itim

Forum Moderators: open

Message Too Old, No Replies

static.vdc.vn (etc.)

Pfui

8:35 pm on Jan 6, 2012 (gmt 0)

(Note: All Hosts/IPs are registered to Global Data Service Joint Stock Company, a.k.a. GDS, in Vietnam.)

static.vdc.vn
itim

00:23:34 /robots.txt [200]
00:23:35 / [403]
00:23:36 / [403]
00:23:36 / [403]

robots.txt? Yes BUT immediately ignored.

itim- and GDS/Vietnam-related:

pool-14.gds.vn
itim

21:07:47 /
robots.txt? NO

Speaking of static.vdc.vn -- the IPS change:

Resolve Host: static.vdc.vn
IP Address: 222.255.29.106
DT: 2 websites use this address. (examples: vdc.com.vn vdc.vn)
PHP for that IP: [projecthoneypot.org...]

A.k.a.:

Resolve Host: m78.vnn.vn
IP Address: 203.162.0.78
robtex: "static.vdc.vn has one IP number (203.162.0.78) , but the reverse is m78.vnn.vn.")
PHP for that IP: [projecthoneypot.org...]

FWIW: After 15-plus years, one of my defaults is:

deny from .vn

dstiles

11:26 pm on Jan 6, 2012 (gmt 0)

I blocked 222.252/14 back in October 2010 as being too aggressive.

I had 203.162.2/23 blocked for several years with no other reported IP but I agree about .vn and tend to block quite a lot of it: 203.162/16 now added to the block.

wilderness

7:12 am on Apr 1, 2012 (gmt 0)

123.30.175.zz - - [01/Apr/2012:07:15:44 +0100] "GET /robots.txt HTTP/1.0" 200 2536 "-" "itim"
123.30.175.zz - - [01/Apr/2012:07:15:49 +0100] "GET / HTTP/1.0" 403 533 "-" "itim"
123.30.175.zz - - [01/Apr/2012:07:15:49 +0100] "GET /MyFolder/MySub/MyPage.html HTTP/1.0" 403 533 "-" "itim"
123.30.175.zz+1 - - [01/Apr/2012:07:34:06 +0100] "GET /robots.txt HTTP/1.0" 200 2536 "-" "itim"
123.30.175.zz+1 - - [01/Apr/2012:07:34:08 +0100] "GET / HTTP/1.0" 403 533 "-" "itim"

dstiles

7:44 pm on Apr 1, 2012 (gmt 0)

There are statics in that range so it would be easy to block the offender. Or simply block all of 123.16.0.0 - 123.31.0.0

wilderness

9:46 pm on Apr 1, 2012 (gmt 0)

Many thanks. All those were 403's and I was just adding a "heads up"

I've (per another thread):
RewriteCond %{REMOTE_ADDR} ^12[1-6]\. [OR]

keyplyr

10:59 pm on Apr 1, 2012 (gmt 0)

China country range
123.0.0.0 to 123.255.255.255
123.0.0.0/8

dstiles

9:31 pm on Apr 2, 2012 (gmt 0)

See note in another thread re: killing AU, NZ, JP etc on /8 Apnic ranges.

keyplyr

10:58 pm on Apr 2, 2012 (gmt 0)

See reply in another thread re: nothing from AU, NZ, JP etc on /8 Apnic ranges is getting blocked :)

itim

static.vdc.vn (etc.)

Pfui

dstiles

wilderness

dstiles

wilderness

keyplyr

dstiles

keyplyr

Join The Conversation

Moderators and Top Contributors

Hot Threads This Week