ASNs Involved in Today’s Attack
As from this afternoon, we are experiencing a coordinated attack, from various lot of IPs all over the world. Not a very fast and clever attack, i have seen much more “targeted” and faster. They search for all kind of system files, backups, password files and more.
This is not the first time we have experienced one of these attacks and i guess we are not the only ones. They usually originate from Cloud/VPNs and last from several hours to a day.
Here are the ASNs and the Networks involved as they are discovered and blocked. It is not always clear who is the ASN owner, because some IPs seems rented from companies like IPXO. ASN and IP Data is checked with IPINFO.io. All those ASNs and companies are no surprise to us, they are “usual suspects” when we are under any kind of attack. ASNs from IPXO, Clouvider and M247 are almost every time participating in the attack.
The attack started on 19 of July at 19:39:16 and ended at 22:58:42. A total of 885 attacks.
ASN | Owner/Network/Companies Involved |
---|---|
AS13213 | UK-2 Limited/EXPRESS VPN |
AS206092 | IPXO LIMITED/Falco Networks B.V./Express-Equinix-London/Netrouting, Inc./Sheimo Scorpion Data AB/TnR Technologies B.V./John Macleod trading as Howick Digital |
AS62240 | Clouvider/Noop, LLC/IPXO LIMITED |
AS42708 | GleSYS AB/Falco Networks B.V. |
AS206804 | EstNOC-Global/Panq B.V. |
AS24768 | ALMOUROLTEC/LIS DEDICATED SERVERS |
AS137409 | GSL Networks Pty LTD/Turkbil Telekomunikasyon/M Nets SAL |
AS40676 | Psychz Networks |
AS56322 | ServerAstra Kft. |
AS61272 | Informacines sistemos ir technologijos, UAB |
AS9009 | M247 Europe SRL |
AS42831 | UK Dedicated Servers Limited/Legaco Networks B.V. |
Now you know what to avoid and block.