home
*

scoundrels

Here's a list of people who recently tried to attack equius.
D --> fail2ban :: via http :: via ssh :: via smtp :: caught in traps

fail2ban

      1 [pam-generic] Ban 113.195.145.80
      1 [pam-generic] Ban 218.65.30.92
      2 [pam-generic] Ban 89.163.220.47
      3 [pam-generic] Ban 91.227.220.152
      1 [postfix] Ban 110.211.222.227
      1 [postfix] Ban 111.67.194.11
      1 [postfix] Ban 112.78.143.148
      1 [postfix] Ban 118.80.176.181
      1 [postfix] Ban 149.3.143.250
      1 [postfix] Ban 176.117.84.93
      1 [postfix] Ban 180.250.251.58
      1 [postfix] Ban 207.46.153.209
      1 [postfix] Ban 209.55.101.60
      1 [postfix] Ban 41.73.20.98
      1 [postfix] Ban 69.155.252.183
      1 [postfix] Ban 69.247.99.48
      1 [postfix] Ban 69.8.48.231
      1 [postfix] Ban 78.46.93.189
      1 [ssh] Ban 111.172.235.170
      1 [ssh] Ban 113.195.145.80
      1 [ssh] Ban 117.79.155.237
     99 [ssh] Ban 125.46.40.3
      1 [ssh] Ban 156.139.34.88
      1 [ssh] Ban 171.250.98.198
      1 [ssh] Ban 184.168.119.160
      1 [ssh] Ban 186.101.2.130
      1 [ssh] Ban 200.87.207.198
      1 [ssh] Ban 202.195.160.11
      2 [ssh] Ban 208.109.111.61
      1 [ssh] Ban 210.159.207.154
      1 [ssh] Ban 210.26.24.9
      1 [ssh] Ban 211.140.18.230
      1 [ssh] Ban 217.170.195.51
      1 [ssh] Ban 218.155.67.124
      1 [ssh] Ban 218.200.188.213
      1 [ssh] Ban 218.65.30.92
      1 [ssh] Ban 218.90.134.14
      1 [ssh] Ban 222.197.129.60
      2 [ssh] Ban 222.216.29.175
      1 [ssh] Ban 58.52.198.74
      1 [ssh] Ban 71.162.9.25
      1 [ssh] Ban 83.103.223.170
      1 [ssh] Ban 88.149.202.139
      4 [ssh] Ban 89.163.220.47
      7 [ssh] Ban 91.227.220.152

via http

  604 attempts: turned away. Too many connections. 
  277 attempts: subnet: 99.233.196.0 - 99.233.197.255
  277 attempts: host: 99.233.197.39
   68 attempts: request: GET /components/com_hdflvplayer/hdflvplayer/download.php 
   64 attempts: subnet: 203.0.0.0/8
   64 attempts: host: 203.14.52.144
   54 attempts: subnet: 173.201.0.0/16
   54 attempts: host: 173.201.196.211
   41 attempts: subnet: 98.16.0.0/13
   41 attempts: host: 98.19.41.161
   39 attempts: subnet: 94.0.0.0/8
   39 attempts: request: GET /xmlrpc.php 
   38 attempts: subnet: 110.0.0.0/8
   38 attempts: host: 110.171.227.131
   36 attempts: subnet: 180.0.0.0/8
   36 attempts: host: 180.95.18.66
   33 attempts: subnet: 46.0.0.0/8
   32 attempts: request: GET /components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php 
   30 attempts: subnet: 77.0.0.0/8
   30 attempts: request: GET /components/com_contushdvideoshare/hdflvplayer/download.php 
   28 attempts: subnet: 105.0.0.0/8
   28 attempts: host: 105.237.20.94
   27 attempts: subnet: 98.192.0.0 - 98.255.255.255
   27 attempts: host: 98.254.82.180
   26 attempts: host: 77.246.188.72
   25 attempts: subnet: 5.0.0.0/8
   24 attempts: subnet: 193.0.0.0/8
   24 attempts: request: GET /index.php 
   24 attempts: host: 94.36.28.18
   24 attempts: host: 193.151.90.22
   20 attempts: host: 5.45.181.131
   19 attempts: subnet: 68.38.64.0 - 68.38.127.255
   19 attempts: host: 68.38.123.94
   18 attempts: subnet: 222.0.0.0/8
   17 attempts: request: GET /images/stories/petx.php 
   17 attempts: request: GET /images/stories/explore.php 
   17 attempts: host: 46.118.155.216
   15 attempts: subnet: 92.0.0.0/8
   15 attempts: host: 92.222.244.18
   15 attempts: host: 222.124.12.246
   13 attempts: subnet: 31.0.0.0/8
   13 attempts: host: 31.186.169.164
   12 attempts: user-agent: "ZmEu"
   12 attempts: subnet: 99.0.0.0/9
   12 attempts: subnet: 62.0.0.0/8
   12 attempts: subnet: 168.235.192.0/20
   12 attempts: subnet: 104.206.0.0/16
   12 attempts: host: 99.71.208.222
   12 attempts: host: 104.206.96.58
   11 attempts: subnet: 67.160.0.0 - 67.191.255.255
   11 attempts: subnet: 108.32.0.0/12, 108.56.0.0/15, 108.48.0.0/13, 108.0.0.0/11
   11 attempts: request: GET /wp-admin/admin-ajax.php 
   11 attempts: host: 94.153.10.149
   11 attempts: host: 67.169.142.226
   11 attempts: host: 108.4.2.44
   10 attempts: subnet: 188.0.0.0/8

via ssh

 1717 password attempts :          125.0.0.0/8 :  125.46.40.3, 125.208.14.49, 125.122.211.134
  670 password attempts :          175.0.0.0/8 :  175.45.192.236
  474 password attempts :          218.0.0.0/8 :  218.3.60.58, 218.4.111.78, 218.4.117.26, 218.65.30.23, 218.65.30.38, 218.65.30.61,
  219 password attempts :          182.0.0.0/8 :  182.100.67.4, 182.100.67.52, 182.100.67.59, 182.71.32.253, 182.74.84.250, 182.100.
  110 password attempts :        45.112.0.0/12 :  45.114.11.13, 45.114.11.14, 45.114.11.15, 45.114.11.18, 45.114.11.32, 45.114.11.36
   53 password attempts :          113.0.0.0/8 :  113.199.73.15, 113.97.229.87, 113.106.228.76, 113.108.69.209, 113.195.145.79, 113.
   45 password attempts :           91.0.0.0/8 :  91.236.74.6, 91.98.29.118, 91.186.221.42, 91.186.218.132, 91.227.220.152, 91.240.2
   32 password attempts :          115.0.0.0/8 :  115.88.36.83, 115.70.249.42, 115.195.250.94, 115.210.48.148, 115.199.239.129, 115.
   31 password attempts :          118.0.0.0/8 :  118.175.5.100, 118.26.131.19, 118.45.184.69, 118.97.147.27, 118.192.65.169, 118.16
   28 password attempts :          123.0.0.0/8 :  123.49.43.222, 123.49.62.231, 123.49.62.232, 123.56.45.160, 123.124.221.46, 123.19
   27 password attempts :           80.0.0.0/8 :  80.82.64.127, 80.190.254.98
   27 password attempts :          222.0.0.0/8 :  222.73.205.78, 222.124.190.43, 222.197.129.60, 222.216.29.175, 222.234.223.222
   27 password attempts :          221.0.0.0/8 :  221.179.89.90, 221.235.189.176
   25 password attempts :          188.0.0.0/8 :  188.122.76.53, 188.138.72.27, 188.17.160.34, 188.132.220.141, 188.138.113.113, 188
   24 password attempts :          210.0.0.0/8 :  210.26.24.9, 210.51.9.166, 210.73.74.245, 210.14.147.237, 210.14.157.171, 210.159.
   23 password attempts :           78.0.0.0/8 :  78.38.35.18, 78.202.22.29, 78.96.249.59, 78.69.251.238
   22 password attempts :           89.0.0.0/8 :  89.163.220.47, 89.248.171.19
   22 password attempts :          117.0.0.0/8 :  117.79.80.78, 117.36.197.36, 117.79.146.58, 117.21.191.206, 117.218.78.142, 117.79
   21 password attempts :           60.0.0.0/8 :  60.28.205.41, 60.164.184.44, 60.213.190.98, 60.52.206.241, 60.185.201.235, 60.217.
   21 password attempts :           31.0.0.0/8 :  31.184.236.44, 31.186.13.221
   19 password attempts :          211.0.0.0/8 :  211.140.18.230, 211.21.113.206, 211.216.48.205, 211.154.139.196
   17 password attempts :          201.0.0.0/8 :  201.62.50.1, 201.140.222.168, 201.191.197.136, 201.245.222.214
   16 password attempts :          193.0.0.0/8 :  193.104.41.53, 193.138.29.50, 193.95.84.205, 193.189.116.52
   15 password attempts :       184.168.0.0/16 :  184.168.119.160
   14 password attempts :           83.0.0.0/8 :  83.103.192.41, 83.230.255.70, 83.234.174.37, 83.103.223.170
   14 password attempts :           61.0.0.0/8 :  61.153.0.137, 61.78.95.226, 61.183.22.139, 61.130.100.234, 61.136.171.198
   13 password attempts :           42.0.0.0/8 :  42.62.51.61, 42.120.20.171, 42.101.139.133
   13 password attempts :          202.0.0.0/8 :  202.126.93.18, 202.46.14.130, 202.195.160.11, 202.107.242.254
   12 password attempts :           93.0.0.0/8 :  93.77.70.88, 93.174.93.99, 93.174.95.81
   12 password attempts :           88.0.0.0/8 :  88.149.160.42, 88.149.202.139, 88.151.175.202, 88.220.122.125
   12 password attempts :           58.0.0.0/8 :  58.52.198.74, 58.137.72.110, 58.206.126.29
   12 password attempts :          187.0.0.0/8 :  187.61.1.122, 187.178.206.67, 187.210.107.242
   12 password attempts :          183.0.0.0/8 :  183.146.71.83, 183.152.81.12
   11 password attempts :          186.0.0.0/8 :  186.101.2.130, 186.210.50.66, 186.192.247.194
   11 password attempts :          103.0.0.0/8 :  103.18.70.146, 103.48.66.176, 103.243.107.56

smtp

 3364  blocked using bl.spamcop.net;
 1472  warning: hostname does not resolve to address
  979  blocked by greylisting (12 attempts from 62.210.161.54)
  394  blocked using cbl.abuseat.org;
  336  reject: Helo command rejected: need fully-qualified hostname
  323  reject: Sender address rejected: Domain not found
  254  blocked using zen.spamhaus.org;
  237  Relay access denied
   95  reject: Recipient address rejected: SPF
   81  Received-SPF: softfail
   81  blocked using dnsbl.sorbs.net;
   52  reject: Recipient address rejected: mailbox disabled
   50  Received-SPF: permerror
   49  reject: Client host rejected: Access denied
   18  reject: Helo command rejected: Invalid name
    6  warning: numeric domain name in resource data of MX record
    2  ...: warning: unknown[89.189.39.154]: SASL PLAIN authentication failed: 

caught in traps

183.230.28.60    for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
78.110.50.104    for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload
103.29.168.12    for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
108.166.169.162  for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
173.201.196.211  for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
182.50.130.198   for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
76.77.144.75     for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
77.246.188.72    for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
81.88.49.44      for  requesting  '/administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_
5.9.148.215      for  requesting  '/administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_upload_image.php'
222.127.18.126   for  requesting  '//administrator/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php
5.9.148.215      for  requesting  '/administrator/components/com_joomleague/assets/classes/open-flash-chart/ofc_upload_image.php'
5.9.148.215      for  requesting  '/administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php'
5.9.148.215      for  requesting  '/administrator/components/com_maianmedia/utilities/charts/php-ofc-library/ofc_upload_image.php'
144.76.202.240   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=magic.ph
50.63.152.38     for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=magic.ph
94.36.28.18      for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=magic.ph
118.98.72.15     for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
200.205.243.124  for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
222.55.28.130    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
5.79.77.235      for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
5.9.148.215      for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
62.75.159.81     for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.php?name=mil.php'
94.138.216.196   for  requesting  '/scoundrels.html//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-ofc-li
188.40.94.143    for  requesting  '/scoundrels.html//components/com_jinc/classes/graphics/php-ofc-library/ofc_upload_image.php?name=
182.50.130.185   for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_image.p
50.1.202.4       for  requesting  '/scoundrels.html/sites/all/modules/civicrm/packages/OpenFlashChart/php-ofc-library/ofc_upload_ima
184.168.152.201  for  requesting  '/scoundrels.html/wp-content/themes/TheTravelTheme/includes/timthumb.php'
208.97.169.211   for  requesting  '/scoundrels.html/wp-content/themes/TheTravelTheme/includes/timthumb.php'
151.40.27.16     for  requesting  '/scoundrels.html/wp-content/themes/TheTravelTheme/includes/timthumb.php?src=http://picasa.com.bir
116.127.123.29   for  requesting  '/wp-content/themes/TheTravelTheme/includes/timthumb.php?src=http://ar.libertadpresossaharauis.com
188.165.239.11   for  requesting  '/wp-content/themes/TheTravelTheme/includes/timthumb.php?webshot=1&src=http%3A%2F%2Fflickr.com

current blacklist

REFUSE     all  --  1.208.0.0/12         0.0.0.0/0           
REFUSE     all  --  27.115.0.0/17        0.0.0.0/0           
REFUSE     all  --  58.208.0.0/12        0.0.0.0/0           
REFUSE     all  --  58.248.0.0/13        0.0.0.0/0           
REFUSE     all  --  58.250.108.0/22      0.0.0.0/0           
REFUSE     all  --  59.0.0.0/8           0.0.0.0/0           
REFUSE     all  --  61.147.0.0/16        0.0.0.0/0           
REFUSE     all  --  61.174.51.192/26     0.0.0.0/0           
REFUSE     all  --  77.39.0.0/17         0.0.0.0/0           
REFUSE     all  --  87.229.111.0/24      0.0.0.0/0           
REFUSE     all  --  88.191.80.0/24       0.0.0.0/0           
REFUSE     all  --  93.114.40.0/21       0.0.0.0/0           
REFUSE     all  --  115.168.0.0/14       0.0.0.0/0           
REFUSE     all  --  116.1.0.0/16         0.0.0.0/0           
REFUSE     all  --  116.255.128.0/17     0.0.0.0/0           
REFUSE     all  --  123.31.0.0/19        0.0.0.0/0           
REFUSE     all  --  125.128.0.0/11       0.0.0.0/0           
REFUSE     all  --  180.76.0.0/16        0.0.0.0/0           
REFUSE     all  --  122.0.0.0/8          0.0.0.0/0           
REFUSE     all  --  123.138.0.0/15       0.0.0.0/0           
REFUSE     all  --  174.37.192.0/18      0.0.0.0/0           
REFUSE     all  --  182.48.0.0/18        0.0.0.0/0           
REFUSE     all  --  190.144.0.0/14       0.0.0.0/0           
REFUSE     all  --  202.117.0.0/18       0.0.0.0/0           
REFUSE     all  --  211.103.128.0/17     0.0.0.0/0           
REFUSE     all  --  217.20.169.160/27    0.0.0.0/0           
REFUSE     all  --  218.60.0.0/15        0.0.0.0/0           
REFUSE     all  --  218.0.0.0/30         0.0.0.0/0           
REFUSE     all  --  218.108.0.0/15       0.0.0.0/0           
REFUSE     all  --  219.140.0.0/16       0.0.0.0/0           
REFUSE     all  --  219.239.88.0/21      0.0.0.0/0           
REFUSE     all  --  221.0.0.0/15         0.0.0.0/0           
REFUSE     all  --  221.224.0.0/13       0.0.0.0/0           
REFUSE     all  --  222.184.0.0/13       0.0.0.0/0           
REFUSE     tcp  --  66.249.73.0/24       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  76.191.96.0/23       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  81.92.112.0/20       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  82.97.18.128/26      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  87.118.96.0/19       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  95.32.64.0/18        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  106.10.128.0/18      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  114.32.0.0/12        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  183.80.112.0/20      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  202.204.24.0/22      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  203.188.200.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.229.113.0/26     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.240.224.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  216.27.14.32/28      0.0.0.0/0            tcp dpt:25
REFUSE     all  --  116.8.0.0/14         0.0.0.0/0           

Last updated Fri Aug 28 00:48:01 2015 GMT