Welcome! Log In Create A New Profile

Advanced

LeaseWeb

Posted by kartv 
LeaseWeb
March 19, 2013 11:17AM
(LeaseWeb)85.17.29.160:8080

Attack Continuously.

What's This?
Re: LeaseWeb
September 17, 2013 07:06PM
IP Address: 85.17.29.160
[ IP To Location - IP To Country]
Hostname: localhost
[Domain To Location - Domain Country - Domain To IP]
IP Blacklist Check: Not Blacklisted
[ Blacklist Check]
IP Lookup Location For IP Address: 85.17.29.160
Continent: Europe (EU)
Country: Netherlands (NL)
Capital: Amsterdam
State: Noord-Holland
City Location: Amsterdam
ISP: LeaseWeb B.V.
Organization: LeaseWeb



whois report:

% Abuse contact for '85.17.28.0 - 85.17.30.255' is 'abuse@leaseweb.com'

inetnum: 85.17.28.0 - 85.17.30.255
netname: LEASEWEB
descr: LeaseWeb
descr: P.O. Box 93054
descr: 1090BB AMSTERDAM
descr: Netherlands
descr: www.leaseweb.com
remarks: Please send email to "abuse@leaseweb.com" for complaints
remarks: regarding portscans, DoS attacks and spam.
remarks: INFRA-AW
country: NL
admin-c: LSW1-RIPE
tech-c: LSW1-RIPE
status: ASSIGNED PA
mnt-by: OCOM-MNT
source: RIPE # Filtered

person: RIP Mean
address: P.O. Box 93054
address: 1090BB AMSTERDAM
address: Netherlands
phone: +31 20 3162880
fax-no: +31 20 3162890
abuse-mailbox: abuse@leaseweb.com
nic-hdl: LSW1-RIPE
mnt-by: OCOM-MNT
source: RIPE # Filtered

% Information related to '85.17.0.0/16AS16265'

route: 85.17.0.0/16
descr: LEASEWEB
origin: AS16265
remarks: LeaseWeb
mnt-by: OCOM-MNT
source: RIPE # Filtered

DNS reports:

Non-authoritative answer:
160.29.17.85.in-addr.arpa name = localhost.

Authoritative answers can be found from:
29.17.85.in-addr.arpa nameserver = ns5.leaseweb.nl.
29.17.85.in-addr.arpa nameserver = ns1.leaseweb.nl.
29.17.85.in-addr.arpa nameserver = ns4.leaseweb.net.
ns1.leaseweb.nl internet address = 62.212.64.121
ns4.leaseweb.net internet address = 62.212.78.199
ns5.leaseweb.nl internet address = 83.149.64.123


ProxyCheck:

62.212.78.199:80 is a proxy server
83.149.64.123:80 is a proxy server
62.212.64.121:80 is a proxy server

CIDR for Peer-Block(ing)

Network: 62.212.64.0
CIDR: 62.212.64.0/19
Mask: 62.212.64.0/255.255.224.0
Network Range: 62.212.64.0 - 62.212.95.255
Total addresses: 8,192
Registrar: RIPENCC

Network: 62.212.64.0
CIDR: 62.212.64.0/19
Mask: 62.212.64.0/255.255.224.0
Network Range: 62.212.64.0 - 62.212.95.255
Total addresses: 8,192
Registrar: RIPENCC

Network: 83.149.64.0
CIDR: 83.149.64.0/18
Mask: 83.149.64.0/255.255.192.0
Network Range: 83.149.64.0 - 83.149.127.255
Total addresses: 16,384


It appears this is most likely a VPN or a PROXY service provided by a download/program. (I cannot locate a login page for any of those ranges, all direct connections are forbidden)

With the above ranges provided, you can block them with peer-block (Network range) or see below:

LeaseWeb:83.149.64.0-83.149.127.255
LeaseWeb:62.212.64.0-62.212.95.255
LeaseWeb:62.212.64.0-62.212.95.255

~OmegleWarden
Sorry, only registered users may post in this forum.

Click here to login

Online Users

Guests: 27
Record Number of Guests: 215 on November 08, 2012