LIST OF POSSIBLY COMPROMISED IP’S OR WEBSITES

This list has been updated to cover the period of December 31, 2011 through January 30, 2013. During this period around 180 different ip numbers were involved for a total of 6069 login attempts. These numbers and ip’s only reflect activity I believe to be a part of this particular (what I believe to be) bot network. IN ADDITION, there were twelve days of no bot activity – I have reason to believe the hosting company responsible for the ip controlling the compromised websites may have stopped it on their end but now the hackers are back again.
**Please see note below the list of ip’s.

I suspect that these ip’s have been compromised and are being used as part of a bot network. I’m not wasting my time checking each ip individually, but those I have checked are either websites or placeholders for websites. In working with the webmaster of one of the compromised sites, it was found that a rogue script had been uploaded to their site, allowing someone without authority to use it as they saw fit. Whether these ip’s are compromised individually or if the server they are hosted on has been compromised I don’t know, but either way, it’s not good.

LIST FOR DECEMBER 31, 2012 THROUGH JANUARY 30, 2013
103.22.182.137
103.28.241.101
103.9.101.121
108.163.128.206
108.163.228.218
108.163.250.74
112.213.84.166
112.78.6.10
115.68.15.54
118.139.177.86
118.69.198.230
119.31.233.40
163.43.132.41
173.163.176.222
173.166.75.217
173.214.189.107
173.237.189.134
173.243.113.200
173.255.199.88
173.255.243.68
173.45.243.245
174.120.181.179
174.121.177.217
174.121.43.29
174.121.92.190
174.122.110.177
174.127.117.77
176.28.11.67
176.31.234.69
176.53.114.88
178.255.225.89
178.63.253.197
178.63.53.21
182.50.141.162
184.106.168.183
184.107.237.66
184.154.137.58
184.154.195.226
184.22.244.72
184.82.62.205
188.132.179.34
188.132.197.210
188.132.225.194
188.190.98.26
188.227.182.67
190.186.237.2
193.180.115.113
193.33.186.241
194.14.79.29
194.28.172.172
195.16.88.174
195.189.80.101
195.189.82.66
195.225.171.122
195.246.8.45
196.200.16.88
198.1.100.133
198.1.101.205
198.38.84.29
199.116.250.88
199.180.252.22
199.187.176.34
199.192.153.21
199.223.214.154
199.231.187.107
208.113.184.10
208.115.125.60
208.116.46.12
208.71.141.149
208.77.45.58
209.15.212.175
209.172.35.214
209.59.244.222
210.14.78.21
211.9.76.2
212.178.198.80
216.172.167.64
216.172.183.18
216.224.175.71
216.224.179.165
216.238.64.58
216.40.231.210
217.172.188.12
221.241.239.75
31.169.95.50
31.210.98.148
37.1.223.19
37.247.99.82
37.26.241.186
46.165.198.100
46.182.105.173
46.252.193.47
46.32.226.96
46.32.254.132
46.45.161.250
46.45.169.180
5.153.22.149
5.9.23.167
5.9.240.238
5.9.81.50
50.116.101.182
50.22.79.226
50.28.29.70
50.57.174.146
50.62.145.225
50.63.154.219
50.63.67.12
50.93.197.25
50.93.205.47
54.243.214.134
61.114.155.50
64.111.124.4
64.207.176.22
64.62.164.94
65.49.39.194
65.60.29.133
65.75.130.74
66.135.37.211
66.135.49.176
66.135.50.49
66.154.54.43
66.172.57.16
66.36.228.123
66.40.34.114
66.55.144.244
66.7.203.158
67.205.107.173
67.212.160.250
67.227.150.178
67.227.238.95
68.169.44.28
68.71.137.102
69.175.78.234
69.64.68.159
69.73.141.6
70.38.54.242
72.167.13.19
72.29.68.51
72.9.231.10
74.117.220.10
74.208.64.189
74.82.186.98
76.74.252.213
77.66.3.219
78.111.80.205
78.46.128.32
8.8.246.210
80.73.246.101
82.194.82.102
83.168.215.63
83.170.101.10
83.170.121.209
84.19.186.238
85.119.183.223
85.214.153.62
85.214.45.181
85.236.50.197
85.95.238.76
87.106.133.227
87.253.162.6
88.198.46.67
89.223.49.163
89.237.41.3
89.31.1.176
91.121.76.35
91.215.216.37
91.215.216.46
93.114.41.220
93.114.43.144
93.119.227.62
93.187.140.18
94.102.5.202
94.23.234.227
94.23.27.29
95.173.186.104
96.127.139.170
96.127.139.186
98.126.160.18
**If you are in control of any of these ip’s and feel you have been listed in error, please contact me and I’ll recheck my logs and send you copies or if I did make a mistake correct the listing.

One Comment

  1. I haven’t updated the list of ip’s being used to try to log into this blog for awhile. The attempts even stopped for a bit, but I noticed that they started up again on April 5, 2013, this time with a new batch of ip’s so I thought I’d share them with anyone interested. This list only goes through 7:13 EST of April 6th.

    108.163.128.206
    115.187.79.147
    168.144.196.233
    173.230.144.201
    174.121.92.190
    174.127.117.77
    178.208.91.196
    178.63.253.197
    178.77.97.114
    180.188.194.54
    184.154.36.210
    184.168.112.26
    184.168.114.10
    185.15.196.72
    188.165.202.45
    188.40.69.202
    198.1.103.205
    198.154.229.38
    198.57.163.161
    198.98.113.47
    199.180.252.22
    199.195.143.121
    199.223.214.154
    203.98.75.98
    207.58.139.238
    207.58.185.126
    208.113.184.22
    208.113.197.94
    208.113.198.170
    208.115.125.60
    208.116.36.230
    209.51.142.178
    210.188.201.162
    210.188.201.41
    210.210.178.20
    216.224.175.71
    24.234.3.189
    31.210.86.205
    37.247.99.82
    46.165.198.100
    5.135.158.104
    50.63.154.219
    61.19.248.138
    64.207.146.169
    64.22.33.10
    65.254.168.168
    65.254.40.154
    65.44.220.57
    65.60.19.242
    66.36.228.123
    66.55.144.244
    67.205.1.74
    67.205.45.170
    67.215.243.250
    69.163.202.16
    72.14.185.153
    72.167.13.19
    77.235.47.247
    77.93.192.212
    78.142.63.82
    80.68.95.137
    80.78.247.92
    80.86.105.174
    85.10.195.141
    85.158.215.36
    85.190.5.212
    85.214.27.40
    85.25.73.37
    89.38.207.234
    89.44.200.154
    91.184.49.98
    91.203.108.132
    92.114.86.81
    93.114.41.220
    93.187.140.18
    94.23.234.227
    96.127.139.170

Leave a Reply

Your email address will not be published. Required fields are marked *