Crazy amount of guests

Anthony Parsons said:
Anthony Parsons said:
I just went nuclear. My normal traffic is 200k - 300k daily uniques. Right now, I am surpassing a million daily, which is all nonsense traffic.

Nuclear option engaged - managed challenge everything except CF known bots and logged in sessions.

In 20 minutes that has 45k events with only 41 solved.
Click to expand...
Click to expand...
Can you tell me how exactly you created that rule? Looking to set that up too because I have the same problem.
 
Last edited:
Code: 
(
    not http.cookie contains "xf_session="
    and not http.cookie contains "xf_user="
)
and not cf.client.bot

I'm going to try the below one, as I think session is used for guests too, so just to exclude logged in users:

Code: 
(not http.cookie contains "xf_user=" and not cf.client.bot)

Managed Challenge. After it has been running for close to 24hrs, 1.5M events with only a 2k solve. I also have a prior rule for (cf.client.bot) to Skip managed rules, which was about 50k. Go into CF settings for the site, Security > Settings > Challenge Passenge and change the managed challenge time to like a day, so it doesn't upset anyone, but still stops everything non-human that one time.

Not sure if its totally correct, but its working. If there is an issue in the above, brains trust here will tell me. Took my proxycheck account down to a few dollars monthly.

Screenshot 2026-03-31 081441.webp

Oh, and my server is locked down to only accept traffic via Cloudflare, no direct IP access other than my static IP I have.
 
Last edited:
If you wanted to be less restrictive, you could just target the real issue where from my logs these bots are hitting primarily /search with a username.

Code: 
(http.request.uri.path contains "/search/" or http.request.uri.path contains "/register") and not http.cookie contains "xf_user=" and not cf.client.bot

Obviously that would have to be in the expression builder, as it won't let you build that via the WYSIWYG interface.

I guess an even lesser restrictive solution to solely stop search abuse is:
Code: 
(http.request.uri.path contains "/search/" and not http.cookie contains "xf_user=")
using a managed challenge with a 24hr setting.

I'm not even sure its search abuse, because from previous discussion here about AI's scraping data to remove anonymity of usernames and piecing that together with other data online to find real names, my logs are showing that this recent influx is mainly targeting /search/username and grabbing content per username. So MAYBE, the lesser restrictive block is all that's needed to stop the real issue that is quite recent, being Governments / Corporations building their own databases stripping online anonymity away via complex AI logic?
 
Last edited:
Anthony Parsons said:
If you wanted to be less restrictive, you could just target the real issue where from my logs these bots are hitting primarily /search with a username.

Code: 
(http.request.uri.path contains "/search/" or http.request.uri.path contains "/register") and not http.cookie contains "xf_user=" and not cf.client.bot

Obviously that would have to be in the expression builder, as it won't let you build that via the WYSIWYG interface.

I guess an even lesser restrictive solution to solely stop search abuse is:
Code: 
(http.request.uri.path contains "/search/" and not http.cookie contains "xf_user=")
using a managed challenge with a 24hr setting.

I'm not even sure its search abuse, because from previous discussion here about AI's scraping data to remove anonymity of usernames and piecing that together with other data online to find real names, my logs are showing that this recent influx is mainly targeting /search/username and grabbing content per username. So MAYBE, the lesser restrictive block is all that's needed to stop the real issue that is quite recent, being Governments / Corporations building their own databases stripping online anonymity away via complex AI logic?
Click to expand...
I am curious about your CF rules... are you flat out blocking (HTTP 401/403) or doing some sort of rate limiting (HTTP 429) based on IP or CIDR?

With the issue that you've described, it looks closer to what you're assuming: User Fingerprinting and Unmasking via means of mass data collection.

Which got me thinking, does an addon exist to selectively control where captcha/challenges are displayed and required to be solved? When I take a peek at /admin.php?options/groups/usersAndRegistration/#captcha - it's just a global configuration item, with limited scope where it appears at. If something doesn't exist, extending where captcha is required at (routes) for certain user groups (e.g., Guests) probably should be considered.

Edit; I did a bit of digging on the XF2 Resources, and there isn't exactly an addon that is doing what I had in mind, there's similar, but nothing with this exact feature set: The capability to select what feature(s) (e.g., via route names: search, threads, categories, forums, etc.) should be captcha/challenge checked, where it should be displayed within the feature, and who (User Group global: Yes/No/Never) the global configured XenForo 2 Captcha to be displayed at.
 
Last edited:
After it has been quiet over the last days bots have now started to tackle my forum again and I went from 38% blocking rate of requesting IPs to 76% blocking rate again. Interestingly enough, most of these bots seem not to be recognized by proxycheck.io, despite them having written at the beginning of March that they improved the detection of resident proxies massively:

proxycheck.io

blog | proxycheck.io

proxycheck.io blog, read about our latest news.
proxycheck.io proxycheck.io

Indeed, they seem to recognize a couple more than before, still just a fraction. If I look on my 24hr statistics of the proxy check API it looks pretty harmless and rather like a good situation: far more "green"visitors than yellow and red and those are during the typical activity times of my forum.

Bildschirmfoto 2026-03-31 um 06.20.49.webp

However, if I look at my IP Threat monitor statistics for the same 24 hours the picture changes:

Bildschirmfoto 2026-03-31 um 06.21.29.webp

Obviously a lot is blocked that has been let through by proxy check. I can be pretty sure that there are barely any false positives as the number of genuine visitors to my forum is around 700 -1000 in 24h (and this already includes some unidentified baddies) - basically everything on top of that are bad bots. However, it has been worse, looking at the 30 day statistics where we end up with 89% blacklisted IPs:

Bildschirmfoto 2026-03-31 um 06.36.51.webp

While proxycheck is incredibly useful it does ignore / fail to detect a lot of the bad traffic - my ASN list and country blocking does the rest. What I see is a subtile change in sources: While the "classics" Brasil, USA, Pakistan, India and Iraq are still on top of the country list the absolute number per country has gone down by at least a third if not more, so it is more distributed now than before. Also, over the last days I had more than once Germany in the top five, which is somewhat unusual, as I only block per ASN and proxycheck here and don't block client providers. And they seem to have somewhat adapted to the daytime of my forums, so the additional traffic does not directly catch suspicion. When looking at the three day statistics of proxycheck one can see the rise within the last 24h...
Bildschirmfoto 2026-03-31 um 06.23.30.webp
... while in comparison to the beginning of the month (let alone the peak on March 18th) it is still quiet:

Bildschirmfoto 2026-03-31 um 06.53.22.webp

Regarding source ASNs there have been a couple of new kids on the block in terms of datacenter and international distributed ASNs, but not many. I have however seen quite some "old friends" visiting that I hadn't seen in a while including i.e. one of the the Amazon AWS ASNs while the "classics" that knock on the door x times per day stay the same. So it seems that the baddies for once started to do more provider rotating than before and constantly try to find new hosters while on the other hand they do have a reliable set of hosters and ~200 ASNs that either don't care or actively support their dirty business (with some probably being an active core part of it).

Proxycheck does btw. for the most part identify/classify the baddies as VPN, not as proxies. So the scrapers seem to use private VPNs as the basis for their datacenter based attacks to a wide degree (as amount and geographical distribution does it make completely implausible that this would be genuine traffic). Also, I've seen a couple more tor-hosts than usual while I've seen barely any Cable/DSL IP blocked by procycheck.
 
BrettC said:
I am curious about your CF rules... are you flat out blocking (HTTP 401/403) or doing some sort of rate limiting (HTTP 429) based on IP or CIDR?
Click to expand...
Managed Challenge on them. If my understanding is correct, then any real human in a browser, the CF managed challenge will auto solve and its nothing more than a few seconds for the user. All else, it presents with a captcha for solving, which it seems, CF system works effectively and bots aren't solving it. Correct me if wrong, that is my understanding.
 
smallwheels said:
Also, over the last days I had more than once Germany in the top five, which is somewhat unusual
Click to expand...
Yup, seen that a few days back.
smallwheels said:
for the most part identify/classify the baddies as VPN
Click to expand...
Yup, when taking a random look through IP's, VPN seems to be the bad bot choice.

Honestly, I don't know why companies like SEMRUSH are hitting /search/ on forums. They can easily scrape all public data like a normal good bot, but they hit search. MSN does it too, I've noticed.

I have tried the ASN and IP blocking approach, and it just doesn't work. Not for me.

In all honesty, I think the easiest solution to beat all the crap being thrown at forums right now, is to manage challenge all continents and exclude logged in users and known good bots, once in a 24hr period. That doesn't upset users, but stops every bad actor near instantly.
 
Anthony Parsons said:
If my understanding is correct, then any real human in a browser, the CF managed challenge will auto solve and its nothing more than a few seconds for the user. All else, it presents with a captcha for solving, which it seems, CF system works effectively and bots aren't solving it. Correct me if wrong, that is my understanding.
Click to expand...
I visited your forum yesterday evening out of curiosity (btw. a brilliant forum) and got presented by the classic cloud flare "I am a human" checkbox. Just visited again with two different browsers (and probably a fresh IP as it typically changes over night) and did not hit any checkbox or need for interaction.

Anthony Parsons said:
Honestly, I don't know why companies like SEMRUSH are hitting /search/ on forums. They can easily scrape all public data like a normal good bot, but they hit search. MSN does it too, I've noticed.
Click to expand...
Who needs Semrush anyway? I do block them via a user agent-block in .htaccess. MSN/bing should probably follow directions in robots.txt, at least I'd assume that. So excluding /search via robots.txt could possibly do the trick here.

Anthony Parsons said:
Managed Challenge on them.
Click to expand...
Do you know if the setup you are using with Cloudflare (inc. the cookie-rule) is available in the free tier as well?
 
smallwheels said:
Do you know if the setup you are using with Cloudflare (inc. the cookie-rule) is available in the free tier as well?
Click to expand...
I am using free tier. I used to use the pro tier, but honestly, I stopped feeling like I was getting value from it for the fraction of seconds each request obtained. I got better results from refining server, refining DB, edge caching, etc. I stopped using Argo and Cache Reserve, again, it was in the thousands of a second difference, which just wasn't worth the cost to me for adding a combined 100ms to load a page across the world.
 
Anthony Parsons said:
Managed Challenge on them. If my understanding is correct, then any real human in a browser, the CF managed challenge will auto solve and its nothing more than a few seconds for the user. All else, it presents with a captcha for solving, which it seems, CF system works effectively and bots aren't solving it. Correct me if wrong, that is my understanding.
Click to expand...
Ah, that makes much more sense! The configuration that you've set is effectively doing the walled-garden treatment. I'd be curious to see much more data (be it numerical or charts) as time goes on. It will make for some good analysis - primarily for finding hot networks doing the abuse, how often and diverse, etc..
 
After a month of calm, they're back at it.

Seeing insane amounts of traffic from Shanghai263 and ASN 139341

I looked up ASN 139341 on https://hackertarget.com/as-ip-lookup/and removed ipv6 and sorted the list.
Here it is in apache .htaccess format:

Code: 
Deny from 101.33.10.0/24
Deny from 101.33.11.0/24
Deny from 101.33.18.0/24
Deny from 101.33.19.0/24
Deny from 101.33.20.0/24
Deny from 101.33.21.0/24
Deny from 101.33.26.0/24
Deny from 101.33.27.0/24
Deny from 101.33.6.0/24
Deny from 162.14.44.0/24
Deny from 162.14.45.0/24
Deny from 162.14.46.0/24
Deny from 162.14.47.0/24
Deny from 176.28.128.0/24
Deny from 211.152.148.0/24
Deny from 211.152.149.0/24
Deny from 43.131.10.0/24
Deny from 43.131.11.0/24
Deny from 43.132.65.0/24
Deny from 43.132.69.0/24
Deny from 43.132.70.0/23
Deny from 43.132.72.0/23
Deny from 43.132.74.0/24
Deny from 43.132.75.0/24
Deny from 43.132.77.0/24
Deny from 43.132.78.0/23
Deny from 43.132.78.0/24
Deny from 43.132.79.0/24
Deny from 43.132.80.0/24
Deny from 43.132.81.0/24
Deny from 43.132.82.0/24
Deny from 43.132.83.0/24
Deny from 43.132.84.0/24
Deny from 43.132.85.0/24
Deny from 43.132.86.0/24
Deny from 43.132.87.0/24
Deny from 43.132.89.0/24
Deny from 43.132.90.0/24
Deny from 43.132.91.0/24
Deny from 43.132.92.0/24
Deny from 43.132.93.0/24
Deny from 43.132.94.0/23
Deny from 43.152.0.0/24
Deny from 43.152.1.0/24
Deny from 43.152.10.0/24
Deny from 43.152.11.0/24
Deny from 43.152.12.0/24
Deny from 43.152.129.0/24
Deny from 43.152.13.0/24
Deny from 43.152.133.0/24
Deny from 43.152.134.0/23
Deny from 43.152.136.0/24
Deny from 43.152.137.0/24
Deny from 43.152.138.0/24
Deny from 43.152.139.0/24
Deny from 43.152.14.0/24
Deny from 43.152.140.0/24
Deny from 43.152.141.0/24
Deny from 43.152.142.0/24
Deny from 43.152.143.0/24
Deny from 43.152.148.0/24
Deny from 43.152.149.0/24
Deny from 43.152.15.0/24
Deny from 43.152.150.0/24
Deny from 43.152.152.0/24
Deny from 43.152.153.0/24
Deny from 43.152.154.0/24
Deny from 43.152.155.0/24
Deny from 43.152.156.0/24
Deny from 43.152.157.0/24
Deny from 43.152.158.0/24
Deny from 43.152.16.0/24
Deny from 43.152.160.0/24
Deny from 43.152.161.0/24
Deny from 43.152.162.0/24
Deny from 43.152.166.0/24
Deny from 43.152.168.0/24
Deny from 43.152.169.0/24
Deny from 43.152.17.0/24
Deny from 43.152.170.0/24
Deny from 43.152.171.0/24
Deny from 43.152.173.0/24
Deny from 43.152.174.0/24
Deny from 43.152.175.0/24
Deny from 43.152.177.0/24
Deny from 43.152.178.0/24
Deny from 43.152.179.0/24
Deny from 43.152.18.0/24
Deny from 43.152.180.0/24
Deny from 43.152.181.0/24
Deny from 43.152.182.0/24
Deny from 43.152.183.0/24
Deny from 43.152.184.0/24
Deny from 43.152.185.0/24
Deny from 43.152.186.0/24
Deny from 43.152.188.0/24
Deny from 43.152.189.0/24
Deny from 43.152.19.0/24
Deny from 43.152.190.0/24
Deny from 43.152.191.0/24
Deny from 43.152.2.0/24
Deny from 43.152.20.0/24
Deny from 43.152.21.0/24
Deny from 43.152.22.0/24
Deny from 43.152.23.0/24
Deny from 43.152.24.0/24
Deny from 43.152.25.0/24
Deny from 43.152.26.0/24
Deny from 43.152.27.0/24
Deny from 43.152.28.0/24
Deny from 43.152.29.0/24
Deny from 43.152.3.0/24
Deny from 43.152.30.0/24
Deny from 43.152.31.0/24
Deny from 43.152.32.0/24
Deny from 43.152.33.0/24
Deny from 43.152.35.0/24
Deny from 43.152.36.0/24
Deny from 43.152.37.0/24
Deny from 43.152.4.0/24
Deny from 43.152.40.0/24
Deny from 43.152.42.0/23
Deny from 43.152.44.0/23
Deny from 43.152.47.0/24
Deny from 43.152.48.0/24
Deny from 43.152.49.0/24
Deny from 43.152.5.0/24
Deny from 43.152.50.0/24
Deny from 43.152.51.0/24
Deny from 43.152.52.0/24
Deny from 43.152.53.0/24
Deny from 43.152.55.0/24
Deny from 43.152.57.0/24
Deny from 43.152.58.0/23
Deny from 43.152.6.0/24
Deny from 43.152.60.0/24
Deny from 43.152.61.0/24
Deny from 43.152.62.0/24
Deny from 43.152.7.0/24
Deny from 43.152.8.0/24
Deny from 43.159.102.0/23
Deny from 43.159.102.0/24
Deny from 43.159.103.0/24
Deny from 43.159.104.0/23
Deny from 43.159.104.0/24
Deny from 43.159.106.0/23
Deny from 43.159.106.0/24
Deny from 43.159.107.0/24
Deny from 43.159.108.0/23
Deny from 43.159.108.0/24
Deny from 43.159.109.0/24
Deny from 43.159.110.0/23
Deny from 43.159.110.0/24
Deny from 43.159.111.0/24
Deny from 43.159.112.0/23
Deny from 43.159.112.0/24
Deny from 43.159.113.0/24
Deny from 43.159.114.0/23
Deny from 43.159.114.0/24
Deny from 43.159.115.0/24
Deny from 43.159.116.0/23
Deny from 43.159.116.0/24
Deny from 43.159.117.0/24
Deny from 43.159.118.0/23
Deny from 43.159.120.0/24
Deny from 43.159.121.0/24
Deny from 43.159.122.0/24
Deny from 43.159.123.0/24
Deny from 43.159.125.0/24
Deny from 43.159.126.0/24
Deny from 43.159.127.0/24
Deny from 43.159.64.0/24
Deny from 43.159.65.0/24
Deny from 43.159.69.0/24
Deny from 43.159.72.0/24
Deny from 43.159.73.0/24
Deny from 43.159.74.0/24
Deny from 43.159.77.0/24
Deny from 43.159.78.0/24
Deny from 43.159.79.0/24
Deny from 43.159.80.0/24
Deny from 43.159.81.0/24
Deny from 43.159.82.0/24
Deny from 43.159.83.0/24
Deny from 43.159.84.0/24
Deny from 43.159.87.0/24
Deny from 43.159.90.0/24
Deny from 43.159.94.0/23
Deny from 43.159.94.0/24
Deny from 43.159.95.0/24
Deny from 43.159.97.0/24
Deny from 43.159.98.0/23
Deny from 43.159.99.0/24
Deny from 43.168.0.0/24
Deny from 43.168.1.0/24
Deny from 43.168.10.0/24
Deny from 43.168.100.0/24
Deny from 43.168.101.0/24
Deny from 43.168.102.0/24
Deny from 43.168.103.0/24
Deny from 43.168.105.0/24
Deny from 43.168.106.0/24
Deny from 43.168.11.0/24
Deny from 43.168.114.0/24
Deny from 43.168.115.0/24
Deny from 43.168.116.0/24
Deny from 43.168.117.0/24
Deny from 43.168.118.0/24
Deny from 43.168.119.0/24
Deny from 43.168.12.0/24
Deny from 43.168.124.0/24
Deny from 43.168.125.0/24
Deny from 43.168.13.0/24
Deny from 43.168.131.0/24
Deny from 43.168.133.0/24
Deny from 43.168.14.0/24
Deny from 43.168.141.0/24
Deny from 43.168.144.0/24
Deny from 43.168.146.0/24
Deny from 43.168.147.0/24
Deny from 43.168.148.0/24
Deny from 43.168.149.0/24
Deny from 43.168.15.0/24
Deny from 43.168.150.0/24
Deny from 43.168.151.0/24
Deny from 43.168.152.0/24
Deny from 43.168.153.0/24
Deny from 43.168.154.0/24
Deny from 43.168.16.0/24
Deny from 43.168.164.0/24
Deny from 43.168.167.0/24
Deny from 43.168.17.0/24
Deny from 43.168.174.0/24
Deny from 43.168.175.0/24
Deny from 43.168.176.0/24
Deny from 43.168.18.0/24
Deny from 43.168.19.0/24
Deny from 43.168.2.0/24
Deny from 43.168.20.0/24
Deny from 43.168.208.0/24
Deny from 43.168.209.0/24
Deny from 43.168.21.0/24
Deny from 43.168.210.0/24
Deny from 43.168.211.0/24
Deny from 43.168.218.0/24
Deny from 43.168.219.0/24
Deny from 43.168.22.0/24
Deny from 43.168.224.0/24
Deny from 43.168.23.0/24
Deny from 43.168.24.0/24
Deny from 43.168.25.0/24
Deny from 43.168.26.0/24
Deny from 43.168.27.0/24
Deny from 43.168.3.0/24
Deny from 43.168.32.0/24
Deny from 43.168.33.0/24
Deny from 43.168.34.0/24
Deny from 43.168.35.0/24
Deny from 43.168.36.0/24
Deny from 43.168.37.0/24
Deny from 43.168.38.0/24
Deny from 43.168.39.0/24
Deny from 43.168.4.0/24
Deny from 43.168.40.0/24
Deny from 43.168.41.0/24
Deny from 43.168.42.0/24
Deny from 43.168.43.0/24
Deny from 43.168.44.0/24
Deny from 43.168.45.0/24
Deny from 43.168.46.0/24
Deny from 43.168.47.0/24
Deny from 43.168.48.0/24
Deny from 43.168.49.0/24
Deny from 43.168.5.0/24
Deny from 43.168.50.0/24
Deny from 43.168.51.0/24
Deny from 43.168.52.0/24
Deny from 43.168.53.0/24
Deny from 43.168.54.0/24
Deny from 43.168.55.0/24
Deny from 43.168.56.0/24
Deny from 43.168.57.0/24
Deny from 43.168.58.0/24
Deny from 43.168.59.0/24
Deny from 43.168.60.0/24
Deny from 43.168.61.0/24
Deny from 43.168.62.0/24
Deny from 43.168.65.0/24
Deny from 43.168.66.0/24
Deny from 43.168.7.0/24
Deny from 43.168.71.0/24
Deny from 43.168.74.0/24
Deny from 43.168.8.0/24
Deny from 43.168.80.0/24
Deny from 43.168.81.0/24
Deny from 43.168.82.0/24
Deny from 43.168.85.0/24
Deny from 43.168.86.0/24
Deny from 43.168.89.0/24
Deny from 43.168.93.0/24
Deny from 43.168.94.0/24
Deny from 43.168.95.0/24
Deny from 43.168.98.0/24
Deny from 43.168.99.0/24
Deny from 43.169.1.0/24
Deny from 43.169.12.0/24
Deny from 43.169.13.0/24
Deny from 43.169.14.0/24
Deny from 43.169.15.0/24
Deny from 43.169.16.0/24
Deny from 43.169.17.0/24
Deny from 43.169.18.0/24
Deny from 43.169.19.0/24
Deny from 43.169.20.0/24
Deny from 43.169.21.0/24
Deny from 43.169.22.0/24
Deny from 43.169.23.0/24
Deny from 43.169.24.0/24
Deny from 43.169.25.0/24
Deny from 43.169.26.0/24
Deny from 43.169.27.0/24
Deny from 43.169.32.0/24
Deny from 43.169.33.0/24
Deny from 43.169.34.0/24
Deny from 43.169.35.0/24
Deny from 43.169.36.0/24
Deny from 43.169.37.0/24
Deny from 43.169.38.0/24
Deny from 43.169.39.0/24
Deny from 43.169.40.0/24
Deny from 43.169.41.0/24
Deny from 43.170.0.0/24
Deny from 43.170.1.0/24
Deny from 43.170.16.0/24
Deny from 43.170.17.0/24
Deny from 43.170.2.0/24
Deny from 43.170.213.0/24
Deny from 43.170.214.0/24
Deny from 43.170.215.0/24
Deny from 43.170.216.0/24
Deny from 43.170.217.0/24
Deny from 43.170.218.0/24
Deny from 43.170.219.0/24
Deny from 43.170.220.0/24
Deny from 43.170.221.0/24
Deny from 43.170.222.0/24
Deny from 43.170.223.0/24
Deny from 43.170.24.0/24
Deny from 43.170.246.0/24
Deny from 43.170.247.0/24
Deny from 43.170.25.0/24
Deny from 43.170.3.0/24
Deny from 43.170.4.0/24
Deny from 43.170.5.0/24
Deny from 43.170.6.0/24
Deny from 43.170.7.0/24
Deny from 43.170.8.0/24
Deny from 43.170.9.0/24
Deny from 43.174.0.0/24
Deny from 43.174.1.0/24
Deny from 43.174.10.0/24
Deny from 43.174.100.0/24
Deny from 43.174.101.0/24
Deny from 43.174.102.0/24
Deny from 43.174.103.0/24
Deny from 43.174.104.0/24
Deny from 43.174.105.0/24
Deny from 43.174.106.0/24
Deny from 43.174.107.0/24
Deny from 43.174.108.0/24
Deny from 43.174.109.0/24
Deny from 43.174.11.0/24
Deny from 43.174.112.0/24
Deny from 43.174.113.0/24
Deny from 43.174.114.0/24
Deny from 43.174.115.0/24
Deny from 43.174.116.0/24
Deny from 43.174.117.0/24
Deny from 43.174.118.0/24
Deny from 43.174.119.0/24
Deny from 43.174.12.0/24
Deny from 43.174.122.0/24
Deny from 43.174.123.0/24
Deny from 43.174.124.0/24
Deny from 43.174.125.0/24
Deny from 43.174.126.0/24
Deny from 43.174.127.0/24
Deny from 43.174.128.0/24
Deny from 43.174.129.0/24
Deny from 43.174.13.0/24
Deny from 43.174.130.0/24
Deny from 43.174.131.0/24
Deny from 43.174.132.0/24
Deny from 43.174.133.0/24
Deny from 43.174.134.0/24
Deny from 43.174.135.0/24
Deny from 43.174.136.0/24
Deny from 43.174.139.0/24
Deny from 43.174.14.0/24
Deny from 43.174.140.0/24
Deny from 43.174.141.0/24
Deny from 43.174.142.0/24
Deny from 43.174.143.0/24
Deny from 43.174.144.0/24
Deny from 43.174.145.0/24
Deny from 43.174.146.0/24
Deny from 43.174.147.0/24
Deny from 43.174.148.0/24
Deny from 43.174.149.0/24
Deny from 43.174.15.0/24
Deny from 43.174.150.0/24
Deny from 43.174.151.0/24
Deny from 43.174.152.0/24
Deny from 43.174.153.0/24
Deny from 43.174.154.0/24
Deny from 43.174.155.0/24
Deny from 43.174.156.0/24
Deny from 43.174.157.0/24
Deny from 43.174.158.0/24
Deny from 43.174.159.0/24
Deny from 43.174.16.0/24
Deny from 43.174.160.0/24
Deny from 43.174.161.0/24
Deny from 43.174.162.0/24
Deny from 43.174.163.0/24
Deny from 43.174.165.0/24
Deny from 43.174.166.0/24
Deny from 43.174.167.0/24
Deny from 43.174.168.0/24
Deny from 43.174.169.0/24
Deny from 43.174.170.0/24
Deny from 43.174.171.0/24
Deny from 43.174.172.0/24
Deny from 43.174.173.0/24
Deny from 43.174.175.0/24
Deny from 43.174.176.0/24
Deny from 43.174.177.0/24
Deny from 43.174.178.0/24
Deny from 43.174.182.0/24
Deny from 43.174.186.0/24
Deny from 43.174.187.0/24
Deny from 43.174.188.0/24
Deny from 43.174.189.0/24
Deny from 43.174.190.0/24
Deny from 43.174.191.0/24
Deny from 43.174.192.0/24
Deny from 43.174.193.0/24
Deny from 43.174.194.0/24
Deny from 43.174.195.0/24
Deny from 43.174.196.0/24
Deny from 43.174.197.0/24
Deny from 43.174.198.0/24
Deny from 43.174.199.0/24
Deny from 43.174.2.0/24
Deny from 43.174.200.0/24
Deny from 43.174.201.0/24
Deny from 43.174.202.0/24
Deny from 43.174.203.0/24
Deny from 43.174.204.0/24
Deny from 43.174.205.0/24
Deny from 43.174.206.0/24
Deny from 43.174.207.0/24
Deny from 43.174.208.0/24
Deny from 43.174.209.0/24
Deny from 43.174.210.0/24
Deny from 43.174.211.0/24
Deny from 43.174.212.0/24
Deny from 43.174.213.0/24
Deny from 43.174.214.0/24
Deny from 43.174.215.0/24
Deny from 43.174.216.0/24
Deny from 43.174.217.0/24
Deny from 43.174.218.0/24
Deny from 43.174.219.0/24
Deny from 43.174.220.0/24
Deny from 43.174.221.0/24
Deny from 43.174.222.0/24
Deny from 43.174.223.0/24
Deny from 43.174.224.0/24
Deny from 43.174.225.0/24
Deny from 43.174.226.0/24
Deny from 43.174.227.0/24
Deny from 43.174.228.0/24
Deny from 43.174.229.0/24
Deny from 43.174.230.0/24
Deny from 43.174.231.0/24
Deny from 43.174.232.0/24
Deny from 43.174.233.0/24
Deny from 43.174.24.0/24
Deny from 43.174.240.0/24
Deny from 43.174.241.0/24
Deny from 43.174.242.0/24
Deny from 43.174.243.0/24
Deny from 43.174.244.0/24
Deny from 43.174.245.0/24
Deny from 43.174.246.0/24
Deny from 43.174.247.0/24
Deny from 43.174.248.0/24
Deny from 43.174.249.0/24
Deny from 43.174.25.0/24
Deny from 43.174.250.0/24
Deny from 43.174.251.0/24
Deny from 43.174.26.0/24
Deny from 43.174.27.0/24
Deny from 43.174.28.0/24
Deny from 43.174.29.0/24
Deny from 43.174.3.0/24
Deny from 43.174.30.0/24
Deny from 43.174.31.0/24
Deny from 43.174.32.0/24
Deny from 43.174.33.0/24
Deny from 43.174.34.0/24
Deny from 43.174.35.0/24
Deny from 43.174.36.0/24
Deny from 43.174.37.0/24
Deny from 43.174.38.0/24
Deny from 43.174.39.0/24
Deny from 43.174.4.0/24
Deny from 43.174.40.0/24
Deny from 43.174.41.0/24
Deny from 43.174.42.0/24
Deny from 43.174.43.0/24
Deny from 43.174.44.0/24
Deny from 43.174.45.0/24
Deny from 43.174.46.0/24
Deny from 43.174.47.0/24
Deny from 43.174.48.0/24
Deny from 43.174.49.0/24
Deny from 43.174.5.0/24
Deny from 43.174.50.0/24
Deny from 43.174.51.0/24
Deny from 43.174.52.0/24
Deny from 43.174.53.0/24
Deny from 43.174.54.0/24
Deny from 43.174.55.0/24
Deny from 43.174.56.0/24
Deny from 43.174.57.0/24
Deny from 43.174.58.0/24
Deny from 43.174.6.0/24
Deny from 43.174.62.0/24
Deny from 43.174.63.0/24
Deny from 43.174.64.0/24
Deny from 43.174.66.0/24
Deny from 43.174.67.0/24
Deny from 43.174.7.0/24
Deny from 43.174.70.0/24
Deny from 43.174.71.0/24
Deny from 43.174.72.0/24
Deny from 43.174.73.0/24
Deny from 43.174.74.0/24
Deny from 43.174.75.0/24
Deny from 43.174.76.0/24
Deny from 43.174.77.0/24
Deny from 43.174.78.0/24
Deny from 43.174.79.0/24
Deny from 43.174.8.0/24
Deny from 43.174.80.0/24
Deny from 43.174.81.0/24
Deny from 43.174.82.0/24
Deny from 43.174.83.0/24
Deny from 43.174.84.0/24
Deny from 43.174.85.0/24
Deny from 43.174.86.0/24
Deny from 43.174.87.0/24
Deny from 43.174.88.0/24
Deny from 43.174.9.0/24
Deny from 43.174.93.0/24
Deny from 43.174.95.0/24
Deny from 43.174.96.0/24
Deny from 43.174.97.0/24
Deny from 43.174.98.0/24
Deny from 43.174.99.0/24
Deny from 43.175.0.0/24
Deny from 43.175.101.0/24
Deny from 43.175.102.0/24
Deny from 43.175.103.0/24
Deny from 43.175.104.0/24
Deny from 43.175.107.0/24
Deny from 43.175.108.0/24
Deny from 43.175.109.0/24
Deny from 43.175.110.0/24
Deny from 43.175.112.0/24
Deny from 43.175.114.0/24
Deny from 43.175.115.0/24
Deny from 43.175.117.0/24
Deny from 43.175.118.0/24
Deny from 43.175.119.0/24
Deny from 43.175.12.0/24
Deny from 43.175.120.0/24
Deny from 43.175.121.0/24
Deny from 43.175.122.0/24
Deny from 43.175.124.0/24
Deny from 43.175.125.0/24
Deny from 43.175.126.0/24
Deny from 43.175.127.0/24
Deny from 43.175.128.0/24
Deny from 43.175.129.0/24
Deny from 43.175.130.0/24
Deny from 43.175.131.0/24
Deny from 43.175.132.0/24
Deny from 43.175.133.0/24
Deny from 43.175.134.0/24
Deny from 43.175.135.0/24
Deny from 43.175.136.0/24
Deny from 43.175.138.0/24
Deny from 43.175.139.0/24
Deny from 43.175.140.0/24
Deny from 43.175.141.0/24
Deny from 43.175.142.0/24
Deny from 43.175.144.0/24
Deny from 43.175.145.0/24
Deny from 43.175.146.0/24
Deny from 43.175.147.0/24
Deny from 43.175.148.0/24
Deny from 43.175.149.0/24
Deny from 43.175.150.0/24
Deny from 43.175.151.0/24
Deny from 43.175.152.0/24
Deny from 43.175.156.0/24
Deny from 43.175.157.0/24
Deny from 43.175.16.0/24
Deny from 43.175.160.0/24
Deny from 43.175.161.0/24
Deny from 43.175.162.0/24
Deny from 43.175.163.0/24
Deny from 43.175.164.0/24
Deny from 43.175.165.0/24
Deny from 43.175.166.0/24
Deny from 43.175.167.0/24
Deny from 43.175.168.0/24
Deny from 43.175.169.0/24
Deny from 43.175.17.0/24
Deny from 43.175.170.0/24
Deny from 43.175.171.0/24
Deny from 43.175.172.0/24
Deny from 43.175.173.0/24
Deny from 43.175.174.0/23
Deny from 43.175.18.0/24
Deny from 43.175.180.0/24
Deny from 43.175.181.0/24
Deny from 43.175.182.0/24
Deny from 43.175.183.0/24
Deny from 43.175.184.0/24
Deny from 43.175.185.0/24
Deny from 43.175.186.0/24
Deny from 43.175.187.0/24
Deny from 43.175.189.0/24
Deny from 43.175.19.0/24
Deny from 43.175.191.0/24
Deny from 43.175.193.0/24
Deny from 43.175.194.0/24
Deny from 43.175.196.0/24
Deny from 43.175.197.0/24
Deny from 43.175.202.0/24
Deny from 43.175.203.0/24
Deny from 43.175.204.0/24
Deny from 43.175.205.0/24
Deny from 43.175.206.0/24
Deny from 43.175.208.0/24
Deny from 43.175.210.0/24
Deny from 43.175.211.0/24
Deny from 43.175.212.0/24
Deny from 43.175.213.0/24
Deny from 43.175.214.0/24
Deny from 43.175.215.0/24
Deny from 43.175.216.0/24
Deny from 43.175.217.0/24
Deny from 43.175.218.0/24
Deny from 43.175.219.0/24
Deny from 43.175.22.0/24
Deny from 43.175.220.0/24
Deny from 43.175.221.0/24
Deny from 43.175.222.0/24
Deny from 43.175.224.0/23
Deny from 43.175.224.0/24
Deny from 43.175.225.0/24
Deny from 43.175.226.0/23
Deny from 43.175.226.0/24
Deny from 43.175.227.0/24
Deny from 43.175.228.0/24
Deny from 43.175.229.0/24
Deny from 43.175.23.0/24
Deny from 43.175.230.0/23
Deny from 43.175.230.0/24
Deny from 43.175.231.0/24
Deny from 43.175.232.0/23
Deny from 43.175.234.0/24
Deny from 43.175.235.0/24
Deny from 43.175.236.0/23
Deny from 43.175.236.0/24
Deny from 43.175.237.0/24
Deny from 43.175.238.0/23
Deny from 43.175.238.0/24
Deny from 43.175.24.0/24
Deny from 43.175.240.0/23
Deny from 43.175.241.0/24
Deny from 43.175.242.0/23
Deny from 43.175.242.0/24
Deny from 43.175.243.0/24
Deny from 43.175.244.0/23
Deny from 43.175.246.0/23
Deny from 43.175.246.0/24
Deny from 43.175.248.0/23
Deny from 43.175.248.0/24
Deny from 43.175.249.0/24
Deny from 43.175.25.0/24
Deny from 43.175.250.0/23
Deny from 43.175.250.0/24
Deny from 43.175.251.0/24
Deny from 43.175.252.0/23
Deny from 43.175.252.0/24
Deny from 43.175.253.0/24
Deny from 43.175.255.0/24
Deny from 43.175.28.0/24
Deny from 43.175.29.0/24
Deny from 43.175.30.0/24
Deny from 43.175.32.0/24
Deny from 43.175.33.0/24
Deny from 43.175.36.0/24
Deny from 43.175.37.0/24
Deny from 43.175.39.0/24
Deny from 43.175.40.0/24
Deny from 43.175.42.0/24
Deny from 43.175.43.0/24
Deny from 43.175.44.0/24
Deny from 43.175.49.0/24
Deny from 43.175.50.0/24
Deny from 43.175.52.0/24
Deny from 43.175.53.0/24
Deny from 43.175.54.0/24
Deny from 43.175.55.0/24
Deny from 43.175.56.0/24
Deny from 43.175.57.0/24
Deny from 43.175.58.0/24
Deny from 43.175.60.0/24
Deny from 43.175.61.0/24
Deny from 43.175.65.0/24
Deny from 43.175.66.0/24
Deny from 43.175.67.0/24
Deny from 43.175.68.0/24
Deny from 43.175.69.0/24
Deny from 43.175.7.0/24
Deny from 43.175.71.0/24
Deny from 43.175.73.0/24
Deny from 43.175.74.0/24
Deny from 43.175.75.0/24
Deny from 43.175.77.0/24
Deny from 43.175.78.0/24
Deny from 43.175.79.0/24
Deny from 43.175.8.0/24
Deny from 43.175.81.0/24
Deny from 43.175.82.0/24
Deny from 43.175.85.0/24
Deny from 43.175.86.0/24
Deny from 43.175.87.0/24
Deny from 43.175.89.0/24
Deny from 43.175.93.0/24
Deny from 43.175.94.0/24
Deny from 43.175.95.0/24
Deny from 43.175.96.0/24
Deny from 43.175.97.0/24
Deny from 43.175.98.0/24
Deny from 86.51.92.0/24
 
ES Dev Team said:
After a month of calm, they're back at it.

Seeing insane amounts of traffic from Shanghai263 and ASN 139341

I looked up ASN 139341 on https://hackertarget.com/as-ip-lookup/and removed ipv6 and sorted the list.
Here it is in apache .htaccess format:

Code: 
Deny from 101.33.10.0/24
Deny from 101.33.11.0/24
Deny from 101.33.18.0/24
Deny from 101.33.19.0/24
Deny from 101.33.20.0/24
Deny from 101.33.21.0/24
Deny from 101.33.26.0/24
Deny from 101.33.27.0/24
Deny from 101.33.6.0/24
Deny from 162.14.44.0/24
Deny from 162.14.45.0/24
Deny from 162.14.46.0/24
Deny from 162.14.47.0/24
Deny from 176.28.128.0/24
Deny from 211.152.148.0/24
Deny from 211.152.149.0/24
Deny from 43.131.10.0/24
Deny from 43.131.11.0/24
Deny from 43.132.65.0/24
Deny from 43.132.69.0/24
Deny from 43.132.70.0/23
Deny from 43.132.72.0/23
Deny from 43.132.74.0/24
Deny from 43.132.75.0/24
Deny from 43.132.77.0/24
Deny from 43.132.78.0/23
Deny from 43.132.78.0/24
Deny from 43.132.79.0/24
Deny from 43.132.80.0/24
Deny from 43.132.81.0/24
Deny from 43.132.82.0/24
Deny from 43.132.83.0/24
Deny from 43.132.84.0/24
Deny from 43.132.85.0/24
Deny from 43.132.86.0/24
Deny from 43.132.87.0/24
Deny from 43.132.89.0/24
Deny from 43.132.90.0/24
Deny from 43.132.91.0/24
Deny from 43.132.92.0/24
Deny from 43.132.93.0/24
Deny from 43.132.94.0/23
Deny from 43.152.0.0/24
Deny from 43.152.1.0/24
Deny from 43.152.10.0/24
Deny from 43.152.11.0/24
Deny from 43.152.12.0/24
Deny from 43.152.129.0/24
Deny from 43.152.13.0/24
Deny from 43.152.133.0/24
Deny from 43.152.134.0/23
Deny from 43.152.136.0/24
Deny from 43.152.137.0/24
Deny from 43.152.138.0/24
Deny from 43.152.139.0/24
Deny from 43.152.14.0/24
Deny from 43.152.140.0/24
Deny from 43.152.141.0/24
Deny from 43.152.142.0/24
Deny from 43.152.143.0/24
Deny from 43.152.148.0/24
Deny from 43.152.149.0/24
Deny from 43.152.15.0/24
Deny from 43.152.150.0/24
Deny from 43.152.152.0/24
Deny from 43.152.153.0/24
Deny from 43.152.154.0/24
Deny from 43.152.155.0/24
Deny from 43.152.156.0/24
Deny from 43.152.157.0/24
Deny from 43.152.158.0/24
Deny from 43.152.16.0/24
Deny from 43.152.160.0/24
Deny from 43.152.161.0/24
Deny from 43.152.162.0/24
Deny from 43.152.166.0/24
Deny from 43.152.168.0/24
Deny from 43.152.169.0/24
Deny from 43.152.17.0/24
Deny from 43.152.170.0/24
Deny from 43.152.171.0/24
Deny from 43.152.173.0/24
Deny from 43.152.174.0/24
Deny from 43.152.175.0/24
Deny from 43.152.177.0/24
Deny from 43.152.178.0/24
Deny from 43.152.179.0/24
Deny from 43.152.18.0/24
Deny from 43.152.180.0/24
Deny from 43.152.181.0/24
Deny from 43.152.182.0/24
Deny from 43.152.183.0/24
Deny from 43.152.184.0/24
Deny from 43.152.185.0/24
Deny from 43.152.186.0/24
Deny from 43.152.188.0/24
Deny from 43.152.189.0/24
Deny from 43.152.19.0/24
Deny from 43.152.190.0/24
Deny from 43.152.191.0/24
Deny from 43.152.2.0/24
Deny from 43.152.20.0/24
Deny from 43.152.21.0/24
Deny from 43.152.22.0/24
Deny from 43.152.23.0/24
Deny from 43.152.24.0/24
Deny from 43.152.25.0/24
Deny from 43.152.26.0/24
Deny from 43.152.27.0/24
Deny from 43.152.28.0/24
Deny from 43.152.29.0/24
Deny from 43.152.3.0/24
Deny from 43.152.30.0/24
Deny from 43.152.31.0/24
Deny from 43.152.32.0/24
Deny from 43.152.33.0/24
Deny from 43.152.35.0/24
Deny from 43.152.36.0/24
Deny from 43.152.37.0/24
Deny from 43.152.4.0/24
Deny from 43.152.40.0/24
Deny from 43.152.42.0/23
Deny from 43.152.44.0/23
Deny from 43.152.47.0/24
Deny from 43.152.48.0/24
Deny from 43.152.49.0/24
Deny from 43.152.5.0/24
Deny from 43.152.50.0/24
Deny from 43.152.51.0/24
Deny from 43.152.52.0/24
Deny from 43.152.53.0/24
Deny from 43.152.55.0/24
Deny from 43.152.57.0/24
Deny from 43.152.58.0/23
Deny from 43.152.6.0/24
Deny from 43.152.60.0/24
Deny from 43.152.61.0/24
Deny from 43.152.62.0/24
Deny from 43.152.7.0/24
Deny from 43.152.8.0/24
Deny from 43.159.102.0/23
Deny from 43.159.102.0/24
Deny from 43.159.103.0/24
Deny from 43.159.104.0/23
Deny from 43.159.104.0/24
Deny from 43.159.106.0/23
Deny from 43.159.106.0/24
Deny from 43.159.107.0/24
Deny from 43.159.108.0/23
Deny from 43.159.108.0/24
Deny from 43.159.109.0/24
Deny from 43.159.110.0/23
Deny from 43.159.110.0/24
Deny from 43.159.111.0/24
Deny from 43.159.112.0/23
Deny from 43.159.112.0/24
Deny from 43.159.113.0/24
Deny from 43.159.114.0/23
Deny from 43.159.114.0/24
Deny from 43.159.115.0/24
Deny from 43.159.116.0/23
Deny from 43.159.116.0/24
Deny from 43.159.117.0/24
Deny from 43.159.118.0/23
Deny from 43.159.120.0/24
Deny from 43.159.121.0/24
Deny from 43.159.122.0/24
Deny from 43.159.123.0/24
Deny from 43.159.125.0/24
Deny from 43.159.126.0/24
Deny from 43.159.127.0/24
Deny from 43.159.64.0/24
Deny from 43.159.65.0/24
Deny from 43.159.69.0/24
Deny from 43.159.72.0/24
Deny from 43.159.73.0/24
Deny from 43.159.74.0/24
Deny from 43.159.77.0/24
Deny from 43.159.78.0/24
Deny from 43.159.79.0/24
Deny from 43.159.80.0/24
Deny from 43.159.81.0/24
Deny from 43.159.82.0/24
Deny from 43.159.83.0/24
Deny from 43.159.84.0/24
Deny from 43.159.87.0/24
Deny from 43.159.90.0/24
Deny from 43.159.94.0/23
Deny from 43.159.94.0/24
Deny from 43.159.95.0/24
Deny from 43.159.97.0/24
Deny from 43.159.98.0/23
Deny from 43.159.99.0/24
Deny from 43.168.0.0/24
Deny from 43.168.1.0/24
Deny from 43.168.10.0/24
Deny from 43.168.100.0/24
Deny from 43.168.101.0/24
Deny from 43.168.102.0/24
Deny from 43.168.103.0/24
Deny from 43.168.105.0/24
Deny from 43.168.106.0/24
Deny from 43.168.11.0/24
Deny from 43.168.114.0/24
Deny from 43.168.115.0/24
Deny from 43.168.116.0/24
Deny from 43.168.117.0/24
Deny from 43.168.118.0/24
Deny from 43.168.119.0/24
Deny from 43.168.12.0/24
Deny from 43.168.124.0/24
Deny from 43.168.125.0/24
Deny from 43.168.13.0/24
Deny from 43.168.131.0/24
Deny from 43.168.133.0/24
Deny from 43.168.14.0/24
Deny from 43.168.141.0/24
Deny from 43.168.144.0/24
Deny from 43.168.146.0/24
Deny from 43.168.147.0/24
Deny from 43.168.148.0/24
Deny from 43.168.149.0/24
Deny from 43.168.15.0/24
Deny from 43.168.150.0/24
Deny from 43.168.151.0/24
Deny from 43.168.152.0/24
Deny from 43.168.153.0/24
Deny from 43.168.154.0/24
Deny from 43.168.16.0/24
Deny from 43.168.164.0/24
Deny from 43.168.167.0/24
Deny from 43.168.17.0/24
Deny from 43.168.174.0/24
Deny from 43.168.175.0/24
Deny from 43.168.176.0/24
Deny from 43.168.18.0/24
Deny from 43.168.19.0/24
Deny from 43.168.2.0/24
Deny from 43.168.20.0/24
Deny from 43.168.208.0/24
Deny from 43.168.209.0/24
Deny from 43.168.21.0/24
Deny from 43.168.210.0/24
Deny from 43.168.211.0/24
Deny from 43.168.218.0/24
Deny from 43.168.219.0/24
Deny from 43.168.22.0/24
Deny from 43.168.224.0/24
Deny from 43.168.23.0/24
Deny from 43.168.24.0/24
Deny from 43.168.25.0/24
Deny from 43.168.26.0/24
Deny from 43.168.27.0/24
Deny from 43.168.3.0/24
Deny from 43.168.32.0/24
Deny from 43.168.33.0/24
Deny from 43.168.34.0/24
Deny from 43.168.35.0/24
Deny from 43.168.36.0/24
Deny from 43.168.37.0/24
Deny from 43.168.38.0/24
Deny from 43.168.39.0/24
Deny from 43.168.4.0/24
Deny from 43.168.40.0/24
Deny from 43.168.41.0/24
Deny from 43.168.42.0/24
Deny from 43.168.43.0/24
Deny from 43.168.44.0/24
Deny from 43.168.45.0/24
Deny from 43.168.46.0/24
Deny from 43.168.47.0/24
Deny from 43.168.48.0/24
Deny from 43.168.49.0/24
Deny from 43.168.5.0/24
Deny from 43.168.50.0/24
Deny from 43.168.51.0/24
Deny from 43.168.52.0/24
Deny from 43.168.53.0/24
Deny from 43.168.54.0/24
Deny from 43.168.55.0/24
Deny from 43.168.56.0/24
Deny from 43.168.57.0/24
Deny from 43.168.58.0/24
Deny from 43.168.59.0/24
Deny from 43.168.60.0/24
Deny from 43.168.61.0/24
Deny from 43.168.62.0/24
Deny from 43.168.65.0/24
Deny from 43.168.66.0/24
Deny from 43.168.7.0/24
Deny from 43.168.71.0/24
Deny from 43.168.74.0/24
Deny from 43.168.8.0/24
Deny from 43.168.80.0/24
Deny from 43.168.81.0/24
Deny from 43.168.82.0/24
Deny from 43.168.85.0/24
Deny from 43.168.86.0/24
Deny from 43.168.89.0/24
Deny from 43.168.93.0/24
Deny from 43.168.94.0/24
Deny from 43.168.95.0/24
Deny from 43.168.98.0/24
Deny from 43.168.99.0/24
Deny from 43.169.1.0/24
Deny from 43.169.12.0/24
Deny from 43.169.13.0/24
Deny from 43.169.14.0/24
Deny from 43.169.15.0/24
Deny from 43.169.16.0/24
Deny from 43.169.17.0/24
Deny from 43.169.18.0/24
Deny from 43.169.19.0/24
Deny from 43.169.20.0/24
Deny from 43.169.21.0/24
Deny from 43.169.22.0/24
Deny from 43.169.23.0/24
Deny from 43.169.24.0/24
Deny from 43.169.25.0/24
Deny from 43.169.26.0/24
Deny from 43.169.27.0/24
Deny from 43.169.32.0/24
Deny from 43.169.33.0/24
Deny from 43.169.34.0/24
Deny from 43.169.35.0/24
Deny from 43.169.36.0/24
Deny from 43.169.37.0/24
Deny from 43.169.38.0/24
Deny from 43.169.39.0/24
Deny from 43.169.40.0/24
Deny from 43.169.41.0/24
Deny from 43.170.0.0/24
Deny from 43.170.1.0/24
Deny from 43.170.16.0/24
Deny from 43.170.17.0/24
Deny from 43.170.2.0/24
Deny from 43.170.213.0/24
Deny from 43.170.214.0/24
Deny from 43.170.215.0/24
Deny from 43.170.216.0/24
Deny from 43.170.217.0/24
Deny from 43.170.218.0/24
Deny from 43.170.219.0/24
Deny from 43.170.220.0/24
Deny from 43.170.221.0/24
Deny from 43.170.222.0/24
Deny from 43.170.223.0/24
Deny from 43.170.24.0/24
Deny from 43.170.246.0/24
Deny from 43.170.247.0/24
Deny from 43.170.25.0/24
Deny from 43.170.3.0/24
Deny from 43.170.4.0/24
Deny from 43.170.5.0/24
Deny from 43.170.6.0/24
Deny from 43.170.7.0/24
Deny from 43.170.8.0/24
Deny from 43.170.9.0/24
Deny from 43.174.0.0/24
Deny from 43.174.1.0/24
Deny from 43.174.10.0/24
Deny from 43.174.100.0/24
Deny from 43.174.101.0/24
Deny from 43.174.102.0/24
Deny from 43.174.103.0/24
Deny from 43.174.104.0/24
Deny from 43.174.105.0/24
Deny from 43.174.106.0/24
Deny from 43.174.107.0/24
Deny from 43.174.108.0/24
Deny from 43.174.109.0/24
Deny from 43.174.11.0/24
Deny from 43.174.112.0/24
Deny from 43.174.113.0/24
Deny from 43.174.114.0/24
Deny from 43.174.115.0/24
Deny from 43.174.116.0/24
Deny from 43.174.117.0/24
Deny from 43.174.118.0/24
Deny from 43.174.119.0/24
Deny from 43.174.12.0/24
Deny from 43.174.122.0/24
Deny from 43.174.123.0/24
Deny from 43.174.124.0/24
Deny from 43.174.125.0/24
Deny from 43.174.126.0/24
Deny from 43.174.127.0/24
Deny from 43.174.128.0/24
Deny from 43.174.129.0/24
Deny from 43.174.13.0/24
Deny from 43.174.130.0/24
Deny from 43.174.131.0/24
Deny from 43.174.132.0/24
Deny from 43.174.133.0/24
Deny from 43.174.134.0/24
Deny from 43.174.135.0/24
Deny from 43.174.136.0/24
Deny from 43.174.139.0/24
Deny from 43.174.14.0/24
Deny from 43.174.140.0/24
Deny from 43.174.141.0/24
Deny from 43.174.142.0/24
Deny from 43.174.143.0/24
Deny from 43.174.144.0/24
Deny from 43.174.145.0/24
Deny from 43.174.146.0/24
Deny from 43.174.147.0/24
Deny from 43.174.148.0/24
Deny from 43.174.149.0/24
Deny from 43.174.15.0/24
Deny from 43.174.150.0/24
Deny from 43.174.151.0/24
Deny from 43.174.152.0/24
Deny from 43.174.153.0/24
Deny from 43.174.154.0/24
Deny from 43.174.155.0/24
Deny from 43.174.156.0/24
Deny from 43.174.157.0/24
Deny from 43.174.158.0/24
Deny from 43.174.159.0/24
Deny from 43.174.16.0/24
Deny from 43.174.160.0/24
Deny from 43.174.161.0/24
Deny from 43.174.162.0/24
Deny from 43.174.163.0/24
Deny from 43.174.165.0/24
Deny from 43.174.166.0/24
Deny from 43.174.167.0/24
Deny from 43.174.168.0/24
Deny from 43.174.169.0/24
Deny from 43.174.170.0/24
Deny from 43.174.171.0/24
Deny from 43.174.172.0/24
Deny from 43.174.173.0/24
Deny from 43.174.175.0/24
Deny from 43.174.176.0/24
Deny from 43.174.177.0/24
Deny from 43.174.178.0/24
Deny from 43.174.182.0/24
Deny from 43.174.186.0/24
Deny from 43.174.187.0/24
Deny from 43.174.188.0/24
Deny from 43.174.189.0/24
Deny from 43.174.190.0/24
Deny from 43.174.191.0/24
Deny from 43.174.192.0/24
Deny from 43.174.193.0/24
Deny from 43.174.194.0/24
Deny from 43.174.195.0/24
Deny from 43.174.196.0/24
Deny from 43.174.197.0/24
Deny from 43.174.198.0/24
Deny from 43.174.199.0/24
Deny from 43.174.2.0/24
Deny from 43.174.200.0/24
Deny from 43.174.201.0/24
Deny from 43.174.202.0/24
Deny from 43.174.203.0/24
Deny from 43.174.204.0/24
Deny from 43.174.205.0/24
Deny from 43.174.206.0/24
Deny from 43.174.207.0/24
Deny from 43.174.208.0/24
Deny from 43.174.209.0/24
Deny from 43.174.210.0/24
Deny from 43.174.211.0/24
Deny from 43.174.212.0/24
Deny from 43.174.213.0/24
Deny from 43.174.214.0/24
Deny from 43.174.215.0/24
Deny from 43.174.216.0/24
Deny from 43.174.217.0/24
Deny from 43.174.218.0/24
Deny from 43.174.219.0/24
Deny from 43.174.220.0/24
Deny from 43.174.221.0/24
Deny from 43.174.222.0/24
Deny from 43.174.223.0/24
Deny from 43.174.224.0/24
Deny from 43.174.225.0/24
Deny from 43.174.226.0/24
Deny from 43.174.227.0/24
Deny from 43.174.228.0/24
Deny from 43.174.229.0/24
Deny from 43.174.230.0/24
Deny from 43.174.231.0/24
Deny from 43.174.232.0/24
Deny from 43.174.233.0/24
Deny from 43.174.24.0/24
Deny from 43.174.240.0/24
Deny from 43.174.241.0/24
Deny from 43.174.242.0/24
Deny from 43.174.243.0/24
Deny from 43.174.244.0/24
Deny from 43.174.245.0/24
Deny from 43.174.246.0/24
Deny from 43.174.247.0/24
Deny from 43.174.248.0/24
Deny from 43.174.249.0/24
Deny from 43.174.25.0/24
Deny from 43.174.250.0/24
Deny from 43.174.251.0/24
Deny from 43.174.26.0/24
Deny from 43.174.27.0/24
Deny from 43.174.28.0/24
Deny from 43.174.29.0/24
Deny from 43.174.3.0/24
Deny from 43.174.30.0/24
Deny from 43.174.31.0/24
Deny from 43.174.32.0/24
Deny from 43.174.33.0/24
Deny from 43.174.34.0/24
Deny from 43.174.35.0/24
Deny from 43.174.36.0/24
Deny from 43.174.37.0/24
Deny from 43.174.38.0/24
Deny from 43.174.39.0/24
Deny from 43.174.4.0/24
Deny from 43.174.40.0/24
Deny from 43.174.41.0/24
Deny from 43.174.42.0/24
Deny from 43.174.43.0/24
Deny from 43.174.44.0/24
Deny from 43.174.45.0/24
Deny from 43.174.46.0/24
Deny from 43.174.47.0/24
Deny from 43.174.48.0/24
Deny from 43.174.49.0/24
Deny from 43.174.5.0/24
Deny from 43.174.50.0/24
Deny from 43.174.51.0/24
Deny from 43.174.52.0/24
Deny from 43.174.53.0/24
Deny from 43.174.54.0/24
Deny from 43.174.55.0/24
Deny from 43.174.56.0/24
Deny from 43.174.57.0/24
Deny from 43.174.58.0/24
Deny from 43.174.6.0/24
Deny from 43.174.62.0/24
Deny from 43.174.63.0/24
Deny from 43.174.64.0/24
Deny from 43.174.66.0/24
Deny from 43.174.67.0/24
Deny from 43.174.7.0/24
Deny from 43.174.70.0/24
Deny from 43.174.71.0/24
Deny from 43.174.72.0/24
Deny from 43.174.73.0/24
Deny from 43.174.74.0/24
Deny from 43.174.75.0/24
Deny from 43.174.76.0/24
Deny from 43.174.77.0/24
Deny from 43.174.78.0/24
Deny from 43.174.79.0/24
Deny from 43.174.8.0/24
Deny from 43.174.80.0/24
Deny from 43.174.81.0/24
Deny from 43.174.82.0/24
Deny from 43.174.83.0/24
Deny from 43.174.84.0/24
Deny from 43.174.85.0/24
Deny from 43.174.86.0/24
Deny from 43.174.87.0/24
Deny from 43.174.88.0/24
Deny from 43.174.9.0/24
Deny from 43.174.93.0/24
Deny from 43.174.95.0/24
Deny from 43.174.96.0/24
Deny from 43.174.97.0/24
Deny from 43.174.98.0/24
Deny from 43.174.99.0/24
Deny from 43.175.0.0/24
Deny from 43.175.101.0/24
Deny from 43.175.102.0/24
Deny from 43.175.103.0/24
Deny from 43.175.104.0/24
Deny from 43.175.107.0/24
Deny from 43.175.108.0/24
Deny from 43.175.109.0/24
Deny from 43.175.110.0/24
Deny from 43.175.112.0/24
Deny from 43.175.114.0/24
Deny from 43.175.115.0/24
Deny from 43.175.117.0/24
Deny from 43.175.118.0/24
Deny from 43.175.119.0/24
Deny from 43.175.12.0/24
Deny from 43.175.120.0/24
Deny from 43.175.121.0/24
Deny from 43.175.122.0/24
Deny from 43.175.124.0/24
Deny from 43.175.125.0/24
Deny from 43.175.126.0/24
Deny from 43.175.127.0/24
Deny from 43.175.128.0/24
Deny from 43.175.129.0/24
Deny from 43.175.130.0/24
Deny from 43.175.131.0/24
Deny from 43.175.132.0/24
Deny from 43.175.133.0/24
Deny from 43.175.134.0/24
Deny from 43.175.135.0/24
Deny from 43.175.136.0/24
Deny from 43.175.138.0/24
Deny from 43.175.139.0/24
Deny from 43.175.140.0/24
Deny from 43.175.141.0/24
Deny from 43.175.142.0/24
Deny from 43.175.144.0/24
Deny from 43.175.145.0/24
Deny from 43.175.146.0/24
Deny from 43.175.147.0/24
Deny from 43.175.148.0/24
Deny from 43.175.149.0/24
Deny from 43.175.150.0/24
Deny from 43.175.151.0/24
Deny from 43.175.152.0/24
Deny from 43.175.156.0/24
Deny from 43.175.157.0/24
Deny from 43.175.16.0/24
Deny from 43.175.160.0/24
Deny from 43.175.161.0/24
Deny from 43.175.162.0/24
Deny from 43.175.163.0/24
Deny from 43.175.164.0/24
Deny from 43.175.165.0/24
Deny from 43.175.166.0/24
Deny from 43.175.167.0/24
Deny from 43.175.168.0/24
Deny from 43.175.169.0/24
Deny from 43.175.17.0/24
Deny from 43.175.170.0/24
Deny from 43.175.171.0/24
Deny from 43.175.172.0/24
Deny from 43.175.173.0/24
Deny from 43.175.174.0/23
Deny from 43.175.18.0/24
Deny from 43.175.180.0/24
Deny from 43.175.181.0/24
Deny from 43.175.182.0/24
Deny from 43.175.183.0/24
Deny from 43.175.184.0/24
Deny from 43.175.185.0/24
Deny from 43.175.186.0/24
Deny from 43.175.187.0/24
Deny from 43.175.189.0/24
Deny from 43.175.19.0/24
Deny from 43.175.191.0/24
Deny from 43.175.193.0/24
Deny from 43.175.194.0/24
Deny from 43.175.196.0/24
Deny from 43.175.197.0/24
Deny from 43.175.202.0/24
Deny from 43.175.203.0/24
Deny from 43.175.204.0/24
Deny from 43.175.205.0/24
Deny from 43.175.206.0/24
Deny from 43.175.208.0/24
Deny from 43.175.210.0/24
Deny from 43.175.211.0/24
Deny from 43.175.212.0/24
Deny from 43.175.213.0/24
Deny from 43.175.214.0/24
Deny from 43.175.215.0/24
Deny from 43.175.216.0/24
Deny from 43.175.217.0/24
Deny from 43.175.218.0/24
Deny from 43.175.219.0/24
Deny from 43.175.22.0/24
Deny from 43.175.220.0/24
Deny from 43.175.221.0/24
Deny from 43.175.222.0/24
Deny from 43.175.224.0/23
Deny from 43.175.224.0/24
Deny from 43.175.225.0/24
Deny from 43.175.226.0/23
Deny from 43.175.226.0/24
Deny from 43.175.227.0/24
Deny from 43.175.228.0/24
Deny from 43.175.229.0/24
Deny from 43.175.23.0/24
Deny from 43.175.230.0/23
Deny from 43.175.230.0/24
Deny from 43.175.231.0/24
Deny from 43.175.232.0/23
Deny from 43.175.234.0/24
Deny from 43.175.235.0/24
Deny from 43.175.236.0/23
Deny from 43.175.236.0/24
Deny from 43.175.237.0/24
Deny from 43.175.238.0/23
Deny from 43.175.238.0/24
Deny from 43.175.24.0/24
Deny from 43.175.240.0/23
Deny from 43.175.241.0/24
Deny from 43.175.242.0/23
Deny from 43.175.242.0/24
Deny from 43.175.243.0/24
Deny from 43.175.244.0/23
Deny from 43.175.246.0/23
Deny from 43.175.246.0/24
Deny from 43.175.248.0/23
Deny from 43.175.248.0/24
Deny from 43.175.249.0/24
Deny from 43.175.25.0/24
Deny from 43.175.250.0/23
Deny from 43.175.250.0/24
Deny from 43.175.251.0/24
Deny from 43.175.252.0/23
Deny from 43.175.252.0/24
Deny from 43.175.253.0/24
Deny from 43.175.255.0/24
Deny from 43.175.28.0/24
Deny from 43.175.29.0/24
Deny from 43.175.30.0/24
Deny from 43.175.32.0/24
Deny from 43.175.33.0/24
Deny from 43.175.36.0/24
Deny from 43.175.37.0/24
Deny from 43.175.39.0/24
Deny from 43.175.40.0/24
Deny from 43.175.42.0/24
Deny from 43.175.43.0/24
Deny from 43.175.44.0/24
Deny from 43.175.49.0/24
Deny from 43.175.50.0/24
Deny from 43.175.52.0/24
Deny from 43.175.53.0/24
Deny from 43.175.54.0/24
Deny from 43.175.55.0/24
Deny from 43.175.56.0/24
Deny from 43.175.57.0/24
Deny from 43.175.58.0/24
Deny from 43.175.60.0/24
Deny from 43.175.61.0/24
Deny from 43.175.65.0/24
Deny from 43.175.66.0/24
Deny from 43.175.67.0/24
Deny from 43.175.68.0/24
Deny from 43.175.69.0/24
Deny from 43.175.7.0/24
Deny from 43.175.71.0/24
Deny from 43.175.73.0/24
Deny from 43.175.74.0/24
Deny from 43.175.75.0/24
Deny from 43.175.77.0/24
Deny from 43.175.78.0/24
Deny from 43.175.79.0/24
Deny from 43.175.8.0/24
Deny from 43.175.81.0/24
Deny from 43.175.82.0/24
Deny from 43.175.85.0/24
Deny from 43.175.86.0/24
Deny from 43.175.87.0/24
Deny from 43.175.89.0/24
Deny from 43.175.93.0/24
Deny from 43.175.94.0/24
Deny from 43.175.95.0/24
Deny from 43.175.96.0/24
Deny from 43.175.97.0/24
Deny from 43.175.98.0/24
Deny from 86.51.92.0/24
Click to expand...

Well, I thought I was the only one.
 
ES Dev Team said:
After a month of calm, they're back at it.

Seeing insane amounts of traffic from Shanghai263 and ASN 139341

I looked up ASN 139341 on https://hackertarget.com/as-ip-lookup/and removed ipv6 and sorted the list.
Here it is in apache .htaccess format:

<snip>
Click to expand...

Allow me to assist you with sh*t listing the current ASN of 139341 IPv4 and IPv6. Current as of March 30 2026 (when my scripts run). One group is aggregated/combined (much smaller file size, and the other is their blocks). Non-aggregated may contain overlapping subnets (/22 -> /24, etc.)
 

Attachments

Last edited:
You must log in or register to reply here.

Similar threads

O
  • Question Question
XF 2.2 Huge amount of guests
Replies
6
Views
151
infinitysnapz
infinitysnapz
Wildcat Media
Unusually high number of guests (4x to 5x normal)
Replies
8
Views
196
Tumpe
Tumpe
ibrian
  • Question Question
XF 2.3 How to reduce amount of content quoted from linked to article?
Replies
2
Views
41
ibrian
ibrian
FoP
And explosion of 3,064 "guests" !!
Replies
11
Views
244
FoP
FoP
drastic
Add-on Seeking dev to create RSS importer that limits characters and amount of feeds imported at once
Replies
1
Views
189
drastic
drastic
Back
Top Bottom