Custom Search

Friday, February 28, 2014

Suspected Bot List [2014-02-27]

detection period: 2014-02-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 50

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CA67.205.67.7Canada
CN150.255.132.35China
CN150.255.250.53China
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.160.239.39India
IN202.62.67.250India
IN210.212.174.78India
KZ176.98.192.143Kazakhstan
MX187.174.173.18Mexico
MX187.174.216.162Mexico
MX189.204.49.66Mexico
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
TW119.77.135.183Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-27]

detection period: 2014-02-27 00:00-23:59 UTC
total number of suspected botnet IPs: 5366
number of botnet IPs notified to network operators: 5316
number of spam blocked: 53579
recipient count of spam blocked: 1663578

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET684
2CRTC521
3CHINANET-GD436
4UNICOM-SD302
5CHINANET-JS230
6UNICOM-HE172
7CTTNET170
8UNICOM-HA154
9UNICOM-LN151
10UNICOM-HL108

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China4907
2Taiwan145
3United States32
4France22
5Brazil19
6India17
7Ukraine15
8Russian Federation15
9South Korea13
10Italy13

Thursday, February 27, 2014

Suspected Bot List [2014-02-26]

detection period: 2014-02-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 89

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CN150.255.242.40China
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN122.160.239.39India
IN210.212.174.78India
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
TW119.77.135.183Taiwan
TW119.77.139.166Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-26]

detection period: 2014-02-26 00:00-23:59 UTC
total number of suspected botnet IPs: 4720
number of botnet IPs notified to network operators: 4631
number of spam blocked: 43964
recipient count of spam blocked: 1422102

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET590
2CRTC410
3CHINANET-GD409
4UNICOM-SD201
5CTTNET197
6CHINANET-JS182
7UNICOM-LN142
8UNICOM-HE126
9UNICOM-HA112
10UNICOM-HL105

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China4125
2Taiwan120
3United States46
4Italy34
5Brazil31
6Russian Federation28
7Turkey22
8France20
9Poland18
10United Kingdom17

Wednesday, February 26, 2014

Suspected Bot List [2014-02-25]

detection period: 2014-02-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 80

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AO196.223.13.230Angola
BO190.129.12.162Bolivia
CA67.205.67.7Canada
CN150.255.116.146China
CN150.255.182.49China
CN150.255.190.13China
CN150.255.252.67China
CN202.197.224.233China
CN202.198.70.197China
GB193.164.207.16United Kingdom
HK103.6.86.43Hong Kong
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.125.29Macau
MO60.246.153.147Macau
MO60.246.181.80Macau
MO60.246.251.216Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
PH124.107.165.60Philippines
PL95.160.64.100Poland
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
TW113.61.177.248Taiwan
TW211.76.94.73Taiwan
UA91.201.84.146Ukraine
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-25]

detection period: 2014-02-25 00:00-23:59 UTC
total number of suspected botnet IPs: 6593
number of botnet IPs notified to network operators: 6513
number of spam blocked: 77081
recipient count of spam blocked: 2052808

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET784
2CRTC630
3CHINANET-GD491
4CHINANET-JS314
5UNICOM-SD302
6CTTNET253
7UNICOM-HA220
8UNICOM-HE194
9UNICOM-LN183
10UNICOM-HL160

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China6042
2Taiwan136
3United States41
4Brazil27
5India25
6Russian Federation24
7Ukraine21
8France19
9Indonesia13
10United Kingdom13

Tuesday, February 25, 2014

Suspected Bot List [2014-02-24]

detection period: 2014-02-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 46

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CN150.255.185.253China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
IR91.98.117.28Iran
LB213.175.188.158Lebanon
MO60.246.30.48Macau
MO60.246.35.169Macau
MO60.246.178.71Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-24]

detection period: 2014-02-24 00:00-23:59 UTC
total number of suspected botnet IPs: 4191
number of botnet IPs notified to network operators: 4145
number of spam blocked: 46826
recipient count of spam blocked: 1551717

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET486
2CRTC368
3CHINANET-GD367
4CHINANET-JS184
5UNICOM-SD183
6CTTNET149
7UNICOM-HA105
8UNICOM-LN98
9UNICOM-HE88
10UNICOM-HL86

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3724
2Taiwan120
3Brazil33
4United States28
5Russian Federation21
6Ukraine16
7France16
8Turkey15
9Italy15
10India15

Monday, February 24, 2014

Suspected Bot List [2014-02-23]

detection period: 2014-02-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 35

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CN150.255.154.187China
CN202.142.20.8China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IR91.98.36.84Iran
IR91.98.117.28Iran
IR94.182.248.19Iran
LB213.175.188.158Lebanon
MO60.246.35.169Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW211.76.90.134Taiwan
TW211.76.90.162Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-23]

detection period: 2014-02-23 00:00-23:59 UTC
total number of suspected botnet IPs: 4264
number of botnet IPs notified to network operators: 4229
number of spam blocked: 47248
recipient count of spam blocked: 1572807

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET480
2CHINANET-GD349
3CRTC288
4UNICOM-SD236
5CHINANET-JS191
6CTTNET144
7UNICOM-LN122
8UNICOM-HE109
9UNICOM-HA104
10HINET-NET99

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3884
2Taiwan138
3United States26
4Russian Federation20
5Indonesia17
6Ukraine16
7Brazil16
8South Korea12
9Israel8
10France8

Sunday, February 23, 2014

Suspected Bot List [2014-02-22]

detection period: 2014-02-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 50

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
CN202.142.20.8China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
IR91.98.36.84Iran
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.153.4Macau
MO60.246.229.8Macau
MX187.174.173.18Mexico
MX187.174.216.162Mexico
MX189.204.49.66Mexico
PH124.107.165.60Philippines
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW211.76.94.73Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-22]

detection period: 2014-02-22 00:00-23:59 UTC
total number of suspected botnet IPs: 2604
number of botnet IPs notified to network operators: 2554
number of spam blocked: 40308
recipient count of spam blocked: 1398757

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET363
2CRTC240
3CTTNET164
4CHINANET-GD157
5CHINANET-JS97
6UNICOM-SD88
7HINET-NET83
8UNICOM-HA73
9UNICOM-HL55
10CHINANET-FJ55

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2239
2Taiwan111
3United States28
4Indonesia17
5Russian Federation16
6Brazil15
7Ukraine12
8Germany12
9South Korea11
10India10

Saturday, February 22, 2014

Suspected Bot List [2014-02-21]

detection period: 2014-02-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 86

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CA184.107.208.122Canada
CN150.255.60.123China
CN150.255.63.108China
CN150.255.171.183China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
IN210.212.174.78India
IR91.98.36.84Iran
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.122.166Macau
MO60.246.144.18Macau
MO60.246.158.81Macau
MO60.246.229.8Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
TW211.76.89.138Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-21]

detection period: 2014-02-21 00:00-23:59 UTC
total number of suspected botnet IPs: 6996
number of botnet IPs notified to network operators: 6910
number of spam blocked: 87088
recipient count of spam blocked: 2376374

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET827
2CRTC629
3CHINANET-GD361
4CHINANET-JS346
5UNICOM-SD314
6CTTNET296
7UNICOM-HA237
8UNICOM-HE202
9CHINANET-XJ183
10UNICOM-LN149

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China6448
2Taiwan155
3United States39
4Brazil34
5Italy30
6Russian Federation19
7Spain19
8India17
9Germany17
10Ukraine14

Friday, February 21, 2014

Suspected Bot List [2014-02-20]

detection period: 2014-02-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 92

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CA184.107.208.122Canada
CN202.100.111.147China
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IN122.160.239.39India
IN210.212.174.78India
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.73.111Macau
MO60.246.76.81Macau
MO60.246.156.32Macau
MO60.246.254.33Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
TW115.165.208.61Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-20]

detection period: 2014-02-20 00:00-23:59 UTC
total number of suspected botnet IPs: 4294
number of botnet IPs notified to network operators: 4202
number of spam blocked: 48417
recipient count of spam blocked: 1594111

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET577
2CRTC403
3CHINANET-GD223
4UNICOM-SD179
5CTTNET176
6CHINANET-JS175
7UNICOM-HE140
8UNICOM-HA135
9UNICOM-LN123
10UNICOM-SX118

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3779
2Taiwan121
3Brazil46
4Italy38
5United States36
6Spain22
7Russian Federation20
8Poland14
9Indonesia14
10Turkey12

Thursday, February 20, 2014

Suspected Bot List [2014-02-19]

detection period: 2014-02-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 265

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.56.202China
CN150.255.200.8China
CN202.100.111.147China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
IN210.212.174.78India
IR91.98.36.84Iran
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.57.214Macau
MO60.246.146.206Macau
MO60.246.213.175Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW115.165.206.247Taiwan
TW119.77.135.183Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-19]

detection period: 2014-02-19 00:00-23:59 UTC
total number of suspected botnet IPs: 4893
number of botnet IPs notified to network operators: 4628
number of spam blocked: 37586
recipient count of spam blocked: 1200741

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET544
2CRTC304
3UNICOM-SD205
4CHINANET-JS194
5CHINANET-GD183
6CTTNET151
7UNICOM-HA148
8UNICOM-LN125
9UNICOM-HE116
10HINET-NET102

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3690
2Italy244
3Taiwan128
4Brazil120
5Spain84
6Turkey51
7United States50
8Poland36
9Russian Federation29
10Argentina29

Wednesday, February 19, 2014

Suspected Bot List [2014-02-18]

detection period: 2014-02-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 119

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CA184.107.208.122Canada
CN150.255.57.84China
CN150.255.100.239China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN117.247.241.27India
IN122.160.239.39India
IN180.151.38.242India
IN182.72.57.212India
IN182.74.135.74India
IN210.212.174.78India
IR91.98.36.84Iran
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.33.76Macau
MO60.246.173.64Macau
MO60.246.176.225Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW119.77.135.183Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-18]

detection period: 2014-02-18 00:00-23:59 UTC
total number of suspected botnet IPs: 4429
number of botnet IPs notified to network operators: 4312
number of spam blocked: 44351
recipient count of spam blocked: 1427833

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET570
2CRTC339
3CHINANET-JS253
4UNICOM-SD204
5CHINANET-GD196
6CTTNET156
7UNICOM-LN130
8UNICOM-HE114
9UNICOM-HA111
10UNICOM-HL98

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3841
2Taiwan102
3United States41
4Brazil30
5Turkey29
6Italy29
7Russian Federation25
8India20
9Germany18
10Indonesia16

Tuesday, February 18, 2014

Suspected Bot List [2014-02-17]

detection period: 2014-02-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 141

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE217.165.160.68Arab Emirates
AR181.165.13.25Argentina
BD180.234.4.32Bangladesh
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
BO200.87.201.146Bolivia
CA184.107.208.122Canada
CR201.196.50.10Costa Rica
ES46.25.161.162Spain
ES95.122.70.138Spain
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN27.251.177.239India
IN117.240.239.120India
IN117.247.241.27India
IN122.160.239.39India
IN122.166.124.194India
IN180.151.38.242India
IN182.72.57.212India
IN182.74.135.74India
IN202.62.67.250India
IN210.212.174.78India
IR91.98.36.84Iran
IR94.182.248.19Iran
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MO60.246.39.9Macau
MO60.246.75.44Macau
MX187.163.137.184Mexico
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
TW119.77.135.183Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
US205.209.152.114United States
US207.225.36.128United States
VE190.39.82.232Venezuela
ZA197.245.3.103South Africa

List from greylisting:

Botnet Statistics [2014-02-17]

detection period: 2014-02-17 00:00-23:59 UTC
total number of suspected botnet IPs: 3696
number of botnet IPs notified to network operators: 3555
number of spam blocked: 41756
recipient count of spam blocked: 1398512

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET429
2CRTC221
3CHINANET-JS200
4UNICOM-SD189
5CHINANET-GD169
6CTTNET108
7UNICOM-HE103
8HINET-NET102
9UNICOM-HA91
10UNICOM-LN82

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2955
2Taiwan132
3United States43
4Italy41
5Brazil39
6India35
7Russian Federation26
8Germany21
9Kazakhstan20
10Ukraine19

Monday, February 17, 2014

Suspected Bot List [2014-02-16]

detection period: 2014-02-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 40

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AE217.165.160.68Arab Emirates
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
BO200.87.201.146Bolivia
CA184.107.208.122Canada
CN150.255.20.92China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IN122.160.239.39India
IN202.62.67.250India
IR91.98.36.84Iran
IR94.182.248.19Iran
LB213.175.188.158Lebanon
MO60.246.128.28Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW115.165.205.198Taiwan
TW115.165.254.28Taiwan
TW119.77.133.98Taiwan
US50.201.42.106United States
US205.209.152.114United States
VE190.39.82.232Venezuela
ZA105.236.129.208South Africa
ZA197.245.3.103South Africa

List from greylisting:

Botnet Statistics [2014-02-16]

detection period: 2014-02-16 00:00-23:59 UTC
total number of suspected botnet IPs: 3822
number of botnet IPs notified to network operators: 3782
number of spam blocked: 47880
recipient count of spam blocked: 1583988

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET427
2CRTC316
3UNICOM-SD220
4CHINANET-GD192
5CTTNET151
6CHINANET-JS150
7UNICOM-LN128
8UNICOM-HE121
9UNICOM-HA109
10CHINANET-XJ103

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3491
2Taiwan116
3United States22
4Brazil21
5Indonesia11
6Ukraine10
7South Korea10
8Russian Federation9
9India9
10Iran8

Sunday, February 16, 2014

Suspected Bot List [2014-02-15]

detection period: 2014-02-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 57

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR181.15.98.130Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.202.166China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN122.160.239.39India
IN122.166.124.194India
IR91.98.36.84Iran
IR94.182.248.19Iran
LB213.175.188.158Lebanon
MO60.246.154.103Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW119.77.135.183Taiwan
US50.201.42.106United States
US205.209.152.114United States
US207.225.36.128United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-15]

detection period: 2014-02-15 00:00-23:59 UTC
total number of suspected botnet IPs: 3407
number of botnet IPs notified to network operators: 3350
number of spam blocked: 45749
recipient count of spam blocked: 1563543

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET420
2CRTC312
3CHINANET-GD186
4UNICOM-SD185
5CHINANET-JS166
6CTTNET132
7UNICOM-HE123
8HINET-NET102
9UNICOM-HA95
10UNICOM-LN90

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2991
2Taiwan133
3Brazil37
4United States28
5Indonesia15
6Russian Federation12
7Italy12
8South Korea11
9Ukraine10
10Iran10

Saturday, February 15, 2014

Suspected Bot List [2014-02-14]

detection period: 2014-02-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 250

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.59.133China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IR94.182.248.19Iran
LB213.175.188.158Lebanon
MO60.246.152.177Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU193.107.17.55Russian Federation
SA94.77.199.148Saudi Arabia
TW119.77.135.183Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-14]

detection period: 2014-02-14 00:00-23:59 UTC
total number of suspected botnet IPs: 4321
number of botnet IPs notified to network operators: 4071
number of spam blocked: 43755
recipient count of spam blocked: 1481662

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET442
2CRTC264
3CHINANET-GD199
4UNICOM-SD177
5CHINANET-JS164
6UNICOM-LN127
7CTTNET115
8HINET-NET114
9UNICOM-HE112
10UNICOM-HA84

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2982
2Taiwan162
3India118
4France87
5United States84
6United Kingdom58
7Italy49
8Indonesia49
9Hong Kong47
10Singapore46

Friday, February 14, 2014

Suspected Bot List [2014-02-13]

detection period: 2014-02-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 93

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.240.239.120India
IN202.62.67.250India
IR91.98.117.28Iran
IR94.182.248.19Iran
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU193.107.17.55Russian Federation
SA94.77.199.148Saudi Arabia
TW119.77.133.98Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-13]

detection period: 2014-02-13 00:00-23:59 UTC
total number of suspected botnet IPs: 3576
number of botnet IPs notified to network operators: 3483
number of spam blocked: 42282
recipient count of spam blocked: 1442151

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET403
2CRTC233
3CHINANET-JS212
4UNICOM-SD193
5CHINANET-GD179
6UNICOM-HE123
7UNICOM-LN101
8CTTNET101
9UNICOM-HA93
10UNICOM-HL82

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3002
2Taiwan112
3United States52
4Brazil40
5France26
6Russian Federation22
7United Kingdom22
8Indonesia18
9Italy17
10Colombia17

Thursday, February 13, 2014

Suspected Bot List [2014-02-12]

detection period: 2014-02-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 51

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN180.151.38.242India
IN202.62.67.250India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
LB213.175.188.158Lebanon
MO60.246.150.162Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
TW119.77.133.98Taiwan
TW211.76.94.73Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-12]

detection period: 2014-02-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2925
number of botnet IPs notified to network operators: 2874
number of spam blocked: 41766
recipient count of spam blocked: 1457506

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET262
2CRTC168
3CHINANET-GD160
4UNICOM-SD159
5CHINANET-JS151
6UNICOM-HE105
7UNICOM-LN97
8UNICOM-HA82
9HINET-NET74
10CTTNET66

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2476
2Taiwan100
3United States37
4Brazil24
5Russian Federation23
6Indonesia21
7France16
8South Korea14
9India14
10Turkey12

Wednesday, February 12, 2014

Suspected Bots' IP List for February 2014

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2014-02-28]
Suspected Bots IP [2014-02-27]
Suspected Bots IP [2014-02-26]
Suspected Bots IP [2014-02-25]
Suspected Bots IP [2014-02-24]
Suspected Bots IP [2014-02-23]
Suspected Bots IP [2014-02-22]
Suspected Bots IP [2014-02-21]
Suspected Bots IP [2014-02-20]
Suspected Bots IP [2014-02-19]
Suspected Bots IP [2014-02-18]
Suspected Bots IP [2014-02-17]
Suspected Bots IP [2014-02-16]
Suspected Bots IP [2014-02-15]
Suspected Bots IP [2014-02-14]
Suspected Bots IP [2014-02-13]
Suspected Bots IP [2014-02-12]
Suspected Bots IP [2014-02-11]
Suspected Bots IP [2014-02-10]
Suspected Bots IP [2014-02-09]
Suspected Bots IP [2014-02-08]
Suspected Bots IP [2014-02-07]
Suspected Bots IP [2014-02-06]
Suspected Bots IP [2014-02-05]
Suspected Bots IP [2014-02-04]
Suspected Bots IP [2014-02-03]
Suspected Bots IP [2014-02-02]
Suspected Bots IP [2014-02-01]

Suspected Bot List [2014-02-11]

detection period: 2014-02-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 111

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.114.250China
CN150.255.119.178China
CN150.255.243.188China
GB193.164.207.16United Kingdom
IN180.151.38.242India
IN202.62.67.250India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
LB213.175.188.158Lebanon
MO60.246.150.71Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-11]

detection period: 2014-02-11 00:00-23:59 UTC
total number of suspected botnet IPs: 3415
number of botnet IPs notified to network operators: 3304
number of spam blocked: 39356
recipient count of spam blocked: 1367376

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET332
2UNICOM-SD216
3CRTC184
4CHINANET-GD162
5CHINANET-JS141
6UNICOM-HA115
7UNICOM-LN106
8UNICOM-HE104
9UNICOM-HL99
10HINET-NET87

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2767
2Taiwan108
3United States53
4Italy31
5Brazil28
6Russian Federation27
7Indonesia27
8Israel22
9India20
10Poland19

Tuesday, February 11, 2014

Suspected Bot List [2014-02-10]

detection period: 2014-02-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 49

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.116.78China
CN150.255.170.39China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
LB213.175.188.158Lebanon
MO60.246.147.209Macau
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU193.107.17.55Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-10]

detection period: 2014-02-10 00:00-23:59 UTC
total number of suspected botnet IPs: 6634
number of botnet IPs notified to network operators: 6585
number of spam blocked: 119162
recipient count of spam blocked: 2954768

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET667
2UNICOM-SD447
3CHINANET-JS400
4CRTC377
5CHINANET-GD273
6UNICOM-HA272
7UNICOM-HE244
8UNICOM-LN210
9UNICOM-HL182
10CTTNET171

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China6218
2Taiwan158
3United States26
4Indonesia24
5Brazil24
6Russian Federation18
7South Korea8
8Iran8
9France8
10India7

Monday, February 10, 2014

Suspected Bot List [2014-02-09]

detection period: 2014-02-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 41

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CN150.255.189.113China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN202.62.67.250India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU193.107.17.55Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.193.157.62United States
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-09]

detection period: 2014-02-09 00:00-23:59 UTC
total number of suspected botnet IPs: 2699
number of botnet IPs notified to network operators: 2658
number of spam blocked: 44849
recipient count of spam blocked: 1499785

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET263
2CRTC189
3UNICOM-SD161
4CHINANET-JS136
5CHINANET-GD134
6UNICOM-HE98
7UNICOM-HA90
8UNICOM-LN88
9HINET-NET82
10CHINANET-FJ64

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China2370
2Taiwan99
3United States28
4Brazil23
5Indonesia19
6Russian Federation16
7Iran9
8India9
9South Korea8
10Hong Kong8

Sunday, February 9, 2014

Suspected Bot List [2014-02-08]

detection period: 2014-02-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 45

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BO190.129.12.162Bolivia
GB193.164.207.16United Kingdom
IN117.240.239.120India
IN180.151.38.242India
IN182.72.57.212India
IN202.62.67.250India
IR91.98.117.28Iran
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ176.98.192.143Kazakhstan
LB213.175.188.158Lebanon
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW119.77.215.133Taiwan
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-08]

detection period: 2014-02-08 00:00-23:59 UTC
total number of suspected botnet IPs: 2289
number of botnet IPs notified to network operators: 2244
number of spam blocked: 38734
recipient count of spam blocked: 1191668

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET224
2CRTC129
3CHINANET-JS126
4UNICOM-SD119
5CHINANET-GD114
6UNICOM-LN79
7UNICOM-HE73
8HINET-NET71
9UNICOM-HA70
10UNICOM-HL61

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1956
2Taiwan93
3United States22
4Brazil22
5Indonesia16
6Russian Federation14
7South Korea10
8Turkey9
9Italy9
10Ukraine8

Saturday, February 8, 2014

Suspected Bot List [2014-02-07]

detection period: 2014-02-07 00:00-23:59 UTC
number of suspected bots' IPs listed here: 79

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
GB193.164.207.16United Kingdom
IN117.240.239.120India
IR94.182.248.19Iran
IT95.227.34.226Italy
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-07]

detection period: 2014-02-07 00:00-23:59 UTC
total number of suspected botnet IPs: 2060
number of botnet IPs notified to network operators: 1981
number of spam blocked: 48300
recipient count of spam blocked: 1121740

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET188
2CHINANET-JS122
3UNICOM-SD105
4CHINANET-GD104
5CRTC97
6UNICOM-LN71
7CHINANET-FJ71
8UNICOM-HE67
9HINET-NET67
10UNICOM-HA64

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China1697
2Taiwan86
3United States37
4Brazil20
5South Korea18
6India16
7Indonesia11
8Russian Federation10
9France10
10Peru8

Friday, February 7, 2014

Suspected Bot List [2014-02-06]

detection period: 2014-02-06 00:00-23:59 UTC
number of suspected bots' IPs listed here: 189

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BO190.129.12.162Bolivia
GB193.164.207.16United Kingdom
IN117.239.29.114India
IN117.240.239.120India
IR94.182.248.19Iran
IT95.227.34.226Italy
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW115.165.232.28Taiwan
TW211.76.88.176Taiwan
UA195.66.204.70Ukraine
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-06]

detection period: 2014-02-06 00:00-23:59 UTC
total number of suspected botnet IPs: 3865
number of botnet IPs notified to network operators: 3691
number of spam blocked: 61455
recipient count of spam blocked: 1566952

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET402
2UNICOM-SD261
3CHINANET-JS175
4CRTC154
5CHINANET-GD142
6UNICOM-HA124
7UNICOM-HE122
8UNICOM-LN120
9UNICOM-HL104
10CHINANET-HB96

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China3171
2Taiwan118
3United States55
4France51
5Italy31
6Brazil30
7India26
8United Kingdom24
9Peru22
10Spain19

Thursday, February 6, 2014

Suspected Bot List [2014-02-05]

detection period: 2014-02-05 00:00-23:59 UTC
number of suspected bots' IPs listed here: 134

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BO190.129.12.162Bolivia
CA184.107.208.122Canada
CN150.255.112.26China
GB193.164.207.16United Kingdom
IN117.240.239.120India
IR94.182.248.19Iran
IT95.227.34.226Italy
MX187.174.173.18Mexico
MX189.204.49.66Mexico
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
US50.201.42.106United States
US74.222.3.249United States
VE190.39.82.232Venezuela

List from greylisting:

Botnet Statistics [2014-02-05]

detection period: 2014-02-05 00:00-23:59 UTC
total number of suspected botnet IPs: 6151
number of botnet IPs notified to network operators: 6017
number of spam blocked: 64986
recipient count of spam blocked: 1776529

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CMNET592
2UNICOM-SD447
3CHINANET-JS314
4CRTC272
5UNICOM-HE247
6CHINANET-GD231
7UNICOM-HA224
8UNICOM-LN208
9UNICOM-JL170
10UNICOM-HL164

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China5372
2Taiwan206
3India41
4United States36
5Singapore29
6Russian Federation28
7Indonesia27
8Italy26
9Kazakhstan24
10Brazil24

Wednesday, February 5, 2014

Suspected Bot List [2014-02-04]

detection period: 2014-02-04 00:00-23:59 UTC
number of suspected bots' IPs listed here: 169

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR200.63.164.22Argentina
BG93.183.155.80Bulgaria
BO190.129.12.162Bolivia
CA184.107.208.122Canada
CN150.255.11.31China
GB193.164.207.16United Kingdom
HN190.107.140.76Honduras
IN117.239.29.114India
IN117.240.239.120India
IR94.182.248.19Iran
IT95.227.34.226Italy
KZ176.98.192.143Kazakhstan
MX187.174.173.18Mexico
MX189.204.49.66Mexico
RU193.107.17.55Russian Federation
SA94.77.199.148Saudi Arabia
SK93.184.71.66Slovakia
TW119.77.133.98Taiwan
TW119.77.146.239Taiwan
US50.201.42.106United States
US74.222.3.249United States

List from greylisting: