Pin the Tale on the Donkey
Topic One, continued; Timeline of Russian Interference:
  
The three tables below were prepared from data collected in the Raw Access Files of MiDomane.com from 2006 to the end of November 2017 and are
representative of what the principal malefactors have been doing within MiDomane.com ever since September of 2016 and which they are continuing
to do to the present day. Every one of the counted instances of HEAD /HTTP requests was made through an intermediary [RU, UA, or Cyrillic alphabet]
domain, but quite a few of these domains were used in multiple URLs and/or were domains shared by the named requestors. All of these intermediary
domains must be blocked to protect MiDomane.com (and yours as well !) from the anticipated Denial of Service attack; there are about 3,000 of them ...
Alexey Khoroshilov, Administrator:   Links in the IPv4 columns point to Anti-Hacker Alliance data. Port 3389 is the Windows Remote Desktop port.

Administrator

IPv4
Is 3389 open ?

CC

Server CIDR

ActiveDates

Sep-16

Oct-16

Nov-16

Dec-16

Jan-17

Feb-17

Mar-17

Apr-17

May-17

Jun-17

Jul-17

Aug-17

Sep-17

Oct-17

Nov-17
Dec-17

AS48347-B

194.87.103.12
Yes

RU

 194.87.102.0 - 194.87.103.255

01-10-2017 to 30-11-2017

0

0

0

0

0

0

0

0

0

0

0

0

0

71

58
59

AS48347-B

194.87.94.251
Yes

RU

 194.87.92.0 - 194.87.95.255

01-08-2017 to 30-11-2017

0

0

0

0

0

0

0

0

0

0

0

85

63

77

47
62

AS48347-B

195.133.201.163
Yes

RU

 195.133.201.0 - 195.133.201.255

02-08-2017 to 30-11-2017

0

0

0

0

0

0

0

0

0

0

0

79

63

73

59
69

AS48347-B

194.87.236.223
Yes

RU

 194.87.236.0 - 194.87.239.255

18-07-2017 to 30-11-2017

0

0

0

0

0

0

0

0

0

0

30

84

63

73

62
65

AS48347-B

195.133.145.199
Yes

RU

 195.133.144.0 - 195.133.147.255

03-03-2017 to 30-11-2017

0

0

0

0

0

0

110

139

133

89

36

86

63

74

60
69

AS48347-B

195.133.147.74
No

RU

 195.133.144.0 - 195.133.147.255

03-03-2017 to 19-06-2017

0

0

0

0

0

0

86

139

129

87

0

0

0

0

0
0

AS48347-B

194.87.238.17
No

RU

 194.87.236.0 - 194.87.239.255

04-01-2017 to 19-06-2017

0

0

0

0

143

145

106

140

132

87

0

0

0

0

0
0

AS48347-B

195.133.147.89
Yes

RU

 195.133.144.0 - 195.133.147.255

03-01-2017 to 19-06-2017

0

0

0

0

160

144

102

137

132

89

0

0

0

0

0
0

AS48347-B

194.87.239.5
No

RU

 194.87.236.0 - 194.87.239.255

04-01-2017 to 31-03-2017

0

0

0

0

119

110

99

1

0

0

0

0

0

0

0
0

AS48347-B

195.133.144.24
No

RU

 195.133.144.0 - 195.133.147.255

02-01-2017 to 01-03-2017

0

0

0

0

159

140

9

0

0

0

0

0

0

0

0
0

AS48347-B

195.133.145.95
Yes

RU

 195.133.144.0 - 195.133.147.255

03-01-2017 to 03-02-2017

0

0

0

0

110

10

0

0

0

0

0

0

0

0

0
0

AS48347-B

195.133.147.6
Yes

RU

 195.133.144.0 - 195.133.147.255

08-12-2016 to 30-11-2017

0

0

0

134

174

142

109

136

127

134

80

87

63

73

59
70

AS48347-B

195.133.48.150
No

RU

 195.133.48.0 - 195.133.49.255

07-12-2016 to 19-06-2017

0

0

0

137

185

142

113

139

131

88

0

0

0

0

0
0

AS48347-B

195.133.48.121
No

RU

 195.133.48.0 - 195.133.49.255

09-12-2016 to 03-04-2017

0

0

0

104

173

147

108

16

0

0

0

0

0

0

0
0

AS48347-A

193.124.131.168
Yes

RU

 193.124.128.0 - 193.124.131.255

03-11-2016 to 30-11-2017

0

0

161

172

193

145

125

141

132

134

77

84

57

69

49
64

AS48347-B

194.87.234.246
No

RU

 194.87.234.0 - 194.87.235.255

01-11-2016 to 19-06-2017

0

0

161

174

176

92

112

136

130

89

0

0

0

0

0
0

AS48347-B

194.87.235.198
No

RU

 194.87.234.0 - 194.87.235.255

31-10-2016 to 03-11-2016

0

0

15

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

195.133.201.82
Yes

RU

 195.133.201.0 - 195.133.201.255

26-10-2016 to 25-12-2016

0

20

167

119

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

194.87.236.125
No

RU

 194.87.236.0 - 194.87.239.255

06-10-2016 to 09-12-2016

0

93

151

33

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-A

193.124.131.27
Yes

RU

 193.124.128.0 - 193.124.131.255

05-10-2016 to 03-11-2016

0

96

18

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

195.133.48.156
Yes

RU

 195.133.48.0 - 195.133.49.255

21-10-2016 to 24-10-2016

0

25

0

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

194.87.238.222
No

RU

 194.87.236.0 - 194.87.239.255

19-10-2016 to 22-10-2016

0

16

0

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

194.87.236.152
Yes

RU

 194.87.236.0 - 194.87.239.255

12-10-2016 to 15-10-2016

0

6

0

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

194.87.232.32
No

RU

 194.87.232.0 - 194.87.232.255

11-10-2016 to 14-10-2016

0

5

0

0

0

0

0

0

0

0

0

0

0

0

0
0

AS48347-B

193.124.58.72
No

RU

 193.124.56.0 - 193.124.59.255

02-09-2016 to 07-09-2016

4

0

0

0

0

0

0

0

0

0

0

0

0

0

0
0
 

 



Monthly Totals

4

261

673

873

1592

1217

1079

1124

1046

797

223

505

372


510


394
458
AS48347-A = AS48347, AGR9-RIPE, ORG-RC3-RIPE















AS48347-B = AS48347, AK14258-RIPE, Alexey Khoroshilov

















Unknown Administrator going by the handle MRS1:

Administrator

IPv4

CC

Server CIDR

ActiveDates

Sep-16

Oct-16

Nov-16

Dec-16

Jan-17

Feb-17

Mar-17

Apr-17

May-17

Jun-17

Jul-17

Aug-17

Sep-17

Oct-17

Nov-17
Dec-17

AS48666, MRS1

193.124.176.156
Yes

RU

 193.124.176.0 - 193.124.183.255

07-10-2017 to 30-11-2017

0

0

0

0

0

0

0

0

0

0

0

0

0

55

42
46

AS48666, MRS1

193.124.179.180
Yes

RU

 193.124.176.0 - 193.124.183.255

23-06-2017 to 29-11-2017

0

0

0

0

0

0

0

0

0

19

62

84

55

52

36
36

AS48666, MRS1

194.67.210.77
Yes

RU

194.67.208.0 - 194.67.223.255

16-05-2017 to 30-11-2017

0

0

0

0

0

0

0

0

74

118

70

80

62

69

47
51

AS48666, MRS1

185.5.249.185
Yes

RU

185.5.249.0 - 185.5.249.255

15-05-2017 to 30-11-2017

0

0

0

0

0

0

0

0

69

127

73

81

60

67

49
51

AS48666, MRS1

185.125.219.134
Yes

RU

 185.125.218.0 - 185.125.219.255

23-04-2017 to 30-11-2017

0

0

0

0

0

0

0

37

113

129

72

85

43

60

40
37

AS48666, MRS1

193.124.190.64
Yes

RU

 193.124.184.0 - 193.124.191.255

24-04-2017 to 30-11-2017

0

0

0

0

0

0

0

33

114

127

74

85

62

61

43
43
   
 

Monthly Totals

0

0

0

0

0

0

0

70

446

520

351

415

282

364

257
264

Michel Clarisse, Administrator:

Administrator

IPv4

CC

Server CIDR

ActiveDates

Sep-16

Oct-16

Nov-16

Dec-16

Jan-17

Feb-17

Mar-17

Apr-17

May-17

Jun-17

Jul-17

Aug-17

Sep-17

Oct-17

Nov-17
Dec-17

AS24875, MC31466-RIPE, Michel Clarisse

185.209.20.147
Yes

NL

 185.209.20.128 - 185.209.20.255

20-06-2017 to present

0

0

0

0

0

0

0

0

0

38

72

83

63

64

53
57

AS21100, MC31466-RIPE, Michel Clarisse

178.159.39.237
Yes

NL

 178.159.39.128 - 178.159.39.255

07-04-2017 to present

0

0

0

0

0

0

0

100

108

115

77

86

65

69

61
55

AS24875, MC31466-RIPE, Michel Clarisse

77.220.213.173
Yes

NL

 77.220.213.128 - 77.220.213.255

05-04-2017 to present

0

0

0

0

0

0

0

108

115

117

76

88

64

75

59
59

AS21100, MC31466-RIPE, Michel Clarisse

185.154.13.6
Yes

NL

185.154.13.0 - 185.154.13.255

13-12-2016 to present

0

0

0

97

150

130

98

132

115

118

78

84

64

71

60
56

AS50979, MC31466-RIPE, Michel Clarisse

178.159.43.212
Yes

LV

 178.159.43.128 - 178.159.43.255

08-12-2016 to present

0

0

0

117

147

99

107

128

121

121

78

88

65

71

61
59
   
 

Monthly Totals:

0

0

0

214

297

229

205

468

459

509

381

429

321

350

294
286
Note: Michel Clarisse's intermediary domains are mostly in Russia, Ukraine, or use the Cyrillic alphabet, just like those used by AS48347 & AS48666.
On the next page is an analysis of the patterns of Russian interference that suggest active efforts
to infect US websites with malware to influence US opinion or to deny Internet services in the US.