home
*

scoundrels

Here's a list of people who recently tried to attack equius.
D --> via http :: via ssh :: via smtp :: automaticly blacklisted

via http

   52 attempts: request: GET /wp-content/.../timthumb_old.php 
   50 attempts: subnet: 217.26.145.0/24
   49 attempts: host: 217.26.145.205
   47 attempts: request: GET /wp-content/.../timthumb.php 
   46 attempts: subnet: 91.121.144.0/20
   46 attempts: host: 91.121.156.153
   44 attempts: request: GET /wp-login.php 
   15 attempts: subnet: 211.94.0.0 - 211.103.255.255
   15 attempts: request: GET /images/stories/food.php 
   15 attempts: host: 211.97.155.10
   13 attempts: subnet: 187.17.64.0/18
   12 attempts: user-agent: "ZmEu"
   12 attempts: request: GET /scoundrels.html/wp-content/.../timthumb.php 
   12 attempts: host: 69.174.245.163
   11 attempts: subnet: 109.237.80.0/20
   11 attempts: host: 109.237.81.62
   10 attempts: request: GET /lomac/index.php 

via ssh

  117.21.191.197 : 413 password attempts : 117.21.0.0/16 : 
    42.96.135.75 : 211 password attempts : 42.96.128.0/17 : 
  124.207.128.14 : 93 password attempts : 124.207.128.0/17 : 
   61.174.50.163 : 71 password attempts : 61.174.48.0/21 : 163.50.174.61.dial.wz.zj.dynamic.163data.com.cn
   61.174.50.213 : 57 password attempts : 61.174.48.0/21 : 213.50.174.61.dial.wz.zj.dynamic.163data.com.cn
   61.174.50.184 : 38 password attempts : 61.174.48.0/21 : 184.50.174.61.dial.wz.zj.dynamic.163data.com.cn
   61.174.50.216 : 33 password attempts : 61.174.48.0/21 : 216.50.174.61.dial.wz.zj.dynamic.163data.com.cn
   61.174.50.177 : 32 password attempts : 61.174.48.0/21 : 177.50.174.61.dial.wz.zj.dynamic.163data.com.cn
   117.79.91.244 : 30 password attempts : 117.79.80.0/20 : 
  186.202.185.96 : 21 password attempts : cpro16459.publiccloud.com.br
   61.167.49.137 : 19 password attempts : 61.167.49.128/26 : 
  82.221.106.233 : 18 password attempts : 82.221.106.232/29 : 
   61.167.49.142 : 13 password attempts : 61.167.49.128/26 : 
   61.167.49.134 : 13 password attempts : 61.167.49.128/26 : 
   61.167.49.144 : 12 password attempts : 61.167.49.128/26 : 
   61.167.49.136 : 12 password attempts : 61.167.49.128/26 : 
    60.173.26.68 : 11 password attempts : 60.166.0.0 - 60.175.255.255 : 

smtp

 1719  blocked using bl.spamcop.net;
 1211  warning: hostname does not resolve to address
  831  blocked by greylisting (10 attempts from 104.140.32.213)
  658  blocked using zen.spamhaus.org;
  474  blocked using cbl.abuseat.org;
  361  reject: Sender address rejected: Domain not found
  153  Received-SPF: softfail
  124  Relay access denied
  120  reject: Helo command rejected: need fully-qualified hostname
  109  warning: numeric domain name in resource data of MX record
   79  reject: Recipient address rejected: SPF
   67  Received-SPF: permerror
   60  blocked using dnsbl.sorbs.net;
   26  reject: Recipient address rejected: mailbox disabled
   12  ...: warning: unknown[123.27.202.197]: SASL PLAIN authentication failed: 
   11  reject: Client host rejected: Access denied
    6  ...: warning: premature end-of-input on private/spfcheck while reading input attribute name
    5  ...: warning: valid_hostname: empty hostname
    5  warning: malformed domain name in resource data of MX record
    5  reject: Sender address rejected: Malformed DNS server reply
    4  reject: Helo command rejected: Invalid name
    3  ...: warning: problem talking to server private/spfcheck: Success
    3  ...: warning: host139.201-252-3.telecom.net.ar[201.252.3.139]: SASL PLAIN authentication failed: 
    3  ...: warning: command /usr/sbin/postfix-policyd-spf-perl exit status 255
    2  ...: warning: unknown[186.151.51.23]: SASL PLAIN authentication failed: 
    2  ...: warning: p5B25A975.dip0.t-ipconnect.de[91.37.169.117]: SASL PLAIN authentication failed: 
    2  ...: warning: p5093116d.dip0.t-ipconnect.de[80.147.17.109]: SASL PLAIN authentication failed: 
    2  reject: Recipient address rejected: User unknown in virtual alias table

automatically blacklisted

blacklist:  adding  104.143.2.141    for  requesting  '/xmlrpc.php'
blacklist:  adding  109.237.81.62    for  requesting  '/scoundrels.html/wp-content/themes/blacklabel/framework/timthumb_old.php?src=
blacklist:  adding  119.252.23.4     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fimg.you
blacklist:  adding  123.30.215.247   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  123.63.204.140   for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fimg.you
blacklist:  adding  134.213.24.37    for  requesting  '/scoundrels.html/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fflick
blacklist:  adding  151.236.11.163   for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  159.226.170.51   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  162.253.149.156  for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  173.14.217.251   for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  173.208.146.107  for  requesting  '//wp-content/themes/TheTravelTheme/includes/timthumb.php?src=http://blogger.c
blacklist:  adding  177.55.106.140   for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  177.55.106.140   for  requesting  '/scoundrels.html//administrator/components/com_jinc/classes/graphics/php-ofc-
blacklist:  adding  177.73.233.247   for  requesting  '/wp-content/themes/Telegraph/scripts/timthumb.php?src=http%3A%2F%2Fimg.youtub
blacklist:  adding  183.111.141.95   for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  184.107.129.130  for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  184.168.46.209   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  187.17.106.2     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fflickr.
blacklist:  adding  187.17.106.49    for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fflickr.
blacklist:  adding  187.17.106.57    for  requesting  '/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fflickr.com.hotelkouri
blacklist:  adding  187.17.106.58    for  requesting  '/wp-content/themes/telegraph/scripts/timthumb.php?src=http%3A%2F%2Fflickr.com
blacklist:  adding  188.138.103.170  for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  190.196.65.125   for  requesting  '/wp-content/plugins/seo-watcher/ofc/php-ofc-library/ofc_upload_image.php?name
blacklist:  adding  190.197.87.113   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  192.111.150.189  for  requesting  '/scoundrels.html//administrator/components/com_civicrm/civicrm/packages/OpenF
blacklist:  adding  192.198.90.106   for  requesting  '/scoundrels.html/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Feurop
blacklist:  adding  192.249.115.20   for  requesting  '/wp-content/themes/telegraph/scripts/timthumb.php?src=http%3A%2F%2Fflickr.com
blacklist:  adding  192.254.197.192  for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  198.1.122.68     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fimg.you
blacklist:  adding  198.57.202.230   for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  198.65.102.31    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
blacklist:  adding  198.65.102.31    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
blacklist:  adding  199.48.161.70    for  requesting  '/xmlrpc.php'
blacklist:  adding  202.28.119.225   for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  203.113.115.18   for  requesting  '/scoundrels.html/wp-content/themes/sportpress/scripts/timthumb.php?src=http:/
blacklist:  adding  203.99.133.7     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fflickr.
blacklist:  adding  206.190.128.12   for  requesting  '/wp-content/themes/Avenue/timthumb.php?src=http%3A%2F%2Fwww.vdoven.co.ua%2Fim
blacklist:  adding  209.15.242.34    for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  209.15.242.34    for  requesting  '//administrator/components/com_jnews/includes/openflashchart/php-ofc-library/
blacklist:  adding  209.15.242.34    for  requesting  '//administrator/components/com_jnewsletter/includes/openflashchart/php-ofc-li
blacklist:  adding  209.15.242.34    for  requesting  '//administrator/components/com_maianmedia/utilities/charts/php-ofc-library/of
blacklist:  adding  2.109.213.146    for  requesting  '/wp-content/themes/telegraph/scripts/timthumb.php?src=http%3A%2F%2Fdomkapa.pt
blacklist:  adding  212.227.96.227   for  requesting  '/scoundrels.html//wp-content/themes/Avenue/timthumb.php?src=http://picasa.com
blacklist:  adding  212.42.63.227    for  requesting  '/wp-content/themes/sportpress/scripts/timthumb.php?src=http%3A%2F%2Fpicasa.co
blacklist:  adding  213.239.214.14   for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  213.251.182.12   for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  216.117.129.23   for  requesting  '//xmlrpc.php'
blacklist:  adding  217.26.145.200   for  requesting  '/wp-content/themes/cadabrapress/scripts/timthumb.php?src=http://www.sakura-ku
blacklist:  adding  217.26.145.205   for  requesting  '/scoundrels.html/wp-content/themes/sportpress/scripts/timthumb.php?src=http%3
blacklist:  adding  218.145.31.208   for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  37.187.73.89     for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  37.59.213.11     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fpicasa.
blacklist:  adding  42.112.25.90     for  requesting  '//admin_area/charts/php-ofc-library/ofc_upload_image.php?name=vito.php'
blacklist:  adding  50.116.47.66     for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fimg.you
blacklist:  adding  50.30.43.136     for  requesting  '//components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_ima
blacklist:  adding  50.97.138.112    for  requesting  '//wp-content/plugins/wp-slimstat-ex/lib/ofc//php-ofc-library/ofc_upload_image
blacklist:  adding  5.135.214.33     for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  5.39.19.170      for  requesting  '/scoundrels.html//administrator/components/com_jinc/classes/graphics/php-ofc-
blacklist:  adding  5.39.44.184      for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  5.39.44.184      for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  62.48.127.14     for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
blacklist:  adding  69.36.94.214     for  requesting  '//administrator/components/com_acymailing/inc/openflash/php-ofc-library/ofc_u
blacklist:  adding  72.46.132.178    for  requesting  '/xmlrpc.php'
blacklist:  adding  74.15.163.71     for  requesting  '//administrator/components/com_civicrm/civicrm/packages/OpenFlashChart/php-of
blacklist:  adding  78.46.73.197     for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  82.150.140.20    for  requesting  '/scoundrels.html//components/com_jnews/includes/openflashchart/php-ofc-librar
blacklist:  adding  83.223.111.224   for  requesting  '/wp-content/themes/sportpress/scripts/timthumb.php?src=http%3A%2F%2Fpicasa.co
blacklist:  adding  86.109.121.2     for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  91.121.134.152   for  requesting  '//administrator/components/com_jinc/classes/graphics/php-ofc-library/ofc_uplo
blacklist:  adding  91.121.156.153   for  requesting  '/wp-content/themes/cadabrapress/scripts/timthumb.php?src=http%3A%2F%2Fflickr.
blacklist:  adding  91.151.178.109   for  requesting  '/scoundrels.html/admin/categories.php/login.php'
blacklist:  adding  94.181.181.169   for  requesting  '//administrator/components/com_redmystic/chart/ofc-library/ofc_upload_image.p
blacklist:  adding  94.199.48.123    for  requesting  '/wp-content/themes/blacklabel/framework/timthumb.php?src=http%3A%2F%2Fimg.you
blacklist:  adding  94.23.247.166    for  requesting  '//wp-content/plugins/seo-watcher/ofc/php-ofc-library/ofc_upload_image.php?nam
blacklist:  adding  95.211.1.140     for  requesting  '/scoundrels.html&sa=U&ei=hED8U87jI7Cw7Aa3h4CQCg&ved=0
blacklist:  adding  96.125.184.20    for  requesting  '/components/com_jnews/includes/openflashchart/php-ofc-library/ofc_upload_imag
REFUSE     all  --  1.208.0.0/12         0.0.0.0/0           
REFUSE     all  --  27.115.0.0/17        0.0.0.0/0           
REFUSE     all  --  58.208.0.0/12        0.0.0.0/0           
REFUSE     all  --  58.248.0.0/13        0.0.0.0/0           
REFUSE     all  --  58.250.108.0/22      0.0.0.0/0           
REFUSE     all  --  59.0.0.0/8           0.0.0.0/0           
REFUSE     all  --  61.147.0.0/16        0.0.0.0/0           
REFUSE     all  --  61.174.51.192/26     0.0.0.0/0           
REFUSE     all  --  77.39.0.0/17         0.0.0.0/0           
REFUSE     all  --  87.229.111.0/24      0.0.0.0/0           
REFUSE     all  --  88.191.80.0/24       0.0.0.0/0           
REFUSE     all  --  93.114.40.0/21       0.0.0.0/0           
REFUSE     all  --  115.168.0.0/14       0.0.0.0/0           
REFUSE     all  --  116.1.0.0/16         0.0.0.0/0           
REFUSE     all  --  116.255.128.0/17     0.0.0.0/0           
REFUSE     all  --  123.31.0.0/19        0.0.0.0/0           
REFUSE     all  --  125.128.0.0/11       0.0.0.0/0           
REFUSE     all  --  180.76.0.0/16        0.0.0.0/0           
REFUSE     all  --  122.0.0.0/8          0.0.0.0/0           
REFUSE     all  --  123.138.0.0/15       0.0.0.0/0           
REFUSE     all  --  174.37.192.0/18      0.0.0.0/0           
REFUSE     all  --  182.48.0.0/18        0.0.0.0/0           
REFUSE     all  --  190.144.0.0/14       0.0.0.0/0           
REFUSE     all  --  202.117.0.0/18       0.0.0.0/0           
REFUSE     all  --  211.103.128.0/17     0.0.0.0/0           
REFUSE     all  --  217.20.169.160/27    0.0.0.0/0           
REFUSE     all  --  218.60.0.0/15        0.0.0.0/0           
REFUSE     all  --  218.0.0.0/30         0.0.0.0/0           
REFUSE     all  --  218.108.0.0/15       0.0.0.0/0           
REFUSE     all  --  219.140.0.0/16       0.0.0.0/0           
REFUSE     all  --  219.239.88.0/21      0.0.0.0/0           
REFUSE     all  --  221.0.0.0/15         0.0.0.0/0           
REFUSE     all  --  221.224.0.0/13       0.0.0.0/0           
REFUSE     all  --  222.184.0.0/13       0.0.0.0/0           
REFUSE     tcp  --  66.249.73.0/24       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  76.191.96.0/23       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  81.92.112.0/20       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  82.97.18.128/26      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  87.118.96.0/19       0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  95.32.64.0/18        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  106.10.128.0/18      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  114.32.0.0/12        0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  183.80.112.0/20      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  202.204.24.0/22      0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  203.188.200.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.229.113.0/26     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  213.240.224.0/22     0.0.0.0/0            tcp dpt:25
REFUSE     tcp  --  216.27.14.32/28      0.0.0.0/0            tcp dpt:25
REFUSE     all  --  116.8.0.0/14         0.0.0.0/0           

Last updated Wed Aug 27 06:48:02 2014 GMT