Sources of Cyber Attacks for Our Site in 2023
Updated: January 5, 2024
(in no particular order)
Name | ASN | Type of Attack |
---|---|---|
Cogent | AS174 | All Kind of Attacks |
Eonix | ASN62904 | SEO Bots and Spam |
23 Shells / Server Mania | AS55081 | SEO Bots and Spam |
Shenzhen Tencent | AS45090 | All Kind of Attacks |
Datacamp / IPXO | AS212238 | All Kind of Attacks |
Sprious / Blazing SEO | AS397630 | SEO Bots and Spam |
Sprious / Blazing SEO | AS64267 | SEO Bots and Spam |
Digital Ocean | AS14061 | All Kind of Attacks |
Kamatera | AS36007 | All Kind of Attacks |
HostRoyal | AS207990 | All Kind of Attacks |
HostRoyal | AS203020 | All Kind of Attacks |
Panq B.V. / Latitude.sh (?) | AS396356 | All Kind of Attacks |
Powerhouse Management / Unus | AS22363 | All Kind of Attacks |
Paradise Networks / Unus | AS40861 | General Hacking, SQL Attacks |
Leaseweb | AS396190 | Bots, Spam, Brute Force |
Leaseweb | AS7203 | Bots, Spam, Brute Force |
Leaseweb | AS30633 | Bots, Spam, Brute Force |
Leaseweb | AS27411 | Bots, Spam, Brute Force |
Leaseweb | AS19148 | Bots, Spam, Brute Force |
Leaseweb | AS393886 | Bots, Spam, Brute Force |
Leaseweb | AS395954 | Bots, Spam, Brute Force |
ColoCrossing | AS36352 | Bots, Spam, Brute Force |
The Constant Company / Vultr Holdings | AS20473 | General Hacking, SQL Attacks |
IPXO | AS206092 | All Kind of Attacks |
IPXO | AS834 | All Kind of Attacks |
GSL Networks / globalsecurelayer.com | AS137409 | Bots, Spam, Brute Force |
Alibaba Cloud | AS45102 | All Kind of Attacks |
OVH | AS16276 | All Kind of Attacks |
Orion Network / FIBERGRID | AS41564 | Bots, Spam, Brute Force |
Fibergrid | AS37518 | All Kind of Attacks |
Amazon / AWS | AS16509 | All Kind of Attacks |
Linenet | AS394711 | All Kind of Attacks |
Akamai Connected Cloud / Linode | AS63949 | All Kind of Attacks |
Hetzner | AS24940 | All Kind of Attacks |
- Over 40% of attacks came from Singapore IPs, including AWS ones. I’m seriously thinking to completely Block Singapore as Country. A large amount came from China, France, Germany, Netherland and Finland IPs.
- Most spam came from Canada IPs and Networks.
- A LOT of attacks came from Microsoft Azure and Amazon AWS. Both of them, downplayed our Abuse Reports.
- Amazon AWS hosts most of SEO Bots and other Scrapers and data stealing bots. Impossible to block all that crap from AWS. That is why they choose AWS, because webmasters are not willing to completely block AWS IP ranges.
- Google has also a place in Attacks, from their cloud services, “googleusercontent.com”. I wish they used their so-called “AI” to somehow minimize the attacks from THEIR “customers”. But we are lucky, we can easily block them by their Hostname, using one rule.
- I’m sorry to see what Linode has become, after the Akamai merge. A source of attacks, spam and other illegal activities. We can also block them (partially) using their Hostname “linodeusercontent.com”.
- A LOT of obscure networks involved in attacks seems to be legaly (?) registered in Netherlands.
- Contrary to popular belief, we got only a few attacks from Russia and Ukraine.