home
*

scoundrels

Here's a list of people who recently tried to attack equius.
D --> via http :: via ssh :: via smtp :: automaticly blacklisted

via http

   53 attempts: request: GET /wp-content/.../timthumb.php 
   40 attempts: user-agent: "ZmEu"
   38 attempts: request: GET /wp-login.php 
   34 attempts: request: GET /index.php 
   25 attempts: request: GET /wp-admin/admin-ajax.php 
   24 attempts: subnet: 95.111.64.0/21
   24 attempts: subnet: 212.175.22.0/24
   24 attempts: host: 95.111.68.120
   24 attempts: host: 212.175.22.224
   24 attempts: host: 206.221.186.213
   21 attempts: subnet: 193.201.224.0/22
   20 attempts: subnet: 60.198.0.0/15
   20 attempts: host: 60.199.166.77
   19 attempts: host: 74.208.193.102
   18 attempts: subnet: 158.255.238.0/24
   18 attempts: request: GET /%22wp-content/.../timthumb.php 
   18 attempts: host: 158.255.238.47
   16 attempts: subnet: 93.174.93.0/24
   16 attempts: subnet: 182.254.128.0/17
   16 attempts: request: GET http:/www.qunar.com/ 
   16 attempts: request: GET /administrator/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php 
   16 attempts: host: 93.174.93.149
   16 attempts: host: 193.201.224.92
   15 attempts: subnet: 95.173.185.0/24
   15 attempts: host: 95.173.185.238
   14 attempts: request: GET /scoundrels.html/wp-content/.../timthumb.php 
   13 attempts: request: GET /images/stories/food.php 
   12 attempts: subnet: 85.195.93.166/31
   12 attempts: host: 85.195.93.167
   11 attempts: request: GET /components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php 

via ssh

  117.21.191.197 : 1722 password attempts : 117.21.0.0/16 : 
   61.174.50.213 : 402 password attempts : 61.174.48.0/21 : 213.50.174.61.dial.wz.zj.dynamic.163data.com.cn
  61.152.152.169 : 257 password attempts : 61.152.152.0/22 : 
      144.0.0.44 : 126 password attempts : 144.0.0.0/16 : 
  111.74.238.153 : 94 password attempts : 111.72.0.0/13 : 
  219.138.135.60 : 40 password attempts : 219.138.0.0 - 219.140.255.255 : 
     218.2.0.125 : 39 password attempts : 218.2.0.0 - 218.4.255.255 : 
     218.2.0.132 : 30 password attempts : 218.2.0.0 - 218.4.255.255 : 
   61.167.49.135 : 25 password attempts : 61.167.49.128/26 : 
   60.211.213.66 : 22 password attempts : 60.208.0.0 - 60.217.255.255 : 
   61.167.49.134 : 20 password attempts : 61.167.49.128/26 : 
     218.2.0.126 : 18 password attempts : 218.2.0.0 - 218.4.255.255 : 
  61.160.232.169 : 16 password attempts : 61.160.0.0/16 : 
 222.163.192.157 : 16 password attempts : 222.160.0.0/14 : 157.192.163.222.adsl-pool.jlccptt.net.cn
      144.0.0.33 : 16 password attempts : 144.0.0.0/16 : 
   198.52.217.11 : 15 password attempts : 198-52-217-11.static.cloud.centarra.com
 190.123.197.151 : 15 password attempts : 
   115.88.194.40 : 14 password attempts : 115.88.0.0/13 : 
    60.190.71.52 : 13 password attempts : 60.190.71.52/30 : 
 113.107.233.165 : 13 password attempts : 113.96.0.0/12 : 
   61.167.49.143 : 12 password attempts : 61.167.49.128/26 : 
   61.167.49.133 : 12 password attempts : 61.167.49.128/26 : 
   167.88.47.237 : 12 password attempts : c1110838-13946.cloudatcost.com
   61.167.49.142 : 11 password attempts : 61.167.49.128/26 : 
   61.167.49.141 : 11 password attempts : 61.167.49.128/26 : 

smtp

 1212  blocked using bl.spamcop.net;
 1087  warning: hostname does not resolve to address
  567  blocked by greylisting (31 attempts from 24.232.107.248)
  481  reject: Sender address rejected: Domain not found
  326  blocked using cbl.abuseat.org;
  285  warning: numeric domain name in resource data of MX record
  164  reject: Helo command rejected: need fully-qualified hostname
  158  blocked using zen.spamhaus.org;
   67  blocked using dnsbl.sorbs.net;
   45  Relay access denied
   40  reject: Recipient address rejected: SPF
   34  reject: Recipient address rejected: mailbox disabled
   31  Received-SPF: softfail
   22  Received-SPF: permerror
   15  reject: Client host rejected: Access denied
   11  ...: warning: TLS library problem: error:14094412:SSL routines:SSL3_READ_BYTES:sslv3 alert bad certificate:s3_pkt.c:1260:SSL 
    7  ...: warning: valid_hostname: empty hostname
    7  warning: malformed domain name in resource data of MX record
    7  reject: Sender address rejected: Malformed DNS server reply
    5  reject: Recipient address rejected: User unknown in virtual alias table
    3  reject: Helo command rejected: Invalid name
    2  ...: warning: valid_hostname: misplaced delimiter: .
    2  ...: warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:628:

automatically blacklisted

blacklist:  adding  103.253.115.64   for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  104.194.6.141    for  requesting  '/xmlrpc.php'
blacklist:  adding  108.175.159.22   for  requesting  '//openemr/library/openflashchart/php-ofc-library/ofc_upload_image.php?name=vi
blacklist:  adding  108.61.148.236   for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  109.99.149.62    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  113.205.221.46   for  requesting  '/xmlrpc.php'
blacklist:  adding  124.6.62.33      for  requesting  '/scoundrels.html//core/lib/php-ofc-library/ofc_upload_image.php?name=lobex21.
blacklist:  adding  134.71.247.50    for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  142.4.215.220    for  requesting  '//administrator/components/com_maianmedia/utilities/charts/tmp-upload-images/
blacklist:  adding  142.4.29.81      for  requesting  '/wp-content/plugins/wp-slimstat-ex/lib/ofc/php-ofc-library/ofc_upload_image.p
blacklist:  adding  148.251.160.40   for  requesting  '/scoundrels.html&sa=U&ei=QtocVIX8AoLnygPZmoGQBQ&ved=0
blacklist:  adding  148.251.49.238   for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc
blacklist:  adding  153.3.36.234     for  requesting  '/xmlrpc.php'
blacklist:  adding  159.226.19.32    for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  159.253.45.21    for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  159.253.45.21    for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  162.144.51.140   for  requesting  '//administrator/components/com_redmystic/chart/php-ofc-library/ofc_upload_ima
blacklist:  adding  162.144.51.140   for  requesting  '//wp-content/plugins/wp-slimstat-ex/lib/ofc/php-ofc-library/ofc_upload_image.
blacklist:  adding  166.63.127.220   for  requesting  '/scoundrels.html/wp-content/themes/telegraph/scripts/timthumb.php?src=http%3A
blacklist:  adding  173.193.13.42    for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  173.201.196.200  for  requesting  '/administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uploa
blacklist:  adding  173.205.127.243  for  requesting  '/administrator/components/com_redmystic/chart/ofc-library/ofc_upload_image.ph
blacklist:  adding  180.102.131.194  for  requesting  '/xmlrpc.php'
blacklist:  adding  180.250.36.2     for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  183.81.164.218   for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  183.81.164.218   for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  183.81.164.218   for  requesting  '//administrator/components/com_maianmedia/utilities/charts/php-ofc-library/of
blacklist:  adding  185.28.22.106    for  requesting  '//administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_imag
blacklist:  adding  186.216.209.139  for  requesting  '/scoundrels.html/wp-content/themes/cadabrapress/scripts/timthumb.php?src=http
blacklist:  adding  187.17.106.74    for  requesting  '/scoundrels.html//administrator/components/com_jinc/classes/graphics/php-ofc-
blacklist:  adding  187.45.195.61    for  requesting  '/scoundrels.html/libs/open-flash-chart/php-ofc-library/ofc_upload_image.php?n
blacklist:  adding  190.210.98.13    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
blacklist:  adding  192.99.212.115   for  requesting  '/scoundrels.html&sa=U&ei=DwIQVNP5BYzGggT8xYLgCg&ved=0
blacklist:  adding  195.114.210.51   for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  195.191.148.12   for  requesting  '//xmlrpc.php'
blacklist:  adding  198.100.146.31   for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  198.100.149.88   for  requesting  '/wp-content/themes/ecobiz/timthumb.php?src=http%3A%2F%2Fflickr.com.comprar-so
blacklist:  adding  198.12.157.11    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  199.217.116.137  for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  200.195.203.196  for  requesting  '//wp-content/plugins/seo-watcher/ofc/php-ofc-library/ofc_upload_image.php?nam
blacklist:  adding  200.195.203.196  for  requesting  '//wp-content/plugins/wp-slimstat-ex/lib/ofc/php-ofc-library/php-ofc-library/o
blacklist:  adding  200.98.149.249   for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  202.142.220.201  for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fxn--80a
blacklist:  adding  202.75.20.11     for  requesting  '/scoundrels.html/components/com_civicrm/civicrm/packages/OpenFlashChart/php-o
blacklist:  adding  205.134.239.127  for  requesting  '/wp-content/themes/ecobiz/timthumb.php?src=http%3A%2F%2Fpicasa.com.ar88.net%2
blacklist:  adding  207.38.26.91     for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  208.65.55.112    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  212.175.22.224   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  212.58.2.22      for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  213.249.50.91    for  requesting  '/scoundrels.html&sa=U&ei=oBQcVIrMAqL5yQPl7oHICA&ved=0
blacklist:  adding  216.119.149.19   for  requesting  '/wp-content/themes/ecobiz/timthumb.php?src=http%3A%2F%2Fpicasa.com.ar88.net%2
blacklist:  adding  2.233.227.181    for  requesting  '/wp-content/themes/TheTravelTheme/includes/timthumb.php?src=http%3A%2F%2Fimg.
blacklist:  adding  27.254.66.146    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  36.74.103.138    for  requesting  '//wp-content/plugins/woopra/inc/php-ofc-library/ofc_upload_image.php?name=ren
blacklist:  adding  37.187.133.74    for  requesting  '/scoundrels.html/components/com_jnews/includes/openflashchart/php-ofc-library
blacklist:  adding  46.235.47.126    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  46.235.47.126    for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  50.28.17.154     for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  50.63.196.17     for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  50.63.196.17     for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  50.63.196.17     for  requesting  '//administrator/components/com_maianmedia/utilities/charts/php-ofc-library/of
blacklist:  adding  54.64.158.53     for  requesting  '/scoundrels.html/wp-content/themes/blacklabel/framework/timthumb_old.php?src=
blacklist:  adding  54.94.156.237    for  requesting  '/scoundrels.html/administrator/components/com_jinc/classes/graphics/php-ofc-l
blacklist:  adding  5.9.65.111       for  requesting  '/scoundrels.html//administrator/components/com_jnewsletter/includes/openflash
blacklist:  adding  62.240.70.8      for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  62.240.70.8      for  requesting  '/scoundrels.html&sa=U&ei=4fEYVM2zH8aaygPr9ILgDg&ved=0
blacklist:  adding  64.6.255.203     for  requesting  '/wp-content/themes/ecobiz/timthumb.php?src=http%3A%2F%2Fblogger.com.remdiag.c
blacklist:  adding  69.165.150.234   for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  69.28.83.106     for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  69.94.116.22     for  requesting  '/scoundrels.html&sa=U&ei=fbUZVO3DLYyQgwTd1oDoBA&ved=0
blacklist:  adding  74.124.217.135   for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  74.209.212.5     for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  74.220.215.89    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
blacklist:  adding  75.98.162.2      for  requesting  '/scoundrels.html/wp-content/themes/TheTravelTheme/includes/timthumb.php?src=h
blacklist:  adding  78.24.51.82      for  requesting  '/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fimg.youtube.com.barga
blacklist:  adding  79.174.67.184    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  80.93.62.199     for  requesting  '//openemr/library/openflashchart/php-ofc-library/ofc_upload_image.php?name=ke
blacklist:  adding  82.165.133.188   for  requesting  '//xmlrpc.php'
blacklist:  adding  85.195.93.167    for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  85.195.93.167    for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  85.195.93.167    for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  85.195.93.167    for  requesting  '//administrator/components/com_maianmedia/utilities/charts/php-ofc-library/of
blacklist:  adding  85.214.138.39    for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fblogger
blacklist:  adding  85.214.94.77     for  requesting  '//openemr/library/openflashchart/php-ofc-library/ofc_upload_image.php?name=cm
blacklist:  adding  85.214.94.77     for  requesting  '//wp-content/plugins/wp-slimstat-ex/lib/ofc/php-ofc-library/ofc_upload_image.
blacklist:  adding  85.25.109.42     for  requesting  '/scoundrels.html/piwik/libs/open-flash-chart/php-ofc-library/ofc_upload_image
blacklist:  adding  85.25.142.20     for  requesting  '/administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_up
blacklist:  adding  89.108.123.26    for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  89.110.149.65    for  requesting  '/scoundrels.html/administrator/components/com_jinc/classes/graphics/php-ofc-l
blacklist:  adding  89.151.117.122   for  requesting  '/scoundrels.html/components/com_jnews/includes/openflashchart/php-ofc-library
blacklist:  adding  89.184.73.31     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  89.184.74.111    for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  89.200.172.145   for  requesting  '/scoundrels.html/administrator/components/com_jnewsletter/includes/openflashc
blacklist:  adding  89.221.250.9     for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  91.227.4.28      for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  91.227.4.28      for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  93.90.186.44     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  95.173.185.238   for  requesting  '/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fimg.youtube.com.barga
blacklist:  adding  96.127.190.162   for  requesting  '/wp-content/themes/ecobiz/timthumb.php?src=http%3A%2F%2Fpicasa.com.ar88.net%2
blacklist:  adding  98.159.217.110   for  requesting  '/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fpicasa.com.flatabovef
REFUSE     all  --  1.208.0.0/12         0.0.0.0/0           
REFUSE     all  --  27.115.0.0/17        0.0.0.0/0           
REFUSE     all  --  58.208.0.0/12        0.0.0.0/0           
REFUSE     all  --  58.248.0.0/13        0.0.0.0/0           
REFUSE     all  --  58.250.108.0/22      0.0.0.0/0           
REFUSE     all  --  59.0.0.0/8           0.0.0.0/0           
REFUSE     all  --  61.147.0.0/16        0.0.0.0/0           
REFUSE     all  --  61.174.51.192/26     0.0.0.0/0           
REFUSE     all  --  77.39.0.0/17         0.0.0.0/0           
REFUSE     all  --  87.229.111.0/24      0.0.0.0/0           
REFUSE     all  --  88.191.80.0/24       0.0.0.0/0           
REFUSE     all  --  93.114.40.0/21       0.0.0.0/0           
REFUSE     all  --  115.168.0.0/14       0.0.0.0/0           
REFUSE     all  --  116.1.0.0/16         0.0.0.0/0           
REFUSE     all  --  116.255.128.0/17     0.0.0.0/0           
REFUSE     all  --  123.31.0.0/19        0.0.0.0/0           
REFUSE     all  --  125.128.0.0/11       0.0.0.0/0           
REFUSE     all  --  180.76.0.0/16        0.0.0.0/0           
REFUSE     all  --  122.0.0.0/8          0.0.0.0/0           
REFUSE     all  --  123.138.0.0/15       0.0.0.0/0           
REFUSE     all  --  174.37.192.0/18      0.0.0.0/0           
REFUSE     all  --  182.48.0.0/18        0.0.0.0/0           
REFUSE     all  --  190.144.0.0/14       0.0.0.0/0           
REFUSE     all  --  202.117.0.0/18       0.0.0.0/0           
REFUSE     all  --  211.103.128.0/17     0.0.0.0/0           
REFUSE     all  --  217.20.169.160/27    0.0.0.0/0           
REFUSE     all  --  218.60.0.0/15        0.0.0.0/0           
REFUSE     all  --  218.0.0.0/30         0.0.0.0/0           
REFUSE     all  --  218.108.0.0/15       0.0.0.0/0           
REFUSE     all  --  219.140.0.0/16       0.0.0.0/0           
REFUSE     all  --  219.239.88.0/21      0.0.0.0/0           
REFUSE     all  --  221.0.0.0/15         0.0.0.0/0           
REFUSE     all  --  221.224.0.0/13       0.0.0.0/0           
REFUSE     all  --  222.184.0.0/13       0.0.0.0/0           
REFUSE     tcp  --  66.249.73.0/24       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  76.191.96.0/23       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  81.92.112.0/20       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  82.97.18.128/26      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  87.118.96.0/19       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  95.32.64.0/18        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  106.10.128.0/18      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  114.32.0.0/12        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  183.80.112.0/20      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  202.204.24.0/22      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  203.188.200.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.229.113.0/26     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.240.224.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  216.27.14.32/28      0.0.0.0/0            tcp dpt:25
REFUSE     all  --  116.8.0.0/14         0.0.0.0/0           

Last updated Sun Sep 21 00:48:02 2014 GMT