Home >

Scoundrels

D --> f001ish attempts at misuse of resources


D --> via http

180 requests from 115.42.210.156
180 requests from 117.48.197.187
179 requests from 189.195.128.243
176 requests from 47.90.124.124
174 requests from 120.92.109.238
166 requests from 203.245.0.162
166 requests from 123.254.110.248
143 requests from 119.27.173.127
123 requests from 200.54.3.75
53 requests from 121.129.168.66
18 requests from 123.249.9.149
4 requests from 54.206.67.196
4 requests from 213.191.133.2
4 requests from 50.62.176.234
4 requests from 43.255.152.4
... 84 items truncated ...
35 requests for/
17 requests for/wp-login.php
10 requests for/ak47.php
10 requests for/wc.php
10 requests for/s.php
10 requests for/webdav/
10 requests for/ssaa.php
10 requests for/zuoshou.php
10 requests for/qaq.php
10 requests for/sheep.php
10 requests for/phpstudy.php
10 requests for/wanan.php
10 requests for/hm.php
10 requests for/w.php
10 requests for/qq.php
... 220 items truncated ...

D --> via ssh

51attempts from  83.8.0.0/13
30attempts from  188.165.0.0/16
21attempts from  59.44.0.0/14
20attempts from  5.188.10.0/24
20attempts from  217.32.0.0/12
16attempts from  51.254.0.0/15
16attempts from  164.132.0.0/16
15attempts from  73.0.0.0/8
15attempts from  54.36.0.0/16
15attempts from  147.75.100.0/22
14attempts from  94.23.0.0/16
14attempts from  89.161.76.0/22
14attempts from  47.205.0.0/16
14attempts from  221.144.0.0/13
14attempts from  213.226.0.0/18
14attempts from  125.212.232.0/22
14attempts from  122.116.0.0/16
13attempts from  81.128.0.0/12
13attempts from  36.66.0.0/16
13attempts from  212.194.0.0/15
... 128 items truncated ...
134attempts on admin
78attempts on root
46attempts on test
27attempts on user
20attempts on ubuntu
18attempts on pi
16attempts on postgres
15attempts on oracle
15attempts on git
13attempts on testuser
13attempts on ftpuser
12attempts on tomcat
12attempts on demo
11attempts on hadoop
11attempts on guest
9attempts on www
9attempts on user1
9attempts on server
9attempts on mysql
9attempts on deploy
... 242 items truncated ..

D --> via smtp

22 attempts from 146.0.77.188
72 of Client host [...] blocked using bl.spamcop.net;
39 of reject: RCPT from [...]: 554 5.7.1
22 of warning: unknown[146.0.77.188]: SASL PLAIN authentication failed:
12 of reject: RCPT from [...]: 550 5.7.1
11 of reject: RCPT from [...]: 450 4.1.8
11 of Client host [...] blocked using cbl.abuseat.org;
10 of Received-SPF: softfail
2 of warning: non-SMTP command from [...]: GET /login.html HTTP/1.1
2 of Received-SPF: permerror

D --> blacklisted

The first set are ranges blacklisted by hand
pkts bytes target prot opt in out source destination
203 8716 REFUSE all -- * * 222.176.0.0/12 0.0.0.0/0
1512 95319 REFUSE all -- * *  58.192.0.0/11 *
86 3504 REFUSE all -- * *  111.72.0.0/13 *
1335 82542 REFUSE all -- * *  111.192.0.0/12 *
75 4962 REFUSE all -- * *  118.24.0.0/15 *
136 6260 REFUSE all -- * *  125.64.0.0/11 *
469 28801 REFUSE all -- * *  221.224.0.0/13 *
16 696 REFUSE all -- * *  222.128.0.0/12 *

These were blacklisted automatically by triggering a trap
4 192 REFUSE all -- * *  5.43.82.158 *
2 80 REFUSE all -- * *  14.215.176.145 *
13 648 REFUSE all -- * *  24.57.196.153 *
7 344 REFUSE all -- * *  27.7.221.244 *
7 344 REFUSE all -- * *  31.223.143.176 *
2 80 REFUSE all -- * *  35.180.47.216 *
2 80 REFUSE all -- * *  35.204.81.28 *
3 140 REFUSE all -- * *  36.73.116.88 *
0 0 REFUSE all -- * *  36.84.71.73 *
12 512 REFUSE all -- * *  36.224.173.15 *
10 464 REFUSE all -- * *  37.132.248.123 *
13 648 REFUSE all -- * *  39.50.77.239 *
0 0 REFUSE all -- * *  41.100.122.22 *
7 344 REFUSE all -- * *  41.164.48.57 *
0 0 REFUSE all -- * *  41.242.116.23 *
8 320 REFUSE all -- * *  43.248.20.149 *
0 0 REFUSE all -- * *  45.40.166.151 *
0 0 REFUSE all -- * *  45.40.166.169 *
12 608 REFUSE all -- * *  46.118.155.165 *
0 0 REFUSE all -- * *  47.95.240.251 *
0 0 REFUSE all -- * *  49.204.210.164 *
0 0 REFUSE all -- * *  49.206.15.226 *
0 0 REFUSE all -- * *  50.28.49.55 *
0 0 REFUSE all -- * *  50.62.161.77 *
0 0 REFUSE all -- * *  50.63.196.199 *
0 0 REFUSE all -- * *  50.87.144.55 *
0 0 REFUSE all -- * *  50.87.249.135 *
0 0 REFUSE all -- * *  61.3.128.218 *
91 4504 REFUSE all -- * *  62.210.152.119 *
8 344 REFUSE all -- * *  64.38.249.68 *
11 1130 REFUSE all -- * *  64.251.23.173 *
0 0 REFUSE all -- * *  66.38.32.24 *
0 0 REFUSE all -- * *  66.175.239.7 *
0 0 REFUSE all -- * *  67.195.177.105 *
0 0 REFUSE all -- * *  67.205.13.248 *
0 0 REFUSE all -- * *  67.227.213.209 *
96 5760 REFUSE all -- * *  69.27.124.170 *
10 400 REFUSE all -- * *  69.163.163.117 *
8 344 REFUSE all -- * *  69.195.124.54 *
0 0 REFUSE all -- * *  72.29.127.15 *
11 524 REFUSE all -- * *  72.167.190.6 *
0 0 REFUSE all -- * *  74.208.180.149 *
0 0 REFUSE all -- * *  74.220.219.148 *
5 244 REFUSE all -- * *  77.64.197.182 *
0 0 REFUSE all -- * *  79.100.110.20 *
0 0 REFUSE all -- * *  79.170.40.39 *
0 0 REFUSE all -- * *  80.88.86.23 *
13 584 REFUSE all -- * *  80.102.76.204 *
0 0 REFUSE all -- * *  81.88.48.113 *
0 0 REFUSE all -- * *  82.165.80.244 *
0 0 REFUSE all -- * *  82.165.80.246 *
7 344 REFUSE all -- * *  83.34.0.232 *
0 0 REFUSE all -- * *  85.94.76.19 *
7 352 REFUSE all -- * *  85.99.55.230 *
7 352 REFUSE all -- * *  86.21.42.205 *
32 1605 REFUSE all -- * *  86.110.118.172 *
0 0 REFUSE all -- * *  89.132.22.145 *
0 0 REFUSE all -- * *  89.132.241.89 *
7 344 REFUSE all -- * *  89.189.88.83 *
0 0 REFUSE all -- * *  89.252.184.201 *
0 0 REFUSE all -- * *  91.140.40.48 *
7 344 REFUSE all -- * *  93.42.70.190 *
0 0 REFUSE all -- * *  93.122.251.165 *
0 0 REFUSE all -- * *  93.136.8.6 *
0 0 REFUSE all -- * *  94.23.252.225 *
4 192 REFUSE all -- * *  94.69.125.101 *
0 0 REFUSE all -- * *  95.211.211.232 *
0 0 REFUSE all -- * *  95.251.102.85 *
0 0 REFUSE all -- * *  101.127.35.129 *
0 0 REFUSE all -- * *  103.97.95.125 *
0 0 REFUSE all -- * *  103.252.202.140 *
0 0 REFUSE all -- * *  103.255.4.99 *
9 384 REFUSE all -- * *  103.255.31.81 *
0 0 REFUSE all -- * *  103.255.31.84 *
11 524 REFUSE all -- * *  104.200.142.26 *
0 0 REFUSE all -- * *  104.236.24.167 *
0 0 REFUSE all -- * *  108.167.189.47 *
0 0 REFUSE all -- * *  109.123.93.172 *
7 344 REFUSE all -- * *  112.134.37.63 *
0 0 REFUSE all -- * *  115.28.17.58 *
2 80 REFUSE all -- * *  115.239.212.200 *
9 392 REFUSE all -- * *  116.21.94.245 *
1 60 REFUSE all -- * *  116.48.158.174 *
8 344 REFUSE all -- * *  117.221.191.6 *
0 0 REFUSE all -- * *  118.71.69.68 *
0 0 REFUSE all -- * *  118.89.139.150 *
0 0 REFUSE all -- * *  119.94.67.207 *
0 0 REFUSE all -- * *  120.50.121.172 *
0 0 REFUSE all -- * *  120.76.114.201 *
0 0 REFUSE all -- * *  121.42.205.30 *
13 648 REFUSE all -- * *  123.201.174.8 *
6 240 REFUSE all -- * *  123.206.217.106 *
0 0 REFUSE all -- * *  125.25.199.158 *
7 280 REFUSE all -- * *  140.143.93.167 *
5 244 REFUSE all -- * *  142.118.122.191 *
0 0 REFUSE all -- * *  144.48.2.230 *
0 0 REFUSE all -- * *  144.76.21.165 *
1 60 REFUSE all -- * *  151.1.182.10 *
10 464 REFUSE all -- * *  151.73.217.4 *
7 344 REFUSE all -- * *  157.33.168.93 *
2 112 REFUSE all -- * *  157.49.179.107 *
0 0 REFUSE all -- * *  162.241.217.168 *
7 344 REFUSE all -- * *  165.255.206.161 *
1 60 REFUSE all -- * *  174.136.12.206 *
0 0 REFUSE all -- * *  175.157.138.205 *
0 0 REFUSE all -- * *  176.24.67.84 *
0 0 REFUSE all -- * *  177.192.74.246 *
0 0 REFUSE all -- * *  178.79.49.71 *
74 3748 REFUSE all -- * *  178.137.93.108 *
0 0 REFUSE all -- * *  178.149.209.134 *
4 192 REFUSE all -- * *  180.110.248.51 *
0 0 REFUSE all -- * *  180.190.43.95 *
0 0 REFUSE all -- * *  184.168.152.134 *
0 0 REFUSE all -- * *  184.168.193.151 *
0 0 REFUSE all -- * *  185.103.173.100 *
0 0 REFUSE all -- * *  185.143.178.3 *
0 0 REFUSE all -- * *  185.208.164.141 *
0 0 REFUSE all -- * *  185.234.217.101 *
16 704 REFUSE all -- * *  185.234.217.132 *
17 744 REFUSE all -- * *  185.234.218.62 *
0 0 REFUSE all -- * *  186.19.108.186 *
0 0 REFUSE all -- * *  186.202.153.99 *
0 0 REFUSE all -- * *  186.227.128.246 *
0 0 REFUSE all -- * *  190.192.89.239 *
4 192 REFUSE all -- * *  191.19.199.81 *
6 240 REFUSE all -- * *  191.252.45.172 *
0 0 REFUSE all -- * *  192.185.2.179 *
0 0 REFUSE all -- * *  192.185.4.26 *
0 0 REFUSE all -- * *  192.185.4.38 *
0 0 REFUSE all -- * *  192.185.4.61 *
8 344 REFUSE all -- * *  192.185.4.78 *
0 0 REFUSE all -- * *  192.185.4.101 *
0 0 REFUSE all -- * *  192.185.4.116 *
0 0 REFUSE all -- * *  192.185.4.157 *
0 0 REFUSE all -- * *  192.185.81.65 *
0 0 REFUSE all -- * *  192.185.82.183 *
1 60 REFUSE all -- * *  192.185.128.168 *
0 0 REFUSE all -- * *  192.241.184.137 *
23 1048 REFUSE all -- * *  193.169.252.147 *
9 460 REFUSE all -- * *  193.201.224.200 *
6 304 REFUSE all -- * *  193.201.224.220 *
17 860 REFUSE all -- * *  193.201.224.225 *
0 0 REFUSE all -- * *  197.101.6.136 *
4 192 REFUSE all -- * *  197.227.170.166 *
0 0 REFUSE all -- * *  198.57.247.159 *
0 0 REFUSE all -- * *  198.57.247.160 *
0 0 REFUSE all -- * *  198.57.247.189 *
5 284 REFUSE all -- * *  198.71.230.75 *
0 0 REFUSE all -- * *  201.83.102.23 *
7 344 REFUSE all -- * *  202.153.45.56 *
7 304 REFUSE all -- * *  204.152.252.35 *
0 0 REFUSE all -- * *  205.186.180.11 *
0 0 REFUSE all -- * *  208.67.23.91 *
3 152 REFUSE all -- * *  209.18.90.150 *
9 360 REFUSE all -- * *  210.209.123.81 *
0 0 REFUSE all -- * *  211.13.204.1 *
7 344 REFUSE all -- * *  211.106.28.156 *
7 280 REFUSE all -- * *  212.1.210.220 *
11 1130 REFUSE all -- * *  212.227.24.21 *
0 0 REFUSE all -- * *  212.227.24.44 *
0 0 REFUSE all -- * *  217.160.62.44 *
4 192 REFUSE all -- * *  218.48.21.234 *
0 0 REFUSE all -- * *  219.94.128.105 *
0 0 REFUSE all -- * *  223.19.98.213 *
0 0 REFUSE all -- * *  223.25.26.118 *

Last updated Thu Sep 20 11:52:05 2018