Announcement

Collapse
No announcement yet.

Continuing Attempts to Thwart FluTrackers

Collapse
X
 
  • Filter
  • Time
  • Show
Clear All
new posts

  • Re: Continuing Attempts to Thwart FluTrackers



    Internet trouble? You're not alone - why it was one bad day for the Web
    Anupam Saxena, March 28, 2013

    Looks like we've just experienced one of the worst days in history of the Internet. Millions of users were affected by a snarl that led to delays in loading websites or accessing other online services.

    One of the major reasons for the slowdown was a tiff between Spamhaus ,a group fighting spam and Cyberbunker, a Dutch company that hosts Web sites said to be sending spam that led to one of the largest computer attacks on the Internet, causing widespread congestion and jamming crucial infrastructure around the world.

    The dispute started when Spamhaus added Cyberbunker to its blacklist, which is used by email providers to weed out spam.

    Cyberbunker allegedly started "bazooka" attacks which were essentially distributed denial of service attack (DDoS), that essentially bombard sites with traffic in an effort to disrupt them.
    ...
    The other reason was cutting of the South East Asia-Middle East-Western Europe 4 (aka SEA-ME-WE 4) undersea cable near Alexandria in Egypt, that affected users in and around Africa, Middle East and some parts of Asia. Online publication Gigaom also points out that the timing of the cut was unfortunate as other major cables including Europe India Gateway (EIG) and India-Middle East-Western Europe (IMEWE) were in "maintenance mode."
    ...
    Twitter: @RonanKelly13
    The views expressed are mine alone and do not represent the views of my employer or any other person or organization.

    Comment


    • Re: Continuing Attempts to Thwart FluTrackers

      Gert began posting our China H7N9 thread at 1:50 am EST. We went down at some point after that. Our server is monitored 24/7 by the server company and we received this email from them when they restarted our server.


      From: support@lunarpages.com
      To: flutrackers@earthlink.net
      Subject: Dedicated Server Rebooted - flutrackers.com
      Date: Mar 31, 2013 2:50 AM
      Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

      Dear FluTrackers,

      Request supervisor
      A technician responded to your ticket with:

      Hello,

      Once more we found your dedicated server alerting for multiple services and unresponsive. We had no other choice but to reboot server. Your server is back up and running fine now. Checking your server we found that it was heavily load due to which went unresponsive......

      Comment


      • Re: Continuing Attempts to Thwart FluTrackers

        And again

        Please note that the server company is in the Pacific time zone hence the difference in the time stamps:

        From: support
        To: flutrackers@earthlink.net
        Subject: Re: [Lunarpages Online HelpDesk] [TQ02NF47FJL7] Dedicated Server Rebooted - flutrackers.com
        Date: Apr 6, 2013 2:59 AM
        Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.
        <hr> Dear FluTrackers,
        Request supervisor
        A technician responded to your ticket with:
        Hello,




        Once more we found your dedicated server alerting for multiple services and unresponsive. We had no other choice but to reboot server. Your server is back up and running fine now. Checking your server we found that it was heavily load due to which went unresponsive. Details are given below.
        Reboot logs are copied below. ==================

        Apr 5 22:34:41 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1546 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:42 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1546 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:43 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.92 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=267 PROTO=UDP SPT=10813 DPT=33436 LEN=12
        Apr 5 22:34:44 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.88 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=1292 PROTO=UDP SPT=10813 DPT=33440 LEN=12
        Apr 5 22:34:44 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=2 ID=1547 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:45 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.92 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=1 ID=267 PROTO=UDP SPT=10813 DPT=33436 LEN=12
        Apr 5 22:34:46 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=2 ID=1547 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:48 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.88 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=2 ID=1293 PROTO=UDP SPT=10813 DPT=33440 LEN=12
        Apr 5 22:34:50 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=3 ID=1548 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:52 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=4 ID=1549 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:54 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=4 ID=1549 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:56 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=5 ID=1550 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:34:58 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:02:d8:40:00:08:00 SRC=202.58.9.56 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=5 ID=1550 PROTO=UDP SPT=10813 DPT=33441 LEN=12
        Apr 5 22:35:00 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.88 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=5 ID=1296 PROTO=UDP SPT=10813 DPT=33440 LEN=12
        Apr 5 22:35:02 server kernel: Firewall: *UDP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.58.9.88 DST=67.210.96.104 LEN=32 TOS=0x00 PREC=0x00 TTL=5 ID=1296 PROTO=UDP SPT=10813 DPT=33440 LEN=12
        Apr 5 22:54:55 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=59.72.0.77 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=100 ID=56349 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 22:54:55 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=59.72.0.77 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=100 ID=56348 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 22:57:27 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=222.186.59.216 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=102 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 22:57:27 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=222.186.59.216 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=100 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:03:02 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=217.118.24.175 DST=67.210.96.105 LEN=48 TOS=0x04 PREC=0x00 TTL=113 ID=249 PROTO=TCP SPT=3781 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
        Apr 5 23:03:02 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=217.118.24.175 DST=67.210.96.104 LEN=48 TOS=0x04 PREC=0x00 TTL=113 ID=57167 PROTO=TCP SPT=3781 DPT=3389 WINDOW=65535 RES=0x00 SYN URGP=0
        Apr 5 23:08:50 server sshd: refused connect from ::ffff:82.221.99.234 (::ffff:82.221.99.234) Apr 5 23:10:27 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.103.178.23 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=105 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:10:27 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=202.103.178.23 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:11:16 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=118.244.172.117 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=103 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:11:16 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=118.244.172.117 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=100 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:11:58 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=61.147.111.58 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:11:58 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=61.147.111.58 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=104 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:13:58 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=198.100.111.195 DST=67.210.96.104 LEN=40 TOS=0x04 PREC=0x00 TTL=111 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:13:58 server kernel: Firewall: *TCP_IN Blocked* IN=eth0 OUT= MAC=00:30:48:8e:90:0a:00:d0:2b:1b:b5:00:08:00 SRC=198.100.111.195 DST=67.210.96.105 LEN=40 TOS=0x04 PREC=0x00 TTL=111 ID=256 PROTO=TCP SPT=6000 DPT=1433 WINDOW=16384 RES=0x00 SYN URGP=0
        Apr 5 23:16:43 server sshd: refused connect from ::ffff:37.57.124.247 (::ffff:37.57.124.247)
        Apr 5 23:16:43 server sshd: refused connect from ::ffff:37.57.124.247 (::ffff:37.57.124.247)
        Apr 5 23:22:34 server nrpe[27069]: Error: Could not complete SSL handshake. 5
        Apr 5 23:22:34 server nrpe[27067]: Error: Could not complete SSL handshake. 5
        Apr 5 23:22:34 server nrpe[27065]: Error: Could not complete SSL handshake. 5
        Apr 5 23:22:34 server nrpe[27063]: Error: Could not complete SSL handshake. 5
        Apr 5 23:22:34 server nrpe[27061]: Error: Could not complete SSL handshake. 5
        Apr 5 23:22:34 server nrpe[27058]: Error: Could not complete SSL handshake. 5
        Apr 5 23:23:17 server nrpe[27090]: Error: Could not complete SSL handshake. 5
        Apr 5 23:37:29 server syslogd 1.4.1: restart.

        Comment


        • Re: Continuing Attempts to Thwart FluTrackers

          And it goes on.....


          From: server
          To: flutrackers
          Subject: Server Overload on flutrackers.com
          Date: Apr 9, 2013 2:00 PM

          IMPORTANT: Do not ignore this email.

          While processing the log files for user the cpu has been
          maxed out for more than a 6 hour period. ..... ...take
          steps to lower the load.

          Comment


          • Re: Continuing Attempts to Thwart FluTrackers

            and.....


            From: support
            To: flutrackers@earthlink.net
            Subject: High Load
            Date: Apr 14, 2013 1:26 AM
            Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

            Dear FluTrackers,
            Request supervisor
            A technician responded to your ticket with:

            Hello, Today your server is alerting again for very high load:........

            Comment


            • Re: Continuing Attempts to Thwart FluTrackers

              We went down this morning for some period of time. The server company told me that ONE ip, alone, had 100 connections to the site. It was another DOS attack.

              And this afternoon:

              From: support
              To: flutrackers
              Subject: Re: High load on dedicated server
              Date: Apr 18, 2013 3:35 PM
              Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

              Dear FluTrackers,

              Request supervisor
              A technician responded to your ticket with:

              Hello,

              Recently your server become unresponsive due to huge load. I've rebooted it but the server remain inaccessible. I've contacted my colleague from our datacenter and soon we'll update you regarding your server status. Meanwhile, if you need information or have some questions, please don't hesitate to contact us. Our team will be glad to assist you in this matter!

              Thank you!

              Kind Regards,

              Comment


              • Re: Continuing Attempts to Thwart FluTrackers

                From: support
                To: flutrackers
                Subject:High load on dedicated server
                Date: Apr 18, 2013 4:03 PM
                Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

                Dear FluTrackers,

                Request supervisor
                A technician responded to your ticket with:

                Hello,

                fsck has checked the file system and now your server is up and fully functional.

                Your serer was unresponsive due to huge load (load average: 177.57, 89.14, 36.91 ). I've checked and I noticed that your server have high traffic.

                Comment


                • Re: Continuing Attempts to Thwart FluTrackers

                  Yesterday we were down for about an hour due to a huge DOS attack.

                  From: support
                  To: flutrackers@earthlink.net
                  Subject: Re: Online HelpDesk
                  Date: May 14, 2013 4:56 PM

                  Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

                  Dear FluTrackers,

                  Request supervisor
                  A technician responded to your ticket with:

                  Hello,


                  Again your server become unresponsive due to huge load.

                  CPU % 233.83.......


                  Comment


                  • Re: Continuing Attempts to Thwart FluTrackers

                    We went down today due to a DOS attack. We have noticed over the last 3 weeks an increase of spam attempts against the site.

                    From:lunarpages
                    To: flutrackers
                    Subject:
                    Date: Sep 16, 2013 5:57 AM


                    Dear FluTrackers,

                    Request supervisor
                    A technician responded to your ticket with:

                    Hello,

                    Once again your server is alerted for very high load due to Apache processes, please check the details given below.

                    snip


                    =================

                    1 199.30.16.13
                    1 199.30.16.48
                    1 208.115.111.69
                    1 27.153.161.40
                    1 5.10.83.105
                    1 5.10.83.22
                    1 5.10.83.26
                    1 5.10.83.59
                    1 5.10.83.95
                    1 66.249.73.122
                    2 157.55.33.88
                    5 108.60.141.199
                    5 198.27.126.80
                    6 208.177.76.10
                    6 66.117.9.107
                    6 94.228.34.212
                    12 222.77.246.250
                    13 36.248.161.216
                    31 82.65.251.97
                    339 175.44.59.62

                    =============

                    I have blocked the IP : 175.44.59.62 , please let us know if its a legitimate IP so that we can white list the IP in the servers firewall.

                    Please feel free to contact us if you need any further assistance.

                    ....

                    Comment


                    • Re: Continuing Attempts to Thwart FluTrackers

                      We are also sustaining many phishing attempts to our email account per day. Of course, I do not open any of these:


                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      service@earthlink.net
                      ACCOUNT CONFIRMATION
                      Sep 20 2 KB

                      Comment


                      • Re: Continuing Attempts to Thwart FluTrackers

                        From CybernetQuest query:

                        175.44.59.62 - Whois Information
                        #
                        # ARIN WHOIS data and services are subject to the Terms of Use
                        # available at: https://www.arin.net/whois_tou.html
                        #

                        #
                        # Query terms are ambiguous. The query is assumed to be:
                        # "n 175.44.59.117"
                        #
                        # Use "?" to get help.
                        #
                        #
                        # The following results may also be obtained via:
                        # http://whois.arin.net/rest/nets;q=17...se&ext=netref2
                        #
                        NetRange: 175.0.0.0 - 175.255.255.255
                        CIDR: 175.0.0.0/8
                        OriginAS:
                        NetName: APNIC-175
                        NetHandle: NET-175-0-0-0-0
                        Parent:
                        NetType: Allocated to APNIC
                        RegDate: 2009-08-03
                        Updated: 2010-07-30
                        Ref: http://whois.arin.net/rest/net/NET-175-0-0-0-0
                        OrgName: Asia Pacific Network Information Centre
                        OrgId: APNIC
                        Address: PO Box 3646
                        City: South Brisbane
                        StateProv: QLD
                        PostalCode: 4101
                        Country: AU
                        RegDate:
                        Updated: 2012-01-24
                        Ref: http://whois.arin.net/rest/org/APNIC
                        ReferralServer: whois://whois.apnic.net
                        OrgAbuseHandle: AWC12-ARIN
                        OrgAbuseName: APNIC Whois Contact
                        OrgAbusePhone: +61 7 3858 3188
                        OrgAbuseEmail: search-apnic-not-arin@apnic.net
                        OrgAbuseRef: http://whois.arin.net/rest/poc/AWC12-ARIN
                        OrgTechHandle: AWC12-ARIN
                        OrgTechName: APNIC Whois Contact
                        OrgTechPhone: +61 7 3858 3188
                        OrgTechEmail: search-apnic-not-arin@apnic.net
                        OrgTechRef: http://whois.arin.net/rest/poc/AWC12-ARIN

                        #
                        # ARIN WHOIS data and services are subject to the Terms of Use
                        # available at: https://www.arin.net/whois_tou.html
                        #

                        Found a referral to whois.apnic.net.
                        &#37; [whois.apnic.net]
                        % Whois data copyright terms http://www.apnic.net/db/dbcopyright.html
                        % Information related to '175.44.32.0 - 175.44.63.255'
                        inetnum: 175.44.32.0 - 175.44.63.255
                        netname: UNICOM-FJ-PUTIAN-MAN
                        country: CN
                        descr: Putian city, fujian provincial network of UNICOM
                        admin-c: PT239-AP
                        tech-c: PT239-AP
                        status: ALLOCATED NON-PORTABLE
                        changed: chenmin_deletethispart_@chinaunicom.cn 20111111
                        mnt-by: MAINT-CNCGROUP-FJ
                        mnt-lower: MAINT-CN-PT28
                        mnt-irt: IRT-CU-CN
                        source: APNIC
                        irt: IRT-CU-CN
                        address: No.21,Jin-Rong Street
                        address: Beijing,100140
                        address: P.R.China
                        e-mail: zhouxm@chinaunicom.cn
                        abuse-mailbox: zhouxm@chinaunicom.cn
                        admin-c: CH1302-AP
                        tech-c: CH1302-AP
                        mnt-by: MAINT-CNCGROUP
                        changed: zhouxm@chinaunicom.cn 20101110
                        changed: hm-changed@apnic.net 20101116
                        source: APNIC
                        person: PU TIAN
                        nic-hdl: PT239-AP
                        e-mail: wengqingwu@chinaunicom.cn
                        address: Putian city, Fujian province, China
                        phone: +86-594-6284431
                        fax-no: +86-594-6284433
                        country: cn
                        changed: chenmin_deletethispart_@chinaunicom.cn 20091106
                        mnt-by: MAINT-CNCGROUP-FJ
                        source: APNIC
                        % Information related to '175.44.0.0/16AS4837'
                        route: 175.44.0.0/16
                        descr: China Unicom Fujian Province Network
                        country: CN
                        origin: AS4837
                        mnt-by: MAINT-CNCGROUP-RR
                        changed: abuse@cnc-noc.net 20091215
                        source: APNIC
                        % This query was served by the APNIC Whois Service version 1.68 (UNDEFINED)

                        Comment


                        • Re: Continuing Attempts to Thwart FluTrackers

                          From CybernetQuest:

                          175.44.59.62 - Geo Information
                          IP Address 175.44.59.62
                          Host 175.44.59.62
                          Location CN CN, China
                          City Fuzhou, 07 -
                          Organization China Unicom Fujian
                          ISP China Unicom Fujian
                          AS Number AS4837 CNCGROUP China169 Backbone
                          Latitude 26?06'14" North
                          Longitude 119?30'61" East
                          Distance 8535.51 km (5303.72 miles)

                          Comment


                          • Re: Continuing Attempts to Thwart FluTrackers

                            From: lunarpages
                            To: flutrackers
                            Subject:
                            Date: Sep 22, 2013 6:35 AM
                            Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

                            Dear FluTrackers,

                            Request supervisor
                            A technician responded to your ticket with:


                            Hello,

                            I am writing to inform you that during routine monitoring your server was again alerted for very high load in our monitoring system.

                            .....


                            1 108.203.180.123
                            1 108.60.141.199
                            1 108.76.104.29
                            1 109.105.91.19
                            1 109.172.59.243
                            1 109.248.182.27
                            1 109.251.56.149
                            1 109.73.120.132
                            1 109.75.140.11
                            1 112.198.77.88
                            1 128.68.165.54
                            1 141.105.141.2
                            1 144.76.22.78
                            1 144.76.22.83
                            1 176.241.108.186
                            1 176.36.82.225
                            1 176.51.4.51
                            1 178.124.112.52
                            1 178.150.233.93
                            1 178.217.108.57
                            1 182.178.75.215
                            1 188.168.153.33
                            1 188.242.41.4
                            1 192.151.156.66
                            1 195.158.75.132
                            1 195.19.63.215
                            1 199.16.186.114
                            1 212.152.53.32
                            1 217.23.12.71
                            1 2.95.223.139
                            1 37.110.149.177
                            1 37.54.81.251
                            1 37.57.223.82
                            1 37.78.60.11
                            1 46.146.166.139
                            1 5.9.113.104
                            1 78.154.174.102
                            1 78.85.4.210
                            1 78.85.5.175
                            1 85.114.99.73
                            1 86.182.81.209
                            1 88.147.239.180
                            1 89.178.131.204
                            1 89.185.21.138
                            1 90.197.84.198
                            1 91.229.54.16
                            1 91.79.179.42
                            1 93.115.86.194
                            1 93.72.117.201
                            1 94.19.238.140
                            1 95.130.216.25
                            1 95.131.9.242
                            1 95.132.95.180
                            1 95.26.175.140
                            1 95.52.52.147
                            2 109.104.168.43
                            2 109.195.152.182
                            2 109.95.221.13
                            2 112.123.168.76
                            2 120.139.124.237
                            2 120.40.150.154
                            2 125.165.91.119
                            2 176.196.117.17
                            2 176.96.186.96
                            2 178.126.22.25
                            2 178.35.221.87
                            2 178.93.220.97
                            2 188.19.24.135
                            2 188.244.195.85
                            2 208.79.212.99
                            2 213.88.125.138
                            2 220.245.17.44
                            2 31.31.125.34
                            2 31.43.112.226
                            2 37.232.167.81
                            2 37.53.212.135
                            2 37.54.69.220
                            2 37.54.99.76
                            2 37.55.233.134
                            2 46.50.141.121
                            2 46.72.200.86
                            2 63.141.233.146
                            2 78.108.79.231
                            2 79.134.15.123
                            2 79.141.57.130
                            2 81.1.189.110
                            2 85.192.168.209
                            2 91.204.60.14
                            2 93.124.120.165
                            2 94.179.42.189
                            2 94.228.34.212
                            2 94.241.7.221
                            2 94.72.63.31
                            3 121.54.48.41
                            3 128.74.192.250
                            3 147.30.96.177
                            3 176.195.113.143
                            3 178.67.108.247
                            3 178.74.79.250
                            3 188.162.166.5
                            3 192.162.155.165
                            3 199.15.233.137
                            3 213.135.136.103
                            3 217.199.236.44
                            3 36.69.178.106
                            3 37.25.115.49
                            3 41.222.255.173
                            3 77.122.46.143
                            3 78.111.25.52
                            3 83.149.35.171
                            3 89.189.191.24
                            3 93.120.213.204
                            3 95.55.69.20
                            4 111.95.158.71
                            4 125.161.67.79
                            4 157.56.93.83
                            4 176.124.15.178
                            4 178.165.78.172
                            4 178.236.140.18
                            4 178.74.225.168
                            4 178.94.6.238
                            4 188.233.136.135
                            4 24.203.117.135
                            4 37.237.147.26
                            4 46.165.60.253
                            4 46.53.195.31
                            4 5.200.32.250
                            4 79.172.100.139
                            4 91.209.51.245
                            4 95.165.164.76
                            4 95.179.22.126
                            5 109.162.3.144
                            5 109.172.98.242
                            5 109.188.127.133
                            5 109.191.2.189
                            5 109.87.151.236
                            5 178.94.7.17
                            5 188.230.40.110
                            5 31.162.86.211
                            5 46.191.219.217
                            5 89.23.168.99
                            5 94.253.123.213
                            5 95.132.188.161
                            5 95.190.110.213
                            5 95.79.170.124
                            6 178.218.36.134
                            6 178.65.47.236
                            6 213.88.17.138
                            6 5.248.254.200
                            6 79.133.142.146
                            7 178.95.17.116
                            7 213.187.113.5
                            7 85.21.163.18
                            8 109.254.162.57
                            8 188.123.253.97
                            8 212.109.6.117
                            8 93.116.205.239
                            9 109.194.231.120
                            9 159.224.8.111
                            9 188.190.84.115
                            9 46.165.61.242
                            9 46.200.19.221
                            9 95.153.170.156
                            12
                            12 94.136.198.117
                            13 62.122.64.55
                            19 5.100.192.20


                            =============

                            Please check the above detailed traffic and block the IPs....

                            Comment


                            • Re: Continuing Attempts to Thwart FluTrackers

                              This ip just launched a DOS attack against this site and I banned it from the server:

                              91.207.7.238

                              registed in the Ukraine

                              Comment


                              • Re: Continuing Attempts to Thwart FluTrackers

                                From: lunarpages
                                To: flutrackers
                                Subject: Re: [Lunarpages Online HelpDesk] [YA78KH83EVH0] Apache stopped
                                Date: Feb 12, 2014 5:26 AM
                                Note: Replying more than once may delay our response time, because your ticket will be placed at the bottom of our ticket queue.

                                Dear FluTrackers,

                                Request supervisor
                                A technician responded to your ticket with:

                                Hello,

                                I'm contacting you today to inform you that I have noticed that your server is alerting of Load

                                ......

                                Comment

                                Working...
                                X