.0 - 107.150.63.255	DataShack, LC North Kansas City, MO, US	attacked MULTIPLE-IPS	for ports 80x2
112.74.0.0 - 112.74.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN	attacked MULTIPLE-IPs	for ports 80x3 114
113.190.0.0 - 113.190.255.255	VietNam Post and Telecom Corporation VNPT ADSL Service in Hanoi VietNam Post and Telecom Corporation (VNPT) VN	attacked MULTIPLE-IPS	for ports 80x10
114.111.165.0 - 114.111.167.255	BeiJing CloudVsp.Inc NO.18 Building,Area B,NO.1,Disheng North street,Software Park of Beijing University of Technology, CN	attacked MULTIPLE-IPs	for ports 80x5
114.112.80.0 - 114.112.95.255	Beijing capitalonline data service co.,LTD Rm.16c,Bldg.2#A,Jinyuan times business Centre, No.2,Landianchang-East Rd., CN	attacked 132.235.1.2	for ports 80
114.215.0.0 - 114.215.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN	attacked MULTIPLE-IPs	for ports 80x3 114
116.216.0.0 - 116.216.255.255	Beijing Time-vision Telecommunication Technical,Ltd Chaoyang District,Beijing,China CNC Group CHINA169 Sichuan Province Network CN	attacked 132.235.3.141	for ports 80x2
120.24.0.0 - 120.27.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099 CN	attacked MULTIPLE-IPs	for ports 80x3 114
121.224.0.0 - 121.239.255.255	CHINANET jiangsu province network China Telecom A12,Xin-Jie-Kou-Wai Street Beijing 100088 CN	attacked 132.235.15.101	for ports 80
123.16.0.0 - 123.31.255.255	VietNam Post and Telecom Corporation 23 Phan Chau Trinh, Hoan Kiem Dist, Ha Noi VietNam Post and Telecom Corporation (VNPT) VN	attacked MULTIPLE-IPS	for ports 80x7
124.234.0.0 - 124.235.255.255	CHINANET Jilin province network CN	attacked MULTIPLE-IPS	for ports 80x10
125.32.0.0 - 125.32.255.255	China Unicom Jilin province network China Unicom CN	attacked MULTIPLE-IPS	for ports 80x4
139.129.0.0 - 139.129.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x34
167.88.0.0 - 167.88.15.255	Nexeon Technologies, Inc. West Chicago, IL, US	attacked MULTIPLE-IPs	for ports 80x29
180.96.0.0 - 180.127.255.255	Chinanet Jiangsu Province Network China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPs	for ports 80x25
183.0.0.0 - 183.63.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x6
186.218/16	Brasil Telecomunicações S.A. BR	attacked 132.235.3.141	for ports 80
199.47.80.0 - 199.47.87.255	iParadigms, LLC Oakland, CA, US	attacked 132.235.1.2	for ports 80
202.46.0.0 - 202.46.15.255	IPTEKNET, Indonesian Science and Technology Network BPP Teknologi Building Lantai 15, Gedung Lama (15th flr, old building) JL.M.H.Thamrin no.8 ID	attacked 132.235.3.155	for ports 80
202.112.48.0 - 202.112.55.255	CERNET super computer center CN	attacked MULTIPLE-IPs	for ports 80x17
208.90.152.0 - 208.90.155.255	Techie Hosting, Inc. Newark, NJ, US	attacked MULTIPLE-IPs	for ports 80x8
219.148.0.0 - 219.148.159.255	CHINANET hebei province network China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPs	for ports 32778x36 4045x188 465x11 995x16 515x37 32780x36 32781x8 631x16 993x37 111x156 80x22 3306x8 32776x36 32779x30 636x21 32786x41 7100x105 6000x60 32782x26 32790x8 32775x36 32796x6
222.124.168.144 - 222.124.168.151	PT Telkom Indonesia's customer. PT. TELKOM INDONESIA ID	attacked MULTIPLE-IPs	for ports 80x5 114

Sorted By Total Connections From Source Network

Count	Source Network	Registered Owner	Local Target IP or Range	Target Ports
1	61.242.32.0 - 61.242.63.255	China United Network Communications Corporation Limited CN	attacked 132.235.3.141	for ports 80
1	106.4.0.0 - 106.7.255.255	CHINANET JIANGXI PROVINCE NETWORK China Telecom No.31,jingrong street CN	attacked 132.235.1.81	for ports 10080
1	114.112.80.0 - 114.112.95.255	Beijing capitalonline data service co.,LTD Rm.16c,Bldg.2#A,Jinyuan times business Centre, No.2,Landianchang-East Rd., CN	attacked 132.235.1.2	for ports 80
1	121.224.0.0 - 121.239.255.255	CHINANET jiangsu province network China Telecom A12,Xin-Jie-Kou-Wai Street Beijing 100088 CN	attacked 132.235.15.101	for ports 80
1	186.218/16	Brasil Telecomunicações S.A. BR	attacked 132.235.3.141	for ports 80
1	199.47.80.0 - 199.47.87.255	iParadigms, LLC Oakland, CA, US	attacked 132.235.1.2	for ports 80
1	202.46.0.0 - 202.46.15.255	IPTEKNET, Indonesian Science and Technology Network BPP Teknologi Building Lantai 15, Gedung Lama (15th flr, old building) JL.M.H.Thamrin no.8 ID	attacked 132.235.3.155	for ports 80
2	61.50.128.0 - 61.50.255.255	China Netcom Group Beijing Corporation He Ping Men Wai Chang Dian Jia 9 Xuan Wu CN	attacked MULTIPLE-IPS	for ports 80x2
2	61.216.0.0 - 61.219.255.255	Data Communication Business Group, Chunghwa Telecom Co.,Ltd. No.21, Sec.1, Xinyi Rd., Taipei City TW	attacked MULTIPLE-IPs	for ports 25 80
2	107.150.32.0 - 107.150.63.255	DataShack, LC North Kansas City, MO, US	attacked MULTIPLE-IPS	for ports 80x2
2	116.216.0.0 - 116.216.255.255	Beijing Time-vision Telecommunication Technical,Ltd Chaoyang District,Beijing,China CNC Group CHINA169 Sichuan Province Network CN	attacked 132.235.3.141	for ports 80x2
3	23.229.0.0 - 23.229.127.255	B2 Net Solutions Inc. Buffalo, NY, US	attacked MULTIPLE-IPs	for ports 53x2 25
4	59.44.0.0 - 59.47.255.255	CHINANET liaoning province network China Telecom No.6,Feiyun Road,Hunnan New District CN	attacked 132.235.3.157	for ports 80x4
4	112.74.0.0 - 112.74.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN	attacked MULTIPLE-IPs	for ports 80x3 114
4	114.215.0.0 - 114.215.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T CN	attacked MULTIPLE-IPs	for ports 80x3 114
4	120.24.0.0 - 120.27.255.255	Aliyun Computing Co., LTD 5F, Builing D, the West Lake International Plaza of S&T No.391 Wen'er Road, Hangzhou, Zhejiang, China, 310099 CN	attacked MULTIPLE-IPs	for ports 80x3 114
4	125.32.0.0 - 125.32.255.255	China Unicom Jilin province network China Unicom CN	attacked MULTIPLE-IPS	for ports 80x4
5	106.32.0.0 - 106.47.255.255	CHINANET HUNAN PROVINCE NETWORK China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPS	for ports 80x5
5	114.111.165.0 - 114.111.167.255	BeiJing CloudVsp.Inc NO.18 Building,Area B,NO.1,Disheng North street,Software Park of Beijing University of Technology, CN	attacked MULTIPLE-IPs	for ports 80x5
6	183.0.0.0 - 183.63.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x6
6	222.124.168.144 - 222.124.168.151	PT Telkom Indonesia's customer. PT. TELKOM INDONESIA ID	attacked MULTIPLE-IPs	for ports 80x5 114
7	123.16.0.0 - 123.31.255.255	VietNam Post and Telecom Corporation 23 Phan Chau Trinh, Hoan Kiem Dist, Ha Noi VietNam Post and Telecom Corporation (VNPT) VN	attacked MULTIPLE-IPS	for ports 80x7
8	208.90.152.0 - 208.90.155.255	Techie Hosting, Inc. Newark, NJ, US	attacked MULTIPLE-IPs	for ports 80x8
10	113.190.0.0 - 113.190.255.255	VietNam Post and Telecom Corporation VNPT ADSL Service in Hanoi VietNam Post and Telecom Corporation (VNPT) VN	attacked MULTIPLE-IPS	for ports 80x10
10	124.234.0.0 - 124.235.255.255	CHINANET Jilin province network CN	attacked MULTIPLE-IPS	for ports 80x10
11	73.174.0.0 - 73.174.255.255	Comcast IP Services, L.L.C. Mount Laurel, NJ, US	attacked MULTIPLE-IPs	for ports 23x4 995 53x4 993 80
17	202.112.48.0 - 202.112.55.255	CERNET super computer center CN	attacked MULTIPLE-IPs	for ports 80x17
25	180.96.0.0 - 180.127.255.255	Chinanet Jiangsu Province Network China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPs	for ports 80x25
29	42.1.60.0 - 42.1.63.255	undefined ??	attacked MULTIPLE-IPs	for ports 23x2 21x27
29	167.88.0.0 - 167.88.15.255	Nexeon Technologies, Inc. West Chicago, IL, US	attacked MULTIPLE-IPs	for ports 80x29
34	139.129.0.0 - 139.129.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x34
45	74.96.0.0 - 74.111.255.255	undefined ??	attacked MULTIPLE-IPs	for ports 80x36 21x3 993x3 3306x3
940	219.148.0.0 - 219.148.159.255	CHINANET hebei province network China Telecom No.31,jingrong street CN	attacked MULTIPLE-IPs	for ports 32778x36 4045x188 465x11 995x16 515x37 32780x36 32781x8 631x16 993x37 111x156 80x22 3306x8 32776x36 32779x30 636x21 32786x41 7100x105 6000x60 32782x26 32790x8 32775x36 32796x6

Summarized By Source Country

Source Country	Local Target IP or Range	Target Ports
??	attacked MULTIPLE-IPs	for ports 21x30 993x3 3306x3 80x46
BR	attacked 132.235.3.141	for ports 80
CN	attacked MULTIPLE-IPs	for ports 80x110 10080 114x3 32778x36 4045x188 465x11 995x16 515x37 32780x36 32781x8 631x16 993x37 111x156 3306x8 32776x36 32779x30 636x21 32786x41 7100x105 6000x60 32782x26 32790x8 32775x36 32796x6
ID	attacked MULTIPLE-IPs	for ports 80x6 114
MY	attacked 132.235.1.242	for ports 23x2
TW	attacked MULTIPLE-IPs	for ports 25 80
US	attacked MULTIPLE-IPs	for ports 53x6 25 23x4 995 993 80x69
VN	attacked MULTIPLE-IPS	for ports 80x17

Summarized By Source Country

Total Connection Counts	Source Country	Local Target IP or Range	Target Ports
1	BR	attacked 132.235.3.141	for ports 80
2	MY	attacked 132.235.1.242	for ports 23x2
2	TW	attacked MULTIPLE-IPs	for ports 25 80
7	ID	attacked MULTIPLE-IPs	for ports 80x6 114
17	VN	attacked MULTIPLE-IPS	for ports 80x17
82	??	attacked MULTIPLE-IPs	for ports 21x30 993x3 3306x3 80x46
82	US	attacked MULTIPLE-IPs	for ports 53x6 25 23x4 995 993 80x69
1032	CN	attacked MULTIPLE-IPs	for ports 80x110 10080 114x3 32778x36 4045x188 465x11 995x16 515x37 32780x36 32781x8 631x16 993x37 111x156 3306x8 32776x36 32779x30 636x21 32786x41 7100x105 6000x60 32782x26 32790x8 32775x36 32796x6

Summarized By Target URL to Fetch - sorted by attempts made

Count	Target host name	GET/PUT/etc	Target URL to Fetch

1	$_[host]:80	GET	/
1	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDY%40ZY
1	chekfast.zennolab.com	GET	http://chekfast.zennolab.com/proxy.php
1	freegeoip.net	GET	http://freegeoip.net/json
1	freegeoip.net	GET	http://freegeoip.net/json/
1	httpheader.net	GET	http://httpheader.net
1	tclf.org	GET	/blog/making-and-taking-2015%E2%80%99s-notable-developments-landscape-architecture
1	tclf.org	GET	/event/houston-transformation
1	tclf.org	GET	/robots.txt
1	tclf.org	GET	/sites/default/files/microsites/art-landscape/russell-page.html
1	tclf.org	GET	/sites/default/files/microsites/kiley-legacy/index.html
1	tclf.org	GET	/sites/default/files/microsites/wot-guide-dc/index.html
1	tclf.org	GET	/sites/default/files/microsites/wot-guide-dc/introduction.html
1	vicio-con.htmlblogspot.com	GET	/2013/11/aqui-encontraras-un-servicio-con.html
1	www.google.co.uk	CONNECT	www.google.co.uk:443
1	www.google.pl	GET	http://www.google.pl/search?q=google
1	www.google.pl	GET	http://www.google.pl/search?q=onet.pl
1	www.google.pl	GET	http://www.google.pl/search?q=wp.pl
1	www.nature.com	GET	http://www.nature.com/nature/journal/v484/n7392/full/nature10918.html
2	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYQ%40
2	POST
2	ip.filefab.com	GET	http://ip.filefab.com/
2	www.drom.ru	POST	http://www.drom.ru/1.php?mikky=1451435696
2	www.drom.ru	POST	http://www.drom.ru/1.php?mikky=1451436207
3	185.10.231.86	GET	http://185.10.231.86/
3	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYPF
3	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYQB
3	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYCAFUGS
3	24x7-allrequestsallowed.com	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYCZYRC
3	check2.zennolab.com	GET	http://check2.zennolab.com/proxy.php
3	journals.cambridge.org	GET	http://journals.cambridge.org/action/displayAbstract?fromPage=online&aid=115853&fulltextType=SC&fileId=S000819730228160X
3	www.google.pl	GET	http://www.google.pl/search?q=ostro%C5%82%C4%99ka
3	www.google.pl	GET	http://www.google.pl/search?q=polska+najlepsza
3	www.google.pl	GET	http://www.google.pl/search?q=praca
3	www.google.pl	GET	http://www.google.pl/search?q=wakacje
3	www.google.pl	GET	http://www.google.pl/search?q=wczasy
3	www.luisaranguren.com	GET	http://www.luisaranguren.com/azenv.php
4	dx.doi.org	GET	http://dx.doi.org/
4	link.springer.com	GET	http://link.springer.com/
4	www.anxuncloud.com	GET	/
4	www.drom.ru:80	CONNECT	www.drom.ru:80
5	chek.zennolab.com	GET	http://chek.zennolab.com/proxy.php
7	www.apple.com	GET	/
7	www.ebay.com	GET	http://www.ebay.com/
8	www.sbjudge1.com	GET	http://www.sbjudge1.com:80/ip4.php
8	www.sbjudge3.com	GET	http://www.sbjudge3.com:80/ip4.php
9	dns.aegins.com	GET	/
9	proxyseo.headway.pl	GET	http://proxyseo.headway.pl/httptest.php
10	www.bter.com	GET	/
11	proxyjudge.us	GET	http://proxyjudge.us/azenv.php
11	www.alexa.com	GET	http://www.alexa.com/
12	www.sbjudge2.com	GET	http://www.sbjudge2.com:80/ip4.php
17	cachefly.cachefly.net	GET	http://cachefly.cachefly.net/networkmap/index.html
18	917sf.com	GET	/
20	www.sciencedirect.com	GET	http://www.sciencedirect.com/
24	search.yahoo.com	CONNECT	search.yahoo.com:443
25	www.baidu.com	GET	http://www.baidu.com/robots.txt
940	219.148.111.195	GET	http://219.148.111.195:88/checkip.aspx

Summarized By Target URL to Fetch - sorted in reverse domain order

Target host name	Count	GET/PUT/etc	Target URL to Fetch
$_[host]:80	1	GET	/

185.10.231.86	3	GET	http://185.10.231.86/
219.148.111.195	940	GET	http://219.148.111.195:88/checkip.aspx
24x7-allrequestsallowed.com	1	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDY%40ZY
24x7-allrequestsallowed.com	3	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYPF
24x7-allrequestsallowed.com	2	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYQ%40
24x7-allrequestsallowed.com	3	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYAZYQB
24x7-allrequestsallowed.com	3	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYCAFUGS
24x7-allrequestsallowed.com	3	GET	http://24x7-allrequestsallowed.com/?PHPSESSID=aab45f4f00143PQQJTUDYCZYRC
917sf.com	18	GET	/
POST	2
cachefly.cachefly.net	17	GET	http://cachefly.cachefly.net/networkmap/index.html
check2.zennolab.com	3	GET	http://check2.zennolab.com/proxy.php
chek.zennolab.com	5	GET	http://chek.zennolab.com/proxy.php
chekfast.zennolab.com	1	GET	http://chekfast.zennolab.com/proxy.php
dns.aegins.com	9	GET	/
dx.doi.org	4	GET	http://dx.doi.org/
freegeoip.net	1	GET	http://freegeoip.net/json/
freegeoip.net	1	GET	http://freegeoip.net/json
httpheader.net	1	GET	http://httpheader.net
ip.filefab.com	2	GET	http://ip.filefab.com/
journals.cambridge.org	3	GET	http://journals.cambridge.org/action/displayAbstract?fromPage=online&aid=115853&fulltextType=SC&fileId=S000819730228160X
link.springer.com	4	GET	http://link.springer.com/
proxyjudge.us	11	GET	http://proxyjudge.us/azenv.php
proxyseo.headway.pl	9	GET	http://proxyseo.headway.pl/httptest.php
search.yahoo.com	24	CONNECT	search.yahoo.com:443
tclf.org	1	GET	/blog/making-and-taking-2015%E2%80%99s-notable-developments-landscape-architecture
tclf.org	1	GET	/event/houston-transformation
tclf.org	1	GET	/robots.txt
tclf.org	1	GET	/sites/default/files/microsites/art-landscape/russell-page.html
tclf.org	1	GET	/sites/default/files/microsites/kiley-legacy/index.html
tclf.org	1	GET	/sites/default/files/microsites/wot-guide-dc/index.html
tclf.org	1	GET	/sites/default/files/microsites/wot-guide-dc/introduction.html
vicio-con.htmlblogspot.com	1	GET	/2013/11/aqui-encontraras-un-servicio-con.html
www.alexa.com	11	GET	http://www.alexa.com/
www.anxuncloud.com	4	GET	/
www.apple.com	7	GET	/
www.baidu.com	25	GET	http://www.baidu.com/robots.txt
www.bter.com	10	GET	/
www.drom.ru	2	POST	http://www.drom.ru/1.php?mikky=1451435696
www.drom.ru	2	POST	http://www.drom.ru/1.php?mikky=1451436207
www.drom.ru:80	4	CONNECT	www.drom.ru:80
www.ebay.com	7	GET	http://www.ebay.com/
www.google.co.uk	1	CONNECT	www.google.co.uk:443
www.google.pl	1	GET	http://www.google.pl/search?q=google
www.google.pl	1	GET	http://www.google.pl/search?q=onet.pl
www.google.pl	3	GET	http://www.google.pl/search?q=ostro%C5%82%C4%99ka
www.google.pl	3	GET	http://www.google.pl/search?q=polska+najlepsza
www.google.pl	3	GET	http://www.google.pl/search?q=praca
www.google.pl	3	GET	http://www.google.pl/search?q=wakacje
www.google.pl	3	GET	http://www.google.pl/search?q=wczasy
www.google.pl	1	GET	http://www.google.pl/search?q=wp.pl
www.luisaranguren.com	3	GET	http://www.luisaranguren.com/azenv.php
www.nature.com	1	GET	http://www.nature.com/nature/journal/v484/n7392/full/nature10918.html
www.sbjudge1.com	8	GET	http://www.sbjudge1.com:80/ip4.php
www.sbjudge2.com	12	GET	http://www.sbjudge2.com:80/ip4.php
www.sbjudge3.com	8	GET	http://www.sbjudge3.com:80/ip4.php
www.sciencedirect.com	20	GET	http://www.sciencedirect.com/