Custom Search

Tuesday, March 31, 2015

Suspected Bot List [2015-03-30]

detection period: 2015-03-30 00:00-23:59 UTC
number of suspected bots' IPs listed here: 223

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.162Indonesia
MN203.91.119.146Mongolia
MX200.94.141.149Mexico
PE200.1.183.82Peru
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-30]

detection period: 2015-03-30 00:00-23:59 UTC
total number of suspected botnet IPs: 2651
number of botnet IPs notified to network operators: 2428
number of spam blocked: 206932
recipient count of spam blocked: 6800845

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET982
2UNICOM-GD99
3CHINANET-GD41
4UNICOM-FJ25
5CCCH3-423
6KORNET-KR20
7CHINANET-HN18
8CBC-CM-414
9RIMA13
10CHINANET-JS13

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan993
2China381
3United States379
4France66
5Spain57
6Canada56
7Turkey48
8South Korea47
9United Kingdom46
10Russian Federation44

Monday, March 30, 2015

Suspected Bot List [2015-03-29]

detection period: 2015-03-29 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD180.211.193.190Bangladesh
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
MN203.91.119.146Mongolia
MX200.94.141.149Mexico
PE200.1.183.82Peru
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-29]

detection period: 2015-03-29 00:00-23:59 UTC
total number of suspected botnet IPs: 1637
number of botnet IPs notified to network operators: 1603
number of spam blocked: 206601
recipient count of spam blocked: 6976356

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET984
2UNICOM-GD97
3CHINANET-GD69
4CHINANET-JS20
5CHINANET-HN14
6CHINANET-YN12
7CHINANET-SN12
8UNICOM-BJ9
9CRTC9
10CMNET8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan991
2China407
3United States43
4Russian Federation25
5Brazil13
6Indonesia12
7Viet Nam11
8South Korea11
9Hong Kong11
10Iran6

Sunday, March 29, 2015

Suspected Bot List [2015-03-28]

detection period: 2015-03-28 00:00-23:59 UTC
number of suspected bots' IPs listed here: 60

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN117.218.2.168India
MN203.91.119.146Mongolia
MX200.94.141.149Mexico
PE200.1.183.82Peru
TW180.218.34.245Taiwan
US69.197.156.227United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-28]

detection period: 2015-03-28 00:00-23:59 UTC
total number of suspected botnet IPs: 1836
number of botnet IPs notified to network operators: 1776
number of spam blocked: 205474
recipient count of spam blocked: 6986264

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1023
2CHINANET-GD132
3UNICOM-GD98
4CHINANET-JS30
5CHINANET-HN24
6CHINANET-YN16
7CHINANET-SN13
8UNICOM-BJ9
9CRTC8
10CHINANET-HB8

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1034
2China477
3United States57
4Russian Federation43
5Brazil24
6Viet Nam17
7South Korea16
8Indonesia14
9India13
10Iran8

Saturday, March 28, 2015

Suspected Bot List [2015-03-27]

detection period: 2015-03-27 00:00-23:59 UTC
number of suspected bots' IPs listed here: 307

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
MN203.91.119.146Mongolia
PE200.1.183.82Peru
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-27]

detection period: 2015-03-27 00:00-23:59 UTC
total number of suspected botnet IPs: 3367
number of botnet IPs notified to network operators: 3060
number of spam blocked: 208070
recipient count of spam blocked: 7035442

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1017
2CHINANET-GD149
3UNICOM-GD98
4TurkTelekom82
5TR-TELEKOM-2005102773
6TR-TELEKOM-2004092059
7CCCH3-441
8UNICOM-FJ40
9CHINANET-HN29
10CBC-CM-426

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1024
2United States512
3China478
4Turkey374
5Canada91
6France78
7United Kingdom76
8Spain64
9Russian Federation61
10Mexico42

Friday, March 27, 2015

Suspected Bot List [2015-03-26]

detection period: 2015-03-26 00:00-23:59 UTC
number of suspected bots' IPs listed here: 329

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN202.63.113.11India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-26]

detection period: 2015-03-26 00:00-23:59 UTC
total number of suspected botnet IPs: 3483
number of botnet IPs notified to network operators: 3154
number of spam blocked: 195713
recipient count of spam blocked: 6607949

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET990
2CHINANET-GD158
3UNICOM-GD76
4CCCH3-444
5IP2000-ADSL-BAS35
6TR-TELEKOM-2005102734
7TurkTelekom32
8CBC-CM-430
9UNICOM-FJ28
10RIMA28

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1004
2United States549
3China490
4Turkey139
5France120
6Spain100
7Germany84
8Canada84
9United Kingdom81
10South Korea61

Thursday, March 26, 2015

Suspected Bot List [2015-03-25]

detection period: 2015-03-25 00:00-23:59 UTC
number of suspected bots' IPs listed here: 71

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN202.63.113.11India
LV85.9.201.199Latvia
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-25]

detection period: 2015-03-25 00:00-23:59 UTC
total number of suspected botnet IPs: 1671
number of botnet IPs notified to network operators: 1600
number of spam blocked: 200059
recipient count of spam blocked: 6302975

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1012
2CHINANET-GD59
3UNICOM-FJ24
4UNICOM-GD22
5CHINANET-HN12
6WASU10
7UNICOM-BJ8
8CMNET8
9WASU-BB7
10KORNET-KR6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1025
2China272
3United States87
4Russian Federation32
5Viet Nam17
6South Korea13
7Indonesia12
8Ukraine10
9Italy10
10India10

Wednesday, March 25, 2015

Suspected Bot List [2015-03-24]

detection period: 2015-03-24 00:00-23:59 UTC
number of suspected bots' IPs listed here: 33

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.162Indonesia
IN202.63.113.11India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-24]

detection period: 2015-03-24 00:00-23:59 UTC
total number of suspected botnet IPs: 1589
number of botnet IPs notified to network operators: 1556
number of spam blocked: 202239
recipient count of spam blocked: 6458690

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1051
2CHINANET-GD84
3UNICOM-GD25
4CHINANET-HN25
5UNICOM-FJ15
6WASU11
7CMNET11
8WASU-BB9
9KORNET-KR8
10UNICOM-CN7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1062
2China310
3United States35
4South Korea14
5Brazil14
6Indonesia13
7Viet Nam12
8Russian Federation9
9Hong Kong9
10India8

Tuesday, March 24, 2015

Suspected Bot List [2015-03-23]

detection period: 2015-03-23 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.62Bangladesh
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.162Indonesia
IN117.211.27.10India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PE200.110.35.150Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-23]

detection period: 2015-03-23 00:00-23:59 UTC
total number of suspected botnet IPs: 1526
number of botnet IPs notified to network operators: 1492
number of spam blocked: 199294
recipient count of spam blocked: 6853401

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET968
2CHINANET-GD125
3UNICOM-GD18
4WASU-BB11
5WASU11
6CHINANET-HN10
7UNICOM-FJ9
8CMNET8
9CHINANET-JS8
10KORNET-KR6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan980
2China328
3United States30
4Russian Federation14
5South Korea14
6Indonesia14
7Viet Nam12
8India9
9Hong Kong9
10Brazil8

Monday, March 23, 2015

Suspected Bot List [2015-03-22]

detection period: 2015-03-22 00:00-23:59 UTC
number of suspected bots' IPs listed here: 34

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
IN117.211.27.10India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PE200.110.35.150Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
US69.197.156.227United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-22]

detection period: 2015-03-22 00:00-23:59 UTC
total number of suspected botnet IPs: 1499
number of botnet IPs notified to network operators: 1465
number of spam blocked: 204166
recipient count of spam blocked: 6992447

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET976
2CHINANET-GD117
3UNICOM-GD18
4UNICOM-FJ18
5CHINANET-HN11
6WASU-BB8
7UNICOM-BJ8
8UNICOM-CN7
9CMNET7
10CHINANET-JX7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan983
2China298
3Russian Federation27
4United States23
5Viet Nam17
6South Korea14
7Indonesia13
8Brazil11
9Netherlands7
10Poland6

Sunday, March 22, 2015

Suspected Bot List [2015-03-21]

detection period: 2015-03-21 00:00-23:59 UTC
number of suspected bots' IPs listed here: 36

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
IN117.211.27.10India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PE200.110.35.150Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-21]

detection period: 2015-03-21 00:00-23:59 UTC
total number of suspected botnet IPs: 1513
number of botnet IPs notified to network operators: 1477
number of spam blocked: 210506
recipient count of spam blocked: 7237953

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1003
2CHINANET-GD123
3UNICOM-FJ22
4UNICOM-GD15
5KORNET-KR10
6CHINANET-JX7
7UNICOM-SD6
8UNICOM-CN6
9CHINANET-JS6
10CHINANET-HN6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1012
2China278
3United States33
4South Korea17
5Russian Federation15
6Indonesia13
7Brazil12
8India11
9Viet Nam10
10Hong Kong9

Saturday, March 21, 2015

Suspected Bot List [2015-03-20]

detection period: 2015-03-20 00:00-23:59 UTC
number of suspected bots' IPs listed here: 66

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.163Indonesia
IN117.211.27.10India
IN202.63.113.11India
IN202.63.113.12India
LV85.9.201.199Latvia
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PE200.110.35.150Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TR178.20.225.190Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-20]

detection period: 2015-03-20 00:00-23:59 UTC
total number of suspected botnet IPs: 1893
number of botnet IPs notified to network operators: 1827
number of spam blocked: 207180
recipient count of spam blocked: 7047765

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1098
2CHINANET-GD161
3UNICOM-FJ73
4VNPT-VNNIC-VN36
5UNICOM-GD17
6UNICOM-CN17
7KORNET-KR15
8CHINANET-JX15
9CHINANET-HN11
10VIETEL-VNNIC-VN9

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1113
2China412
3Viet Nam62
4United States37
5Russian Federation30
6South Korea24
7India19
8Brazil14
9Indonesia13
10Turkey12

Friday, March 20, 2015

Suspected Bot List [2015-03-19]

detection period: 2015-03-19 00:00-23:59 UTC
number of suspected bots' IPs listed here: 83

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
ID203.201.172.163Indonesia
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TR178.20.225.190Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-19]

detection period: 2015-03-19 00:00-23:59 UTC
total number of suspected botnet IPs: 1668
number of botnet IPs notified to network operators: 1585
number of spam blocked: 199539
recipient count of spam blocked: 6941436

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET912
2CHINANET-GD144
3UNICOM-FJ25
4WASU19
5UNICOM-GD10
6CHINANET-HN10
7TurkTelekom8
8IP2000-ADSL-BAS8
9CBC-CM-48
10SALAY-TELEKOM7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan923
2China328
3United States124
4Turkey31
5France26
6Indonesia19
7Canada16
8Italy14
9Russian Federation13
10Germany12

Thursday, March 19, 2015

Suspected Bot List [2015-03-18]

detection period: 2015-03-18 00:00-23:59 UTC
number of suspected bots' IPs listed here: 64

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN117.218.2.168India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TR178.20.225.190Turkey
TW180.218.34.245Taiwan
US66.240.236.121United States
US69.197.156.227United States
US96.35.58.176United States
US208.73.200.126United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-18]

detection period: 2015-03-18 00:00-23:59 UTC
total number of suspected botnet IPs: 1560
number of botnet IPs notified to network operators: 1496
number of spam blocked: 185946
recipient count of spam blocked: 6548170

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET869
2CHINANET-GD125
3UNICOM-FJ62
4UNICOM-GD15
5VNPT-VNNIC-VN12
6KORNET-KR9
7CHINANET-JS9
8CHINANET-HN9
9CHINANET-JX8
10WASU7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan882
2China340
3United States35
4Russian Federation33
5Viet Nam25
6South Korea18
7Indonesia17
8India12
9Brazil12
10Iran11

Wednesday, March 18, 2015

Suspected Bot List [2015-03-17]

detection period: 2015-03-17 00:00-23:59 UTC
number of suspected bots' IPs listed here: 251

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
IN117.218.2.168India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TR178.20.225.190Turkey
TW180.218.34.245Taiwan
US66.240.236.121United States
US69.197.156.227United States
US96.35.58.176United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-17]

detection period: 2015-03-17 00:00-23:59 UTC
total number of suspected botnet IPs: 2652
number of botnet IPs notified to network operators: 2401
number of spam blocked: 189566
recipient count of spam blocked: 6716020

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET859
2CHINANET-GD212
3CCCH3-432
4CBC-CM-427
5IP2000-ADSL-BAS24
6UNICOM-GD23
7UNICOM-FJ22
8ATT19
9RIMA18
10NETBLK-CHARTER-NET18

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan870
2United States564
3China387
4France82
5Canada78
6Turkey75
7Mexico52
8Spain46
9United Kingdom42
10Germany24

Tuesday, March 17, 2015

Suspected Bot List [2015-03-16]

detection period: 2015-03-16 00:00-23:59 UTC
number of suspected bots' IPs listed here: 55

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
IN121.247.68.156India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TR178.20.225.190Turkey
TW180.218.34.245Taiwan
US66.240.236.121United States
US69.197.156.227United States
US96.35.58.176United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-16]

detection period: 2015-03-16 00:00-23:59 UTC
total number of suspected botnet IPs: 1451
number of botnet IPs notified to network operators: 1396
number of spam blocked: 194189
recipient count of spam blocked: 6829770

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET805
2CHINANET-GD236
3UNICOM-GD14
4CHINANET-HN14
5VNPT-VNNIC-VN8
6SALAY-TELEKOM7
7UNICOM-BJ6
8CHINANET-SH6
9CHINANET-JS6
10shinenet4

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan815
2China361
3United States34
4Viet Nam17
5Russian Federation15
6Turkey13
7Iran13
8Indonesia13
9India11
10Hong Kong10

Monday, March 16, 2015

Suspected Bot List [2015-03-15]

detection period: 2015-03-15 00:00-23:59 UTC
number of suspected bots' IPs listed here: 64

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.162Indonesia
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States

List from greylisting:

Botnet Statistics [2015-03-15]

detection period: 2015-03-15 00:00-23:59 UTC
total number of suspected botnet IPs: 1563
number of botnet IPs notified to network operators: 1499
number of spam blocked: 189124
recipient count of spam blocked: 6687879

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET861
2CHINANET-GD211
3UNICOM-GD18
4VNPT-VNNIC-VN7
5ZJU-CN6
6TELKOMNET6
7SALAY-TELEKOM6
8CHINANET-JS6
9WEBSTREAM5
10UNICOM-SD5

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan872
2China325
3Russian Federation62
4United States36
5Indonesia22
6Viet Nam17
7Iran15
8India14
9Turkey12
10South Korea12

Sunday, March 15, 2015

Suspected Bot List [2015-03-14]

detection period: 2015-03-14 00:00-23:59 UTC
number of suspected bots' IPs listed here: 39

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN121.247.68.156India
IN202.63.113.11India
IN202.63.113.12India
IR212.33.219.121Iran
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TW180.218.34.245Taiwan
US69.197.156.227United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-14]

detection period: 2015-03-14 00:00-23:59 UTC
total number of suspected botnet IPs: 1312
number of botnet IPs notified to network operators: 1273
number of spam blocked: 159412
recipient count of spam blocked: 5593085

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET851
2CHINANET-GD118
3UNICOM-GD19
4CMNET8
5SALAY-TELEKOM6
6CHINANET-JS6
7KORNET-KR5
8HINET-TW4
9ALISOFT4
10YITAIFENG3

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan860
2China225
3United States33
4Indonesia17
5Russian Federation14
6Viet Nam13
7Ukraine13
8South Korea13
9Hong Kong13
10Turkey10

Saturday, March 14, 2015

Suspected Bot List [2015-03-13]

detection period: 2015-03-13 00:00-23:59 UTC
number of suspected bots' IPs listed here: 246

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID203.201.172.162Indonesia
IN117.218.50.134India
IN121.247.68.156India
IN202.63.113.11India
IN202.63.113.12India
IR212.33.219.121Iran
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TR178.20.225.181Turkey
TR178.20.225.182Turkey
TR178.20.225.183Turkey
TR178.20.225.186Turkey
TR178.20.225.187Turkey
TR178.20.225.189Turkey
TW180.218.34.245Taiwan
US69.197.156.226United States
US69.197.156.227United States
US96.35.58.176United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-13]

detection period: 2015-03-13 00:00-23:59 UTC
total number of suspected botnet IPs: 2275
number of botnet IPs notified to network operators: 2029
number of spam blocked: 146130
recipient count of spam blocked: 5110296

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET876
2VNPT-VNNIC-VN79
3CHINANET-GD64
4VIETEL-VNNIC-VN28
5KORNET-KR23
6CBC-CM-419
7UNICOM-GD15
8AR-TEAR7-LACNIC15
9FPT-VN14
10CCCH3-414

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan893
2United States258
3China189
4Viet Nam164
5India48
6Spain48
7Italy47
8South Korea45
9Turkey38
10Brazil37

Friday, March 13, 2015

Suspected Bot List [2015-03-12]

detection period: 2015-03-12 00:00-23:59 UTC
number of suspected bots' IPs listed here: 255

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN117.218.50.134India
IN202.63.113.11India
IN202.63.113.12India
IR212.33.219.121Iran
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.226United States
US96.35.58.176United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-12]

detection period: 2015-03-12 00:00-23:59 UTC
total number of suspected botnet IPs: 2976
number of botnet IPs notified to network operators: 2721
number of spam blocked: 155001
recipient count of spam blocked: 5340334

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET920
2CHINANET-GD89
3UNICOM-FJ46
4CCCH3-437
5TurkTelekom30
6CBC-CM-427
7NETBLK-CHARTER-NET23
8ATT22
9TR-TELEKOM-2004092020
10KORNET-KR19

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan929
2United States477
3China296
4Turkey118
5France104
6Spain85
7United Kingdom69
8Romania67
9Canada57
10Russian Federation55

Thursday, March 12, 2015

Suspected Bots' IP List for March 2015

To encourage cyber security information sharing (as some form of open data) while still giving victims enough time to clean up their computers, the IP list of suspected infected computers will be released here (as shown below) 10 days after its respective botnet statistics gets published.

New data will be added here daily. You are free to use them to create more effective defenses, discover latest trends in cyber attacks, etc.

Suspected Bots IP [2015-03-31]
Suspected Bots IP [2015-03-30]
Suspected Bots IP [2015-03-29]
Suspected Bots IP [2015-03-28]
Suspected Bots IP [2015-03-27]
Suspected Bots IP [2015-03-26]
Suspected Bots IP [2015-03-25]
Suspected Bots IP [2015-03-24]
Suspected Bots IP [2015-03-23]
Suspected Bots IP [2015-03-22]
Suspected Bots IP [2015-03-21]
Suspected Bots IP [2015-03-20]
Suspected Bots IP [2015-03-19]
Suspected Bots IP [2015-03-18]
Suspected Bots IP [2015-03-17]
Suspected Bots IP [2015-03-16]
Suspected Bots IP [2015-03-15]
Suspected Bots IP [2015-03-13]
Suspected Bots IP [2015-03-12]
Suspected Bots IP [2015-03-11]
Suspected Bots IP [2015-03-10]
Suspected Bots IP [2015-03-09]
Suspected Bots IP [2015-03-08]
Suspected Bots IP [2015-03-07]
Suspected Bots IP [2015-03-06]
Suspected Bots IP [2015-03-05]
Suspected Bots IP [2015-03-04]
Suspected Bots IP [2015-03-03]
Suspected Bots IP [2015-03-02]
Suspected Bots IP [2015-03-01]

Suspected Bot List [2015-03-11]

detection period: 2015-03-11 00:00-23:59 UTC
number of suspected bots' IPs listed here: 537

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.86Ecuador
EC201.219.60.118Ecuador
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
IN121.247.68.156India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.226United States
US96.35.58.176United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-11]

detection period: 2015-03-11 00:00-23:59 UTC
total number of suspected botnet IPs: 3746
number of botnet IPs notified to network operators: 3209
number of spam blocked: 154487
recipient count of spam blocked: 5324806

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET984
2CCCH3-453
3CHINANET-GD52
4CBC-CM-443
5KORNET-KR37
6TurkTelekom35
7NETBLK-CHARTER-NET32
8SINGNET-SG28
9UNICOM-FJ27
10VIS-BLOCK24

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1001
2United States772
3China250
4Turkey131
5France130
6Spain119
7Canada103
8Romania100
9United Kingdom98
10South Korea84

Wednesday, March 11, 2015

Suspected Bot List [2015-03-10]

detection period: 2015-03-10 00:00-23:59 UTC
number of suspected bots' IPs listed here: 48

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.118Ecuador
ID119.252.166.100Indonesia
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID203.201.172.162Indonesia
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PE200.1.183.82Peru
PK103.4.92.88Pakistan
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US23.91.19.149United States
US23.91.19.153United States
US23.91.19.154United States
US69.197.156.226United States
US198.13.107.10United States
US198.13.110.221United States
US198.13.110.222United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-10]

detection period: 2015-03-10 00:00-23:59 UTC
total number of suspected botnet IPs: 1284
number of botnet IPs notified to network operators: 1236
number of spam blocked: 118124
recipient count of spam blocked: 4106818

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET807
2CHINANET-GD37
3UNICOM-FJ12
4UNICOM-BJ12
5ZJU-CN8
6UNICOM-GD8
7YITAIFENG7
8CHINANET-HN7
9CERNET-CN7
10PSYCHZ-NETWORKS6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan818
2China197
3United States47
4Russian Federation21
5Indonesia17
6Viet Nam15
7India12
8Brazil11
9Hong Kong10
10South Korea9

Tuesday, March 10, 2015

Suspected Bot List [2015-03-09]

detection period: 2015-03-09 00:00-23:59 UTC
number of suspected bots' IPs listed here: 65

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.118Ecuador
ID103.16.115.14Indonesia
ID118.97.175.114Indonesia
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID202.150.139.134Indonesia
ID202.150.157.34Indonesia
ID222.124.202.195Indonesia
IN117.211.27.12India
IN117.218.50.134India
IN125.21.245.146India
IN202.63.113.11India
IN202.63.113.12India
MN203.91.119.146Mongolia
PK103.4.92.88Pakistan
PL95.160.218.204Poland
TR88.247.164.136Turkey
TR88.250.69.146Turkey
TW180.218.34.245Taiwan
US69.197.156.226United States
US96.35.58.176United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-09]

detection period: 2015-03-09 00:00-23:59 UTC
total number of suspected botnet IPs: 1579
number of botnet IPs notified to network operators: 1514
number of spam blocked: 141978
recipient count of spam blocked: 5048407

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1001
2CHINANET-GD38
3ZJU-CN37
4CERNET-CN24
5PSYCHZ-NETWORKS17
6UNICOM-GD12
7CHINANET-HN12
8UNICOM-BJ10
9YITAIFENG7
10CHINANET-JS7

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1012
2China234
3United States58
4Russian Federation32
5Indonesia21
6Viet Nam15
7South Korea14
8India14
9Hong Kong13
10Italy11

Monday, March 9, 2015

Suspected Bot List [2015-03-08]

detection period: 2015-03-08 00:00-23:59 UTC
number of suspected bots' IPs listed here: 64

IP addresses listed here all exhibit strange network behavior. As I could not notify the victims for various reasons (no working abuse contact, mailbox over quota, etc.), I list them here instead. I have to emphasize that those are just *suspected* to be malware-infected computers.

List from fake open relays:

country codeIP addressCountry
BD203.76.147.70Bangladesh
CI213.136.105.210Ivory Coast
CI213.136.105.212Ivory Coast
EC201.219.60.118Ecuador
ID103.16.115.14Indonesia
ID118.97.175.114Indonesia
ID118.97.253.243Indonesia
ID202.137.230.127Indonesia
ID202.137.230.134Indonesia
ID202.148.7.77Indonesia
ID202.150.139.134Indonesia
ID202.150.157.34Indonesia
ID222.124.202.195Indonesia
IN117.211.27.12India
IN125.21.245.146India
IN202.63.113.12India
MN203.91.119.146Mongolia
PL95.160.218.204Poland
TR88.247.164.136Turkey
TW180.218.34.245Taiwan
US69.197.156.226United States
US96.35.58.176United States
US208.73.202.157United States
US209.220.168.177United States

List from greylisting:

Botnet Statistics [2015-03-08]

detection period: 2015-03-08 00:00-23:59 UTC
total number of suspected botnet IPs: 1711
number of botnet IPs notified to network operators: 1647
number of spam blocked: 148884
recipient count of spam blocked: 5155900

The top 10 networks (as found in WHOIS), ordered by number of suspected botnet IPs are:

RankNetwork# of suspected botnet IPs
1HINET-NET1057
2ZJU-CN59
3CHINANET-GD42
4CERNET-CN25
5CHINANET-HN22
6UNICOM-GD10
7YITAIFENG7
8UNICOM-SD7
9VNPT-VNNIC-VN6
10CHINANET-JS6

The top 10 countries (as defined by the 2-character country code), ordered by number of suspected botnet IPs are:

RankCountry# of suspected botnet IPs
1Taiwan1068
2China264
3United States46
4Russian Federation45
5Ukraine28
6Viet Nam18
7Indonesia18
8Brazil18
9Argentina14
10Iran13