Home >

Scoundrels

D --> f001ish attempts at misuse of resources


D --> via http

406 requests from 94.191.99.107
7 requests from 77.88.47.40
6 requests from 51.158.111.238
6 requests from 139.59.23.231
3 requests from 158.69.247.45
2 requests from 125.160.203.172
2 requests from 157.55.39.58
2 requests from 94.23.208.210
2 requests from 104.248.237.151
2 requests from 24.128.252.67
2 requests from 192.99.15.55
1 requests from 82.165.80.138
1 requests from 209.17.97.10
1 requests from 209.17.97.34
1 requests from 158.199.144.10
... 53 items truncated ...
13 requests for/
4 requests for/old/wp-admin/
4 requests for/wp-admin/
4 requests for/test/wp-admin/
3 requests for/index.php...
3 requests for/wordpress/wp-admin/
3 requests for/blog/wp-admin/
2 requests for/gallery/sprites/feastings_pixels/
2 requests for/wp/wp-admin/
2 requests for/games/pdf/homestuck_rpg_(4e).pdf
2 requests for/wp-login.php
2 requests for/manager/html
2 requests for/cgi-bin/config.exp
2 requests for/xmlrpc.php...
2 requests for/admin/login.php
... 447 items truncated ...

D --> via ssh

13attempts from  201.91.0.0/16
12attempts from  36.82.104.0/21
12attempts from  128.199.64.0/18
12attempts from  112.33.21.0/24
11attempts from  159.65.144.0/20
10attempts from  96.1.0.0/17
10attempts from  71.224.0.0/12
10attempts from  59.0.0.0/13
10attempts from  46.101.0.0/18
10attempts from  211.148.128.0/20
10attempts from  177.124.192.0/19
10attempts from  142.93.208.0/20
10attempts from  122.154.109.0/24
9attempts from  88.160.0.0/12
9attempts from  72.176.0.0/13
9attempts from  24.232.192.0/19
9attempts from  139.59.64.0/20
8attempts from  98.192.0.0/10
8attempts from  95.89.0.0/17
8attempts from  88.176.0.0/12
... 96 items truncated ...
146attempts on root
59attempts on admin
49attempts on test
19attempts on pi
12attempts on git
9attempts on postgres
7attempts on ubuntu
7attempts on nagios
7attempts on guest
6attempts on support
6attempts on ftpuser
5attempts on zabbix
5attempts on vnc
5attempts on james
4attempts on vyatta
4attempts on user
4attempts on ts3
4attempts on tomcat
4attempts on teste
4attempts on teamspeak
... 116 items truncated ..

D --> via smtp

4 attempts from 23.254.231.87
4 attempts from 41.230.204.70
4 attempts from 78.17.5.115
4 attempts from 80.56.147.80
4 attempts from 92.29.97.107
6 attempts from 93.88.138.204
4 attempts from 94.228.207.237
4 attempts from 114.43.45.147
3 attempts from 134.73.88.114
3 attempts from 139.255.56.178
4 attempts from 151.34.51.178
4 attempts from 181.53.136.60
4 attempts from 181.72.88.44
4 attempts from 196.188.63.7
4 attempts from 196.190.191.89
... 4 items truncated ..
55 of reject: RCPT from [...]: 554 5.7.1
45 of reject: RCPT from [...]: 450 4.1.8
44 of Client host [...] blocked using bl.spamcop.net;
43 of reject: RCPT from [...]: 550 5.7.1
22 of reject: RCPT from [...]: 550 5.1.1
8 of Client host [...] blocked using cbl.abuseat.org;
7 of Received-SPF: softfail
3 of warning: numeric domain name in resource data of MX record for [...]
2 of warning: non-SMTP command from [...]: GET /login.html HTTP/1.1
2 of warning: non-SMTP command from [...]: GET / HTTP/1.0
2 of warning: TLS library problem: error:1408A10B:SSL routines:ssl3_get_client_hello:wrong version number:s3_srvr.c:960:
2 of warning: TLS library problem: error:140760FC:SSL routines:SSL23_GET_CLIENT_HELLO:unknown protocol:s23_srvr.c:640:

D --> blacklisted

The first set are ranges blacklisted by hand
pkts bytes target prot opt in out source destination
7520 362K REFUSE all -- * * 222.176.0.0/12 0.0.0.0/0
1095 72037 REFUSE all -- * *  58.192.0.0/11 *
29 1740 REJECT all -- * *  106.13.0.0/18 * reject-with icmp-port-unreachable
183 9132 REFUSE all -- * *  111.72.0.0/13 *
1089 71001 REFUSE all -- * *  111.192.0.0/12 *
90 5332 REFUSE all -- * *  118.24.0.0/15 *
285 12488 REFUSE all -- * *  125.64.0.0/11 *
537 36721 REFUSE all -- * *  221.224.0.0/13 *
1 60 REFUSE all -- * *  222.128.0.0/12 *

These were blacklisted automatically by triggering a trap
0 0 REFUSE all -- * *  3.87.216.155 *
0 0 REFUSE all -- * *  5.149.76.70 *
1 40 REFUSE all -- * *  5.197.246.122 *
2 80 REFUSE all -- * *  13.76.162.75 *
0 0 REFUSE all -- * *  13.250.7.111 *
0 0 REFUSE all -- * *  14.92.141.136 *
2 80 REFUSE all -- * *  14.186.97.36 *
0 0 REFUSE all -- * *  18.220.19.26 *
0 0 REFUSE all -- * *  18.225.35.111 *
31 1560 REFUSE all -- * *  37.115.189.148 *
0 0 REFUSE all -- * *  39.98.238.205 *
0 0 REFUSE all -- * *  42.51.39.56 *
24 1440 REFUSE all -- * *  45.4.176.222 *
3 152 REFUSE all -- * *  45.40.165.15 *
0 0 REFUSE all -- * *  45.40.166.146 *
8 344 REFUSE all -- * *  45.40.166.148 *
8 344 REFUSE all -- * *  45.40.166.157 *
9 404 REFUSE all -- * *  45.40.166.167 *
0 0 REFUSE all -- * *  45.40.166.168 *
0 0 REFUSE all -- * *  45.55.47.128 *
28 1312 REFUSE all -- * *  46.105.61.249 *
0 0 REFUSE all -- * *  46.118.155.222 *
0 0 REFUSE all -- * *  46.118.157.179 *
0 0 REFUSE all -- * *  46.252.205.174 *
0 0 REFUSE all -- * *  49.150.227.152 *
0 0 REFUSE all -- * *  49.197.171.245 *
8 344 REFUSE all -- * *  50.63.196.134 *
0 0 REFUSE all -- * *  50.87.144.55 *
0 0 REFUSE all -- * *  50.116.82.246 *
2 104 REFUSE all -- * *  51.68.11.199 *
2 104 REFUSE all -- * *  51.68.11.231 *
0 0 REFUSE all -- * *  51.77.148.240 *
9 384 REFUSE all -- * *  54.37.19.214 *
3 180 REFUSE all -- * *  62.210.185.4 *
2 80 REFUSE all -- * *  65.75.10.88 *
64 3840 REFUSE all -- * *  69.27.124.170 *
0 0 REFUSE all -- * *  69.49.102.234 *
0 0 REFUSE all -- * *  69.49.117.143 *
0 0 REFUSE all -- * *  69.162.68.106 *
1 40 REFUSE all -- * *  71.31.251.84 *
0 0 REFUSE all -- * *  73.252.96.224 *
1 60 REFUSE all -- * *  74.208.57.138 *
8 344 REFUSE all -- * *  74.220.207.85 *
0 0 REFUSE all -- * *  77.247.181.163 *
9 404 REFUSE all -- * *  79.170.44.92 *
8 344 REFUSE all -- * *  79.170.44.95 *
0 0 REFUSE all -- * *  81.22.45.136 *
0 0 REFUSE all -- * *  81.169.144.135 *
1 60 REFUSE all -- * *  82.165.81.63 *
0 0 REFUSE all -- * *  82.165.81.98 *
12 1200 REFUSE all -- * *  82.165.83.20 *
11 1142 REFUSE all -- * *  82.165.86.117 *
0 0 REFUSE all -- * *  82.202.172.4 *
0 0 REFUSE all -- * *  86.91.101.98 *
0 0 REFUSE all -- * *  87.118.116.90 *
0 0 REFUSE all -- * *  90.10.183.52 *
0 0 REFUSE all -- * *  91.208.99.2 *
0 0 REFUSE all -- * *  92.52.27.210 *
11 476 REFUSE all -- * *  94.23.91.95 *
0 0 REFUSE all -- * *  94.23.157.38 *
8 364 REFUSE all -- * *  98.139.190.55 *
1 60 REFUSE all -- * *  98.139.190.58 *
0 0 REFUSE all -- * *  102.72.10.104 *
0 0 REFUSE all -- * *  103.48.193.25 *
9 1980 REFUSE all -- * *  103.56.112.223 *
16 1956 REFUSE all -- * *  103.96.73.160 *
0 0 REFUSE all -- * *  103.201.129.74 *
0 0 REFUSE all -- * *  103.255.31.84 *
0 0 REFUSE all -- * *  106.51.31.149 *
2 92 REFUSE all -- * *  108.252.162.74 *
8 344 REFUSE all -- * *  109.95.158.17 *
0 0 REFUSE all -- * *  109.175.107.80 *
0 0 REFUSE all -- * *  111.92.29.17 *
0 0 REFUSE all -- * *  114.215.154.125 *
7 292 REFUSE all -- * *  115.112.119.45 *
6 240 REFUSE all -- * *  118.89.139.150 *
8 320 REFUSE all -- * *  118.123.19.159 *
1 40 REFUSE all -- * *  118.139.148.10 *
6 240 REFUSE all -- * *  119.29.5.68 *
7 304 REFUSE all -- * *  120.24.60.115 *
6 240 REFUSE all -- * *  120.27.35.11 *
0 0 REFUSE all -- * *  120.27.37.74 *
0 0 REFUSE all -- * *  123.25.238.64 *
0 0 REFUSE all -- * *  123.57.254.142 *
10 472 REFUSE all -- * *  124.107.219.68 *
0 0 REFUSE all -- * *  132.145.155.184 *
0 0 REFUSE all -- * *  134.209.81.100 *
6 304 REFUSE all -- * *  151.80.246.221 *
10 1102 REFUSE all -- * *  157.7.106.115 *
0 0 REFUSE all -- * *  157.230.155.4 *
0 0 REFUSE all -- * *  158.69.125.175 *
0 0 REFUSE all -- * *  159.69.164.194 *
3 180 REFUSE all -- * *  159.203.242.157 *
0 0 REFUSE all -- * *  162.241.216.152 *
8 344 REFUSE all -- * *  162.241.218.115 *
1 40 REFUSE all -- * *  176.40.254.95 *
0 0 REFUSE all -- * *  177.43.145.161 *
0 0 REFUSE all -- * *  177.185.192.89 *
0 0 REFUSE all -- * *  177.247.73.67 *
11 464 REFUSE all -- * *  178.32.60.66 *
0 0 REFUSE all -- * *  178.128.198.103 *
10 424 REFUSE all -- * *  178.254.50.109 *
0 0 REFUSE all -- * *  181.120.125.164 *
0 0 REFUSE all -- * *  182.59.184.62 *
5 232 REFUSE all -- * *  184.168.152.149 *
0 0 REFUSE all -- * *  184.168.193.154 *
8 344 REFUSE all -- * *  185.2.4.27 *
0 0 REFUSE all -- * *  185.2.4.34 *
8 344 REFUSE all -- * *  185.98.131.138 *
0 0 REFUSE all -- * *  185.100.87.206 *
0 0 REFUSE all -- * *  185.104.106.72 *
10 424 REFUSE all -- * *  185.180.198.27 *
0 0 REFUSE all -- * *  186.188.12.194 *
0 0 REFUSE all -- * *  188.166.99.89 *
0 0 REFUSE all -- * *  191.253.168.142 *
0 0 REFUSE all -- * *  192.185.82.183 *
9 404 REFUSE all -- * *  192.254.250.187 *
4 208 REFUSE all -- * *  193.201.224.220 *
0 0 REFUSE all -- * *  193.201.224.225 *
0 0 REFUSE all -- * *  194.113.106.125 *
64 3232 REFUSE all -- * *  194.113.106.126 *
0 0 REFUSE all -- * *  195.74.51.138 *
6 284 REFUSE all -- * *  198.54.114.63 *
0 0 REFUSE all -- * *  198.57.247.130 *
8 344 REFUSE all -- * *  198.57.247.192 *
0 0 REFUSE all -- * *  200.62.99.12 *
0 0 REFUSE all -- * *  202.166.46.46 *
0 0 REFUSE all -- * *  208.97.170.33 *
0 0 REFUSE all -- * *  210.152.127.66 *
0 0 REFUSE all -- * *  217.115.140.79 *
0 0 REFUSE all -- * *  217.182.174.111 *
6 264 REFUSE all -- * *  223.130.27.20 *

Last updated Tue Apr 23 23:52:19 2019