Kann ich DDoS haben? (5.9.57.176)

1 reply [Last post]
RaT
RaT's picture
Offline
SX High Council
Joined: 2008/03/12

Another lame DDoS from 5.9.57.176 (located in Germany). This one looks like they must have assumed we were blocking on user agent - lol wrong Tongue

They successfully threw 1 minute of traffic at us with our new system in place. Congrats!

Small snippet as always:

5.9.57.176 - - [10/Jul/2013:05:13:15 -0400] "GET / HTTP/1.0" 403 875 "http://www.soldierx.com/user/register?destination=comment%2Freply%2F988%23comment-form" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.9.168 Version/11.50"
5.9.57.176 - - [10/Jul/2013:05:13:15 -0400] "GET / HTTP/1.0" 403 25901 "http://www.soldierx.com/user/register?destination=comment%2Freply%2F988%23comment-form" "Mozilla/5.0 (Windows NT 5.2; rv:12.0) Gecko/20100101 Firefox/12.0"
5.9.57.176 - - [10/Jul/2013:05:13:15 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5381%23comment-form" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
5.9.57.176 - - [10/Jul/2013:05:13:15 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5392%23comment-form" "Opera/9.80 (Windows NT 5.1; MRA 6.0 (build 5998)) Presto/2.12.388 Version/12.11"
5.9.57.176 - - [10/Jul/2013:05:13:15 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Mozilla/5.0 (Windows NT 6.0; rv:17.0) Gecko/20100101 Firefox/17.0"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "GET / HTTP/1.0" 403 25901 "http://www.soldierx.com/" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.9.168 Version/11.50"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5468%23comment-form" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; GTB7.4; MRA 6.0 (build 6005); User-agent: Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1); .NET CLR 1.1.4322; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729; InfoPath.1; .NET4.0C; .NET4.0E; MRIE8PACK 2.0.1)"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5392%23comment-form" "Opera/9.80 (Windows NT 5.1; Edition Yx) Presto/2.12.388 Version/12.11"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5477%23comment-form" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/535.12 (KHTML, like Gecko) Maxthon/3.0 Chrome/18.0.966.0 Safari/535.12"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5497%23comment-form" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/536.11 (KHTML, like Gecko) Chrome/20.0.1132.57 Safari/536.11"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5477%23comment-form" "Mozilla/5.0 (Windows NT 6.1; rv:15.0) Gecko/20100101 Firefox/15.0.1"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 5366 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5510%23comment-form" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.10.289 Version/12.00"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5468%23comment-form" "Mozilla/5.0 (Windows NT 5.1; rv:15.0) Gecko/20100101 Firefox/15.0"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5528%23comment-form" "Mozilla/5.0 (Windows NT 6.0; rv:17.0) Gecko/20100101 Firefox/17.0"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 5366 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5528%23comment-form" "Mozilla/5.0 (Windows NT 5.1; rv:8.0) Gecko/20100101 Firefox/8.0"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5530%23comment-form" "Mozilla/4.0 (compatible; MSIE 8.0; Windows NT 5.1; Trident/4.0; .NET CLR 2.0.50727; .NET CLR 3.0.4506.2152; .NET CLR 3.5.30729)"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/536.5 (KHTML, like Gecko) YaBrowser/1.1.1084.5409 Chrome/19.1.1084.5409 Safari/536.5"
5.9.57.176 - - [10/Jul/2013:05:13:16 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5497%23comment-form" "Mozilla/5.0 (Windows NT 6.1; WOW64; rv:15.0) Gecko/20100101 Firefox/15.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5532%23comment-form" "Mozilla/5.0 (Windows NT 5.2; rv:12.0) Gecko/20100101 Firefox/12.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5532%23comment-form" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.91 Safari/537.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5542%23comment-form" "Mozilla/5.0 (Windows NT 6.1; rv:12.0) Gecko/20100101 Firefox/12.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.96 Safari/537.4"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5542%23comment-form" "Mozilla/5.0 (Windows NT 5.2; rv:17.0) Gecko/20100101 Firefox/17.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5546%23comment-form" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US; rv:1.9.2.22) Gecko/20110902 Firefox/3.6.22"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5546%23comment-form" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.10.289 Version/12.00"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5554%23comment-form" "Mozilla/5.0 (Windows NT 6.2; WOW64; rv:17.0) Gecko/17.0 Firefox/17.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5554%23comment-form" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/535.11 (KHTML, like Gecko) Chrome/17.0.963.12 Safari/535.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5566%23comment-form" "Mozilla/5.0 (Windows NT 5.1; rv:12.0) Gecko/20100101 Firefox/12.0"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5580%23comment-form" "Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.4 (KHTML, like Gecko) Chrome/22.0.1229.79 Safari/537.4 u01-09"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5566%23comment-form" "Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F587%23comment-form" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F5580%23comment-form" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_6_8) AppleWebKit/537.11 (KHTML, like Gecko) Chrome/23.0.1271.64 Safari/537.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F609%23comment-form" "Opera/9.80 (Windows NT 6.1) Presto/2.12.388 Version/12.11"
5.9.57.176 - - [10/Jul/2013:05:13:17 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F609%23comment-form" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.1 (KHTML, like Gecko) Chrome/21.0.1180.89 Safari/537.1"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F667%23comment-form" "Mozilla/5.0 (Windows NT 5.2; rv:16.0) Gecko/20100101 Firefox/16.0"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F834%23comment-form" "Opera/9.80 (Windows NT 6.1; Edition Yx) Presto/2.12.388 Version/12.10"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F667%23comment-form" "Opera/9.80 (Windows NT 6.1; WOW64; MRA 6.0 (build 5998)) Presto/2.12.388 Version/12.10"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/login?destination=comment%2Freply%2F834%23comment-form" "Mozilla/5.0 (Windows NT 5.1; rv:11.0) Gecko/20100101 Firefox/11.0"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Opera/9.80 (Windows NT 5.1; U; ru) Presto/2.9.168 Version/11.50"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/" "Opera/9.80 (Windows NT 6.1; U; ru) Presto/2.10.229 Version/11.61"
5.9.57.176 - - [10/Jul/2013:05:13:18 -0400] "POST /frontpage?destination=frontpage HTTP/1.0" 403 4838 "http://www.soldierx.com/user/register?destination=comment%2Freply%2F988%23comment-form" "Mozilla/5.0 (Windows NT 5.2; rv:12.0) Gecko/20100101 Firefox/12.0"