new attack

Ickie · Feb 9, 2014

While monitoring the server I can see that the “named” service is using high CPU usage. I have found lots of questions are sent from multiple IP’s. This seems a DNS amplification attack. This attack is a type of distributed denial of service (DDos) attack that takes advantage of the fact that a small DNS question can generate a much larger response. When combined with source address spoofing, an attacker can direct a large volume of network traffic to a target system by initiating relatively small DNS questions.

here are the ip's and where they are coming from

192.126.118.105
174.139.237.142
70.39.67.110
199.115.102.83
173.234.39.133

hccforums.nl
ietf.org

Ickie · Feb 9, 2014

sample of the attack to let you know, this log is 100 times bigger than I am posting and all was being done by them 5 IP's

09-Feb-2014 14:08:27.227 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.228 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.228 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.228 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.229 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.230 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.231 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.231 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.231 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.231 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.232 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.237 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.238 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.238 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.238 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.239 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.239 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.239 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.239 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.240 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.240 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.241 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.241 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.241 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.241 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.241 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.242 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.242 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.242 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.242 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.243 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.243 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.243 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.243 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.243 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.244 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.250 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.250 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.250 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.250 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.250 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.251 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.252 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.253 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.253 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.254 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.255 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.256 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.257 queries: info: client 173.234.39.133#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.260 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.260 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.261 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.261 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.261 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.265 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.265 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.265 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.266 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.267 queries: info: client 199.115.102.83#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.268 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.269 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.269 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.269 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.269 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.269 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.270 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.270 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.271 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.272 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.272 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.272 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.272 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.273 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 192.126.118.105#5209: query: ietf.org IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.274 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.275 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.276 queries: info: client 70.39.67.110#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.276 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.276 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.276 queries: info: client 174.139.237.142#5209: query: hccforums.nl IN ANY +E
09-Feb-2014 14:08:27.276 queries: info: client

Ickie · Feb 9, 2014

I posted this to let the world see who the bad kids and from what website they are really from.

Ickie · Feb 9, 2014

we went from 85% CPU usage ...... to .3% CPU usage by blocking them 5 IP's

Allen · Feb 9, 2014

I don't get it. Why are they after us? Did we ban some one that now want to go after us or did we get an IP that was used and has bad history?

Little Chacha · Feb 10, 2014

struggled to get to the outhouse

Oh that explains it I hard a hard time getting into the outhouse My internet time was cut short and not logging in here is a hassle I have to visit this place often :wavey:

Blackbird686 · Feb 10, 2014

I'd like to get me hands on 'em. This site does nothing wrong, to anyone, and doesn't deserve that. JMO.

BB686

Allen · Feb 10, 2014

Little Chacha said:
Oh that explains it I hard a hard time getting into the outhouse My internet time was cut short and not logging in here is a hassle I have to visit this place often

When SOH is down, you can find information at www.sim-outhouse.net. The .net is not apart of the .com so it is often fine.

Little Chacha · Feb 10, 2014

Allen said:
When SOH is down, you can find information at www.sim-outhouse.net. The .net is not apart of the .com so it is often fine.

Thank you Mr Allen sir :wavey:

henrystreet · Feb 10, 2014

Ickie,

Do you know about the WHOIS at arin.net? For example, with arin.net I can see the IP address 70.39.67.110 belongs to an ISP named Sharknet Colorado USA. Using the IP address in this way could be a clear violation of USA law. You could at least report the IP address to the ISP.

And 174.139.237.142 is from an ISP in California.

ViperPilot2 · Feb 10, 2014

Allen said:
When SOH is down, you can find information at www.sim-outhouse.net. The .net is not apart of the .com so it is often fine.

A question... what happens when your SOH.com Login info won't work at SOH.net?

Alan

Tako_Kichi · Feb 10, 2014

ViperPilot2 said:
A question... what happens when your SOH.com Login info won't work at SOH.net?

Alan View attachment 4103

The two sites are on different servers running different software (Linux and Windows Server) and the member info is non-transferable between the two so you will need to re-register at the .net site in order to access it fully.

SPman · Feb 10, 2014

I need to check my home IP. When I went to log on on sat. I got an "Account Disabled" notice come up. If one of those IP's is me, then mine, or my wife's laptops may have been compromised! It may explain why the whole home system seems to slow to a crawl about 50% of the time. (sent from work computer)

Allen · Feb 10, 2014

Tako_Kichi said:
The two sites are on different servers running different software (Linux and Windows Server) and the member info is non-transferable between the two so you will need to re-register at the .net site in order to access it fully.

True but you can read on the .net with out re-registering.

ViperPilot2 · Feb 10, 2014

Tako_Kichi said:
The two sites are on different servers running different software (Linux and Windows Server) and the member info is non-transferable between the two so you will need to re-register at the .net site in order to access it fully.

Ahh... many thanks, Larry!

KellyB · Feb 10, 2014

SPman said:
I need to check my home IP. When I went to log on on sat. I got an "Account Disabled" notice come up. If one of those IP's is me, then mine, or my wife's laptops may have been compromised! It may explain why the whole home system seems to slow to a crawl about 50% of the time. (sent from work computer)

Your forthrightness is truly refreshing, sir. I suggest you and Ickie chat about scrubbing up your laptops and trying again. I wish you luck in finding the problem files on your machines. If nothing else, a good scan of those laptops should improve their performance for you.

When you do the scan and repair, keep the logs so they can be analyzed for which miserable malware is likely to be at fault. Others of us can then be able to go after it (them) on our own machines.

Ickie · Feb 10, 2014

here is a cool website which shows it all
http://www.nothink.org/honeypot_dns.php

looks to be started from china
http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&time=16111&view=map

Rami · Feb 10, 2014

Reply...

Ickie said:
here is a cool website which shows it all
http://www.nothink.org/honeypot_dns.php

looks to be started from china
http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&time=16111&view=map

Ickie,

China, huh? Where's Chairman Mao when you need him?

SPman · Feb 10, 2014

KellyB said:
Your forthrightness is truly refreshing, sir. I suggest you and Ickie chat about scrubbing up your laptops and trying again. I wish you luck in finding the problem files on your machines. If nothing else, a good scan of those laptops should improve their performance for you.

When you do the scan and repair, keep the logs so they can be analyzed for which miserable malware is likely to be at fault. Others of us can then be able to go after it (them) on our own machines.

Back to normal again - perhaps it was just a sympton of the attack. I'm still having a thorough scrub through though - I'm normally fairly careful about these things, but, you never know........drop your guard for a second and whammo!

Ickie · Feb 10, 2014

these new attacks only last a few hours, if you look at my link (http://www.digitalattackmap.com/#anim=1&color=0&country=ALL&time=16111&view=map )
you will see a lot of resources being used up to control the internet.
I'm afraid "it's the end of our internet as we know it"
we need to band together as the WORLD USERS and demand a stop to this, much of it is at the hands of governments.

new attack

SOH Administrator

SOH Administrator

SOH Administrator

SOH Administrator

Styles Editor/Admin

I am a girl with dreams!

SOH-CM-2025

Styles Editor/Admin

I am a girl with dreams!

Charter Member

Moderator

Administrator

Charter Member

Styles Editor/Admin

Moderator

Charter Member

SOH Administrator

Administrator

Charter Member

SOH Administrator