Custom Search

Wednesday, April 30, 2014

Suspected Bot List [2014-04-29]

detection period: 2014-04-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 93

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL80.78.77.34Albania
AZ62.217.139.35Azerbaijan
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
HN190.107.140.77Honduras
IN59.90.160.247India
IN59.92.102.224India
IN59.93.198.82India
IN59.94.66.57India
IN111.93.9.67India
IN115.69.255.74India
IN117.239.241.147India
IN117.242.109.150India
IN117.242.141.254India
IN122.160.239.46India
IN182.72.57.212India
IN202.62.67.250India
IN202.134.157.40India
IN210.212.97.139India
IN223.188.68.3India
IR91.99.103.172Iran
IT95.234.249.153Italy
KE41.72.201.198Kenya
MW105.234.255.2Malawi
MX189.205.184.161Mexico
PE200.110.35.150Peru
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RS188.2.93.77Serbia
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
TZ196.43.90.8Tanzania
US50.201.42.106United States
US66.214.186.192United States
US96.44.172.108United States
US174.140.165.72United States
US205.209.136.109United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-29]

detection period: 2014-04-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1238
number of botnet IPs notified to network operators: 1145
number of spam blocked: 48251
recipient count of spam blocked: 1575688

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD253
2CRTC131
3UNICOM-GD36
4CHINANET-FJ35
5UNICOM25
6VNPT-VNNIC-VN21
7UNICOM-HN21
8KORNET-KR13
9CHINANET-JS12
10CMNET11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China663
2United States74
3Russian Federation52
4Viet Nam36
5India35
6Indonesia31
7Brazil27
8South Korea23
9Ukraine19
10United Kingdom16

Tuesday, April 29, 2014

Suspected Bot List [2014-04-28]

detection period: 2014-04-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 57

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AZ62.217.139.35Azerbaijan
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO186.120.97.26Dominican Republic
EG41.33.169.36Egypt
HN190.107.140.77Honduras
IN111.93.9.67India
IN117.239.241.147India
IN122.160.239.46India
IN203.90.114.228India
IN210.212.97.139India
IN223.188.68.3India
IR91.99.103.172Iran
IT95.234.249.153Italy
PE200.110.35.150Peru
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
SA94.77.199.148Saudi Arabia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
UA91.210.150.205Ukraine
US50.201.42.106United States
US66.214.186.192United States
US96.44.172.108United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-28]

detection period: 2014-04-28 00:00-23:59 UTC
total number of suspected botnet IPs: 988
number of botnet IPs notified to network operators: 932
number of spam blocked: 46553
recipient count of spam blocked: 1553079

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD183
2CRTC127
3CHINANET-FJ36
4UNICOM32
5UNICOM-GD28
6CHINANET-JS20
7UNICOM-HN15
8CMNET9
9CHINANET-SH9
10KORNET-KR8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China583
2United States46
3Russian Federation44
4Brazil37
5Indonesia29
6South Korea20
7Italy20
8Taiwan14
9United Kingdom14
10Ukraine12

Monday, April 28, 2014

Suspected Bot List [2014-04-27]

detection period: 2014-04-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AZ62.217.139.35Azerbaijan
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
EG41.33.169.36Egypt
IN111.93.9.67India
IN122.160.239.46India
IN202.62.67.250India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.188.68.3India
IR91.98.36.84Iran
IR91.99.103.172Iran
IT95.234.249.153Italy
NL5.255.87.209Netherlands
PE200.110.35.150Peru
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RS188.2.93.77Serbia
RU95.188.96.167Russian Federation
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US96.44.172.108United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-27]

detection period: 2014-04-27 00:00-23:59 UTC
total number of suspected botnet IPs: 628
number of botnet IPs notified to network operators: 594
number of spam blocked: 44186
recipient count of spam blocked: 1466754

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD104
2CRTC55
3CHINANET-FJ28
4CHINANET-JS18
5UNICOM-GD14
6CMNET8
7CHINANET-AH8
8UNICOM-HA5
9HICHINA5
10CHINANET-ZJ5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China349
2Russian Federation36
3United States29
4Indonesia24
5Brazil23
6Ukraine14
7Germany12
8India11
9Hong Kong11
10South Korea10

Sunday, April 27, 2014

Suspected Bot List [2014-04-26]

detection period: 2014-04-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 53

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR168.226.141.203Argentina
AZ62.217.139.35Azerbaijan
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
HN190.107.140.77Honduras
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN122.160.239.46India
IN202.62.67.250India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.188.68.3India
IT95.234.249.153Italy
MX200.92.120.54Mexico
MX201.158.203.50Mexico
PE200.110.35.150Peru
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
SK178.41.32.157Slovakia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US96.44.172.108United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-26]

detection period: 2014-04-26 00:00-23:59 UTC
total number of suspected botnet IPs: 883
number of botnet IPs notified to network operators: 832
number of spam blocked: 47303
recipient count of spam blocked: 1559962

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CRTC149
2CHINANET-GD144
3UNICOM-GD44
4CHINANET-FJ40
5CHINANET-JS19
6CHINANET-AH10
7CMNET9
8CHINANET-SH8
9HICHINA7
10HINET-NET6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China539
2Russian Federation44
3United States37
4Brazil29
5Indonesia22
6South Korea16
7Ukraine15
8Hong Kong13
9Taiwan12
10Germany12

Saturday, April 26, 2014

Suspected Bot List [2014-04-25]

detection period: 2014-04-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 303

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR168.226.141.203Argentina
AR186.182.114.204Argentina
AZ62.217.139.35Azerbaijan
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
HN190.107.140.77Honduras
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN59.99.169.63India
IN111.93.9.67India
IN117.239.241.147India
IN117.242.109.1India
IN117.247.179.199India
IN117.254.125.37India
IN117.254.244.28India
IN122.160.239.46India
IN182.72.57.212India
IN202.62.67.250India
IN202.134.157.16India
IN203.90.114.228India
IN210.212.97.139India
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX200.92.120.54Mexico
MX201.158.203.50Mexico
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
SK178.41.32.157Slovakia
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US66.240.236.121United States
US96.44.172.108United States
US174.140.165.72United States
US184.82.236.67United States
US209.58.205.18United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-25]

detection period: 2014-04-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1512
number of botnet IPs notified to network operators: 1211
number of spam blocked: 48723
recipient count of spam blocked: 1585737

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD214
2CRTC145
3UNICOM-GD71
4VNPT-VNNIC-VN56
5CHINANET-FJ46
6IP2000-ADSL-BAS25
7CHINANET-JS23
8VIETEL-VNNIC-VN20
9FPT-VN16
10CMNET14

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China662
2Viet Nam110
3United States99
4India66
5France66
6Russian Federation42
7United Kingdom38
8Indonesia32
9Brazil29
10Hong Kong26

Friday, April 25, 2014

Suspected Bot List [2014-04-24]

detection period: 2014-04-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 147

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL80.78.75.134Albania
AR186.182.114.204Argentina
AR200.63.164.22Argentina
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CO190.90.2.30Colombia
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
HN190.107.140.77Honduras
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN59.93.26.31India
IN111.93.9.67India
IN117.242.133.4India
IN122.160.239.46India
IN182.72.57.212India
IN202.62.67.250India
IN203.76.176.224India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IT95.234.249.153Italy
KE41.72.201.198Kenya
MX189.205.184.161Mexico
MX200.92.120.54Mexico
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US66.240.236.121United States
US96.44.172.108United States
US209.58.205.18United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-24]

detection period: 2014-04-24 00:00-23:59 UTC
total number of suspected botnet IPs: 1294
number of botnet IPs notified to network operators: 1150
number of spam blocked: 49649
recipient count of spam blocked: 1623774

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD249
2CRTC134
3CHINANET-FJ63
4UNICOM-GD55
5CHINANET-JS40
6CMNET11
7CHINANET-SH10
8CHINANET-SC9
9CHINANET-AH9
10VNPT-VNNIC-VN8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China713
2United States94
3Russian Federation47
4Brazil36
5Indonesia27
6India26
7Ukraine24
8United Kingdom21
9France17
10Italy16

Thursday, April 24, 2014

Suspected Bot List [2014-04-23]

detection period: 2014-04-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 97

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AL80.78.75.134Albania
AR186.182.114.204Argentina
CO190.60.39.186Colombia
CU200.55.159.65Cuba
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
GB217.199.167.205United Kingdom
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN111.93.9.67India
IN117.239.241.147India
IN122.160.239.46India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SA213.230.19.136Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US66.240.236.121United States
US96.44.172.108United States
US204.44.100.185United States
US209.58.205.18United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-23]

detection period: 2014-04-23 00:00-23:59 UTC
total number of suspected botnet IPs: 1132
number of botnet IPs notified to network operators: 1039
number of spam blocked: 49704
recipient count of spam blocked: 1622770

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD164
2CRTC158
3CHINANET-FJ53
4CHINANET-JS36
5UNICOM-GD22
6HINET-NET20
7CMNET16
8HICHINA9
9CHINANET-SH8
10UNICOM-SD7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China601
2United States57
3Russian Federation47
4Brazil32
5Taiwan31
6Indonesia24
7India22
8Ukraine20
9Turkey15
10Poland14

Wednesday, April 23, 2014

Suspected Bot List [2014-04-22]

detection period: 2014-04-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 62

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
EG41.33.169.36Egypt
GB217.199.167.205United Kingdom
HN190.107.140.77Honduras
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN111.93.9.67India
IN117.239.241.147India
IN122.160.239.46India
IN202.62.67.250India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SA213.230.19.136Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US66.240.236.121United States
US96.44.172.108United States
US204.44.100.185United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-22]

detection period: 2014-04-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1037
number of botnet IPs notified to network operators: 977
number of spam blocked: 39522
recipient count of spam blocked: 1273892

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD175
2CRTC134
3CHINANET-JS51
4UNICOM-HN49
5CHINANET-FJ43
6UNICOM35
7UNICOM-GD18
8CHINANET-SH13
9CMNET10
10CHINANET-AH8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China679
2United States48
3Russian Federation42
4Brazil28
5Indonesia24
6India16
7Ukraine15
8South Korea15
9United Kingdom12
10Taiwan10

Tuesday, April 22, 2014

Suspected Bot List [2014-04-21]

detection period: 2014-04-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 58

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
EG41.33.169.36Egypt
GB217.199.167.205United Kingdom
HN190.107.140.77Honduras
HN200.107.120.82Honduras
HN200.107.121.197Honduras
IN111.93.9.67India
IN122.160.239.46India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX200.92.120.54Mexico
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RU95.188.96.167Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US96.44.172.108United States
US204.44.100.185United States
US209.58.205.18United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-21]

detection period: 2014-04-21 00:00-23:59 UTC
total number of suspected botnet IPs: 964
number of botnet IPs notified to network operators: 908
number of spam blocked: 43194
recipient count of spam blocked: 1422705

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD196
2CRTC116
3UNICOM-HN53
4UNICOM39
5CHINANET-JS32
6CHINANET-FJ28
7UNICOM-GD16
8UNICOM-BJ8
9CHINANET-AH8
10HICHINA7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China637
2United States44
3Russian Federation38
4Indonesia27
5Brazil27
6South Korea16
7Ukraine13
8Taiwan9
9United Kingdom9
10Colombia9

Monday, April 21, 2014

Suspected Bot List [2014-04-20]

detection period: 2014-04-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 51

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
DO190.122.102.42Dominican Republic
EC186.42.225.189Ecuador
GB217.199.167.205United Kingdom
HN190.107.140.77Honduras
IN111.93.9.67India
IN117.247.241.27India
IN203.88.131.106India
IN203.90.114.228India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PK121.52.159.236Pakistan
PL95.160.217.65Poland
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US96.44.172.108United States
US192.161.172.105United States
US204.44.100.185United States
US209.58.205.18United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-20]

detection period: 2014-04-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1025
number of botnet IPs notified to network operators: 974
number of spam blocked: 49018
recipient count of spam blocked: 1608834

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CRTC162
2CHINANET-GD121
3CHINANET-HB105
4UNICOM-HB42
5CHINANET-FJ36
6CHINANET-JS25
7UNICOM-GD18
8CTTNET12
9CHINANET-SH8
10CHINANET-AH7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China661
2United States55
3Russian Federation41
4Brazil29
5Indonesia28
6United Kingdom15
7Ukraine14
8South Korea14
9Thailand9
10Poland9

Sunday, April 20, 2014

Suspected Bot List [2014-04-19]

detection period: 2014-04-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 64

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
EC186.42.225.189Ecuador
EG41.33.169.36Egypt
GB217.199.167.205United Kingdom
HN190.107.140.77Honduras
IN111.93.9.67India
IN117.247.241.27India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RS188.2.93.77Serbia
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US96.44.172.108United States
US192.161.172.105United States
US204.44.100.185United States
US209.58.205.18United States
VE190.202.116.101Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-19]

detection period: 2014-04-19 00:00-23:59 UTC
total number of suspected botnet IPs: 1109
number of botnet IPs notified to network operators: 1047
number of spam blocked: 40729
recipient count of spam blocked: 1277730

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CRTC148
2CHINANET-GD121
3CHINANET-HB96
4UNICOM-HB50
5UNICOM-HN47
6UNICOM38
7CHINANET-FJ27
8UNICOM-GD24
9CHINANET-JS21
10CTTNET7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China709
2United States62
3Russian Federation38
4Brazil38
5Indonesia24
6Italy19
7Ukraine16
8South Korea16
9Turkey15
10India15

Saturday, April 19, 2014

Suspected Bot List [2014-04-18]

detection period: 2014-04-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 60

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR168.226.141.203Argentina
BD103.244.21.70Bangladesh
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
EC186.42.225.189Ecuador
EG41.33.169.36Egypt
GB217.199.167.205United Kingdom
GT200.6.227.75Guatemala
IN111.93.9.67India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PK121.52.159.236Pakistan
PL95.160.217.65Poland
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US209.58.205.18United States
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-18]

detection period: 2014-04-18 00:00-23:59 UTC
total number of suspected botnet IPs: 1001
number of botnet IPs notified to network operators: 943
number of spam blocked: 43382
recipient count of spam blocked: 1393207

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD136
2CRTC134
3CHINANET-HB84
4UNICOM-HB46
5CHINANET-FJ28
6CHINANET-JS23
7UNICOM-GD16
8CMNET10
9CHINANET-ZJ-HZ10
10CHINANET-SH10

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China629
2United States48
3Brazil40
4Russian Federation39
5Indonesia20
6Italy16
7Ukraine15
8Germany12
9Turkey11
10Thailand11

Friday, April 18, 2014

Suspected Bot List [2014-04-17]

detection period: 2014-04-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 120

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR168.226.141.203Argentina
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
EG41.33.169.36Egypt
GT200.6.227.75Guatemala
HN190.107.140.77Honduras
IN111.93.9.67India
IN117.239.241.147India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX201.158.203.50Mexico
PK121.52.159.236Pakistan
PL95.160.217.65Poland
RS188.2.93.77Serbia
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US204.44.100.185United States
US209.58.205.18United States
US50.201.42.106United States
UZ80.80.208.229Uzbekistan
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-17]

detection period: 2014-04-17 00:00-23:59 UTC
total number of suspected botnet IPs: 1229
number of botnet IPs notified to network operators: 1110
number of spam blocked: 49387
recipient count of spam blocked: 1530050

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD138
2CRTC103
3CHINANET-HB60
4UNICOM-HB37
5CHINANET-SH26
6CHINANET-FJ24
7CHINANET-JS23
8VNPT-VNNIC-VN17
9HINET-NET17
10UNICOM-GD16

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China580
2United States95
3Russian Federation48
4India38
5Brazil38
6Viet Nam29
7France28
8Indonesia25
9United Kingdom25
10Taiwan24

Thursday, April 17, 2014

Suspected Bot List [2014-04-16]

detection period: 2014-04-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 60

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
BD103.244.21.70Bangladesh
BO190.129.12.162Bolivia
BO190.129.58.252Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
EC186.42.225.189Ecuador
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN111.93.9.67India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US204.44.100.185United States
US209.58.205.18United States
US50.201.42.106United States
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-16]

detection period: 2014-04-16 00:00-23:59 UTC
total number of suspected botnet IPs: 1014
number of botnet IPs notified to network operators: 955
number of spam blocked: 55363
recipient count of spam blocked: 1775766

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD117
2CRTC105
3CHINANET-FJ37
4CHINANET-JS33
5CHINANET-SH27
6UNICOM-GD14
7CMNET12
8UNICOM-SD9
9HINET-NET9
10VNPT-VNNIC-VN8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China508
2United States52
3Russian Federation43
4Brazil33
5Indonesia26
6United Kingdom22
7Taiwan18
8Ukraine17
9Viet Nam16
10France16

Wednesday, April 16, 2014

Suspected Bot List [2014-04-15]

detection period: 2014-04-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 92

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
BO190.129.12.162Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN111.93.9.67India
IN117.239.241.147India
IN117.239.39.165India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IN27.251.176.178India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.227.34.226Italy
IT95.234.249.153Italy
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PH122.49.217.2Philippines
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RU5.19.221.219Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US204.152.209.109United States
US204.195.104.31United States
US204.44.100.185United States
US209.58.205.18United States
US50.201.42.106United States
US69.64.48.57United States
US97.90.101.77United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-15]

detection period: 2014-04-15 00:00-23:59 UTC
total number of suspected botnet IPs: 1036
number of botnet IPs notified to network operators: 948
number of spam blocked: 58768
recipient count of spam blocked: 1907918

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD134
2CRTC75
3CHINANET-FJ38
4CHINANET-JS31
5CHINANET-SH22
6UNICOM-GD17
7HINET-NET13
8HICHINA12
9VNPT-VNNIC-VN11
10UNICOM-BJ11

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China495
2United States58
3Russian Federation48
4Brazil34
5Ukraine25
6Indonesia25
7India24
8Taiwan22
9Viet Nam19
10Italy18

Tuesday, April 15, 2014

Suspected Bot List [2014-04-14]

detection period: 2014-04-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 55

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
AR190.182.225.42Argentina
BD103.244.21.70Bangladesh
BO190.129.12.162Bolivia
BO190.129.58.252Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
EC186.42.225.189Ecuador
EG41.33.169.36Egypt
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN111.93.9.67India
IN122.160.239.46India
IN202.62.67.250India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IN223.226.28.86India
IN27.251.176.178India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.227.34.226Italy
IT95.234.249.153Italy
IT95.253.67.148Italy
LV46.183.220.29Latvia
MW105.234.255.2Malawi
MX187.240.114.239Mexico
NL93.174.95.82Netherlands
PH122.49.217.2Philippines
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RS188.2.93.77Serbia
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.226.221.155Turkey
TR195.244.39.195Turkey
US204.152.209.109United States
US204.152.209.195United States
US204.195.104.31United States
US204.44.100.185United States
US209.58.205.18United States
US50.201.42.106United States
US69.64.48.57United States
US97.90.101.77United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
VE201.209.187.170Venezuela
ZA165.233.62.202South Africa
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-14]

detection period: 2014-04-14 00:00-23:59 UTC
total number of suspected botnet IPs: 565
number of botnet IPs notified to network operators: 510
number of spam blocked: 56429
recipient count of spam blocked: 1967025

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-JS24
2CHINANET-GD21
3CMNET13
4HICHINA9
5CHINANET-ZJ8
6UNICOM-SD7
7CRTC7
8UNICOM-BJ6
9CHINANET-SH6
10CHINANET-FJ6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China210
2Russian Federation46
3United States34
4Brazil31
5Indonesia25
6Ukraine19
7Taiwan14
8United Kingdom13
9India11
10South Korea10

Suspected Bot List [2014-04-13]

detection period: 2014-04-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 53

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
AR190.182.225.42Argentina
BO190.129.12.162Bolivia
BO190.129.58.252Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
GB78.129.194.61United Kingdom
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN59.90.169.54India
IN111.93.9.67India
IN202.62.67.250India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.227.34.226Italy
IT95.234.249.153Italy
IT95.253.67.148Italy
LV46.183.220.29Latvia
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX201.158.203.50Mexico
NL93.174.95.82Netherlands
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RS188.2.93.77Serbia
RU5.19.221.219Russian Federation
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US69.64.48.57United States
US97.90.101.77United States
US98.126.78.82United States
US204.152.209.109United States
US204.152.209.195United States
US204.195.104.31United States
US209.58.205.18United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
VE201.209.187.170Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-13]

detection period: 2014-04-13 00:00-23:59 UTC
total number of suspected botnet IPs: 796
number of botnet IPs notified to network operators: 743
number of spam blocked: 72876
recipient count of spam blocked: 2187479

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CHINANET-GD108
2CRTC77
3CHINANET-FJ25
4CHINANET-JS23
5CMNET14
6UNICOM-GD13
7CHINANET-SH12
8UNICOM-LN8
9HICHINA8
10CHINANET-ZJ8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China415
2United States47
3Russian Federation46
4Brazil27
5Ukraine24
6Indonesia24
7United Kingdom16
8Taiwan15
9Thailand12
10France12

Sunday, April 13, 2014

Suspected Bot List [2014-04-12]

detection period: 2014-04-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 62

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
AR190.182.225.42Argentina
BD103.244.21.70Bangladesh
BO190.129.12.162Bolivia
BO190.129.58.252Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DO190.122.102.42Dominican Republic
DZ41.191.253.146Algeria
EC186.42.225.189Ecuador
EG41.33.169.36Egypt
GB78.129.194.61United Kingdom
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN111.93.9.67India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.227.34.226Italy
IT95.234.249.153Italy
IT95.253.67.148Italy
LV46.183.220.29Latvia
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX189.205.184.161Mexico
MX201.158.203.50Mexico
PH58.69.100.234Philippines
PK121.52.159.236Pakistan
RS188.2.93.77Serbia
RU5.19.221.219Russian Federation
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US69.64.48.57United States
US97.90.101.77United States
US98.126.78.82United States
US204.152.209.109United States
US204.152.209.195United States
US204.195.104.31United States
US209.58.205.18United States
US209.239.112.104United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
VE201.209.187.170Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting:

Botnet Statistics [2014-04-12]

detection period: 2014-04-12 00:00-23:59 UTC
total number of suspected botnet IPs: 885
number of botnet IPs notified to network operators: 823
number of spam blocked: 50211
recipient count of spam blocked: 1691174

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1CRTC119
2CHINANET-GD119
3CHINANET-FJ41
4CHINANET-JS32
5UNICOM-GD13
6CHINANET-SH12
7CMNET10
8HICHINA9
9UNICOM-LN7
10CHINANET-ZJ7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1China490
2United States45
3Russian Federation40
4Brazil27
5Indonesia26
6Ukraine19
7United Kingdom16
8Taiwan13
9South Korea13
10Thailand12

Saturday, April 12, 2014

Suspected Bots' IP List for April 2014

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

New data will be added here daily. You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2014-04-30]
Suspected Bots IP [2014-04-29]
Suspected Bots IP [2014-04-28]
Suspected Bots IP [2014-04-27]
Suspected Bots IP [2014-04-26]
Suspected Bots IP [2014-04-25]
Suspected Bots IP [2014-04-24]
Suspected Bots IP [2014-04-23]
Suspected Bots IP [2014-04-22]
Suspected Bots IP [2014-04-21]
Suspected Bots IP [2014-04-20]
Suspected Bots IP [2014-04-19]
Suspected Bots IP [2014-04-18]
Suspected Bots IP [2014-04-17]
file for "Suspected Bots IP [2014-04-16]" seems to be corrupted, so nothing for that day.
Suspected Bots IP [2014-04-15]
Suspected Bots IP [2014-04-14]
Suspected Bots IP [2014-04-13]
Suspected Bots IP [2014-04-12]
Suspected Bots IP [2014-04-11]
Suspected Bots IP [2014-04-10]
Suspected Bots IP [2014-04-09]
Suspected Bots IP [2014-04-08]
Suspected Bots IP [2014-04-07]
Suspected Bots IP [2014-04-06]
Suspected Bots IP [2014-04-05]
Suspected Bots IP [2014-04-04]
Suspected Bots IP [2014-04-03]
Suspected Bots IP [2014-04-02]
Suspected Bots IP [2014-04-01]

Suspected Bot List [2014-04-11]

detection period: 2014-04-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 71

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
AR190.17.36.83Argentina
AR190.182.225.42Argentina
BD103.244.21.70Bangladesh
BO190.129.12.162Bolivia
CO190.60.39.186Colombia
CZ80.188.121.251Czech Republic
DZ41.191.253.146Algeria
EC186.42.225.189Ecuador
GB78.129.194.61United Kingdom
HN190.107.140.77Honduras
ID27.131.4.6Indonesia
IN111.93.9.67India
IN122.160.239.46India
IN203.88.131.106India
IN203.90.114.228India
IN210.212.97.139India
IR91.98.36.84Iran
IT85.159.181.210Italy
IT95.227.34.226Italy
IT95.234.249.153Italy
IT95.253.67.148Italy
JP124.38.95.29Japan
LV46.183.220.29Latvia
MW105.234.255.2Malawi
MX187.240.114.239Mexico
MX189.205.184.161Mexico
MX201.158.203.50Mexico
PH58.69.100.234Philippines
PH122.49.217.2Philippines
PH122.52.149.209Philippines
PK121.52.159.236Pakistan
RO109.99.193.186Romania
RS188.2.93.77Serbia
RU95.188.112.11Russian Federation
SA94.77.199.148Saudi Arabia
SG116.251.217.213Singapore
TR193.255.143.62Turkey
TR193.255.143.63Turkey
TR195.244.39.195Turkey
US50.201.42.106United States
US69.64.48.57United States
US97.90.101.77United States
US184.82.162.122United States
US204.152.209.109United States
US204.152.209.195United States
US204.195.104.31United States
US209.58.205.18United States
US209.239.112.104United States
VE186.24.34.179Venezuela
VE190.111.122.3Venezuela
VE190.202.116.101Venezuela
VE201.209.187.170Venezuela
ZW41.220.28.138Zimbabwe

List from greylisting: