141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia

Liste des GroupesRevenir à nan email 
Sujet : 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia
De : noc (at) *nospam* inter-corporate.com (Randolf Richardson 張文道)
Groupes : news.admin.net-abuse.email
Date : 29. Jul 2024, 17:29:01
Autres entêtes
Organisation : Inter-Corporate Computer & Network Services, Inc. -- Simplifying complexity
Message-ID : <20240729092901.e8717119fb6b1a1f376631a9@inter-corporate.com>
User-Agent : Sylpheed 3.7.0 (GTK+ 2.24.33; x86_64-pc-linux-gnu)
The SQL injection attacks that were coming from Russia have
moved to Panama, and are now making more attempts (thousands
more that are targeting a few different clients who are not
in related professions and don't know each other), possibly
because Panama has a better internet connection for them?  :D

For anyone who wants to be preventive, I do hope that this IP
address will be helpful for outright blocking (I suspect that
it's only one compromised host in their netblock as I'm not
seeing any connections from other addresses in their /24, so
I don't recommend blocking their entire network).  Cheers!

WHOIS output for 141.98.83.80...

% Abuse contact for '141.98.83.0 - 141.98.83.255' is
  'abuse@global-host.net'

inetnum:        141.98.83.0 - 141.98.83.255
netname:        GLOBALHOST-NET
country:        PA
admin-c:        GNO15-RIPE
abuse-c:        GNO15-RIPE
tech-c:         GNO15-RIPE
mnt-routes:     GLOBAL-HOST
mnt-lower:      GLOBAL-HOST
status:         ASSIGNED PA
mnt-by:         mnt-pa-flyservers-1
created:        2019-01-28T18:46:44Z
last-modified:  2019-03-21T16:54:07Z
source:         RIPE

role:           GLOBAL-HOST NETWORK OPERATIONS
address:        Calle 76 Este San Francisco y Via Porras
abuse-mailbox:  abuse@global-host.net
admin-c:        SD12186-RIPE
tech-c:         SD12186-RIPE
nic-hdl:        GNO15-RIPE
mnt-by:         GLOBAL-HOST
created:        2019-01-28T18:37:18Z
last-modified:  2019-01-28T18:40:51Z
source:         RIPE # Filtered

% Information related to '141.98.83.0/24AS209588'

route:          141.98.83.0/24
origin:         AS209588
mnt-by:         GLOBAL-HOST
created:        2021-01-11T18:51:05Z
last-modified:  2021-01-11T18:51:05Z
source:         RIPE

% This query was served by the RIPE Database Query Service
  version 1.113.2 (ABERDEEN)

--
Randolf Richardson 張文道, CNA - noc@inter-corporate.com
Inter-Corporate Computer & Network Services, Inc.
Beautiful British Columbia, Canada
https://www.inter-corporate.com/

Date Sujet#  Auteur
29 Jul 24 * 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia6Randolf Richardson 張文道
29 Jul 24 +* Re: 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia4Marco Moock
30 Jul 24 i`* Re: 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia3Randolf Richardson 張文道
31 Jul 24 i `* Re: 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia2Marco Moock
9 Aug 24 i  `- Re: 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia1Randolf Richardson 張文道
30 Jul 24 `- Re: 141.98.83.80/24 (AS209588) strait from Panama ... SQL injection attacks source moved away from Russia1D

Haut de la page

Les messages affichés proviennent d'usenet.

NewsPortal