customer.clientshostname.com scraped me, and the name is very generic, so I thought to research it. clientshostname.com has a lot of customer names prepended to it, so this excludes all their names. Three IP ranges should do you.
host671420043112.direcway.com is a whisper bot that content scraped me. They are unique in that their hostname is somewhat ambiguous, making machine reading more difficult. All octets can be 2 or 3 digits long, allowing for much ambiguity.
whisper is a very much hated botnet that continues to attack my site, one ip at a time, small but relentless.
Observation:
host671420043112.direcway.com predicted IP is 67.142.112.43
Pattern:
The host name has all of the IP digits but is ambiguous. The first octet can be either 2 or 3 digits, so look at their IP ranges. The third and fourth octets are reversed. The third octet has a prepended “00”.
network-consulting.fr had content spammed me, so I looked them up. They are interesting with its host name usage. if they spam me again i will be ready.
79.98.16.0 – 79.98.23.255 Network Consulting Fr
Observation:
f79.ip.network-consulting.fr My educated guess is 79.98.21.79
Pattern:
network-consulting.fr starts its “A” group from 79.98.16.0. Incrementing up the alphabet adds one number to the third octet, or third octet+. The first number of the host name is the fourth octet.
Suspicious, we were, that Little Weed was burning through our internet bandwidth quota very quickly. Even with wifi off, how could this happen? Some Android apps have the ability to turn on wifi by themselves and communicate.
Little Weed noticed that one of his apps, Head Soccer, updated without his knowledge, so he asked to take the phone off our wifi network. This app, Head Soccer, has following permissions:
Damn, that was hard. Android Studio 2.1.2 is really a bitch to tame. I had not used AS for a while, so when I opened it I needed to upgrade, which I did. That is when the pain started. If you are using an older phone than Android v21 Lollipop then you will need add a lower version of gradle 2.10 to work.
The different versions of Android require different versions of gradle. Upgrade your android version and your gradle version will correspond. Upgrade Android Studio and you support and older version of Android spells trouble.
You never know what you will find in your travels. dynamic-ip-181500198200.cable.net.co was content scraping me, so I decided to target it. It is part of the large Semalt botnet that started with keywords-monitoring-your-success.com and free-video-tool.comand then continued with fix-website-errors, with a sprinkling of buttons-for-websites thrown in.
Its host name is unique in that it is numerically very long. I could see remnants of a decimal IP address, but there was something odd.
Their pattern is not as predictable as required by a computer but that is precisely the point: They want to fool anti-bot software, but allow their admin staff to figure it out. If staff have a couple of errors it is no problem.
