You are not logged in.

#1 2011-09-28 4:16 pm

zaphod
Jägermonster
From: USA
Registered: 2008-11-22
Posts: 2,984
Website

The attack attempts start from the Google cloud.

Check 'dis out...

#: 111915 @: 2011-09-28, Wed - 08:46:20 -06:00 Running: 0.4.10a
Host: 66.249.85.129
IP: 66.249.85.129
Score: 1
Violation count: 1 
Why blocked: Google Cloud Services. Not an ISP. Used by hackers, scrapers, and other unsavories. 
Query: 
Referer: http://www.zen-cart.com/
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0 AppEngine-Google; (+http://code.google.com/appengine; appid: s~cnxmleo)
Reconstructed URL: http:// www.spambotsecurity.com /zbblock.php

#: 111916 @: 2011-09-28, Wed - 08:46:31 -06:00 Running: 0.4.10a
Host: 66.249.85.129
IP: 66.249.85.129
Score: 1
Violation count: 2 
Why blocked: Google Cloud Services. Not an ISP. Used by hackers, scrapers, and other unsavories. 
Query: 
Referer: http://www.zen-cart.com/
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0 AppEngine-Google; (+http://code.google.com/appengine; appid: s~cnxmleo)
Reconstructed URL: http:// www.spambotsecurity.com /zbblock.php

#: 111917 @: 2011-09-28, Wed - 08:46:39 -06:00 Running: 0.4.10a
Host: 66.249.85.129
IP: 66.249.85.129
Score: 1
Violation count: 3 BANNED
Why blocked: Google Cloud Services. Not an ISP. Used by hackers, scrapers, and other unsavories. 
Query: 
Referer: http://www.zen-cart.com/
User Agent: Mozilla/5.0 (Windows NT 6.1; rv:7.0) Gecko/20100101 Firefox/7.0 AppEngine-Google; (+http://code.google.com/appengine; appid: s~cnxmleo)
Reconstructed URL: http:// www.spambotsecurity.com /zbblock.php

My best guess on this one, is a poor attempt at a proxy server running on the Google cloud. Please note, Google has been a good netizen, and enforced the user-agent to contain their UA, no matter what the user tries to do to disguise it. Kudos to google... But please note that the hackers are showing up.

An app ID like s~cnxmleo sounds like a random name designed to bury it from anyone looking for "google cloud proxy project"

Zap hmm


Get Protected, Stay Protected...
With ZB Block, GNU/GPL Freeware Anti-Spam/Anti-Hack protection for your php based website.

Little boxes in the server farm, little boxes running php...

Offline

Board footer

Powered by FluxBB

Close
Close