Home >

Scoundrels

D --> f001ish attempts at misuse of resources

D --> fail2ban e%ecutions

25	[wordpress-login] 141.98.81.38
2	[sshd] 152.89.196.55
1	[badurls] 203.33.207.24
1	[badurls] 202.60.10.185
1	[badurls] 198.199.105.190
1	[badurls] 192.241.237.21
1	[badurls] 192.241.227.9
1	[badurls] 192.241.213.77
1	[badurls] 192.241.206.81
1	[badurls] 188.171.35.7
1	[badurls] 181.117.240.43
1	[badurls] 170.17.138.105
1	[wordpress-login] 167.172.34.136
1	[badurls] 162.243.146.29
1	[badurls] 162.243.143.25
... 19 Items Truncated...

D --> via http

96 requests from	45.61.185.37
51 requests from	103.150.227.10
44 requests from	54.36.189.152
44 requests from	50.7.218.146
44 requests from	13.71.84.20
44 requests from	181.117.240.43
27 requests from	103.147.32.184
25 requests from	59.106.220.244
21 requests from	5.196.168.201
11 requests from	5.253.27.252
10 requests from	43.156.205.162
8 requests from	35.201.139.237
8 requests from	203.33.207.24
7 requests from	106.52.142.198
7 requests from	170.17.138.105
... 307 items truncated ...

77 requests for	/
17 requests for	/t4
13 requests for	http://199.167.128.22:80/phpMyAdmin/scripts/setup.php
12 requests for	http://199.167.128.22:80/phpmyadmin/scripts/setup.php
12 requests for	/upl.php
11 requests for	/.env
10 requests for	http://199.167.128.22:80/mysql/scripts/setup.php
10 requests for	/shell...
10 requests for	http://199.167.128.22:80/phpMyAdmin-2.10.3/scripts/setup.php
10 requests for	http://199.167.128.22:80/phpMyAdmin-2.10.0.2/scripts/setup.php
9 requests for	http://199.167.128.22:80/phpMyAdmin-2.11.7/scripts/setup.php
9 requests for	http://199.167.128.22:80/pma/scripts/setup.php
9 requests for	http://199.167.128.22:80/MyAdmin/scripts/setup.php
9 requests for	http://199.167.128.22:80/phpMyAdmin-2.5.4/scripts/setup.php
9 requests for	http://199.167.128.22:80/phpMyAdmin2/scripts/setup.php
... 336 items truncated ...

D --> via ssh

42	attempts from 31.41.244.0/24
41	attempts from 62.233.50.0/24
9	attempts from 152.89.196.0/24

10	attempts on user
10	attempts on root
8	attempts on ubnt
5	attempts on hacluster
4	attempts on monitor
4	attempts on admin
2	attempts on testuser
2	attempts on tester
2	attempts on test
2	attempts on sysadmin
2	attempts on super
2	attempts on store
2	attempts on spravce
2	attempts on shipping
2	attempts on sftptest
2	attempts on samba
2	attempts on roberto
2	attempts on richard
2	attempts on redmine
2	attempts on reception
... 11 items truncated ..

D --> via smtp

D --> blacklisted

Blacklisted by hand
pkts	bytes	target	prot	source
2	80	REFUSE	all	5.188.206.0/24
42	1680	REFUSE	all	49.64.0.0/11
6	240	REFUSE	all	61.177.0.0/16
1476	59040	REFUSE	all	78.128.113.0/24
254	11796	REFUSE	all	162.142.125.0/24
190	8770	REFUSE	all	167.94.138.0/24
106	4664	REFUSE	all	167.94.145.0/24
92	4048	REFUSE	all	167.94.146.0/24
197	8779	REFUSE	all	167.248.133.0/24
136	8514	REFUSE	all	180.96.0.0/11
193	11580	REFUSE	all	185.119.81.0/24
60	3069	REFUSE	all	198.235.24.0/24
2	120	REFUSE	all	218.93.0.0/16
75	4802	REFUSE	all	221.224.0.0/13

Auto-blacklisted by triggering a trap
pkts	bytes	target	prot	source
0	0	REFUSE	all	1.9.118.57
0	0	REFUSE	all	3.0.17.176
0	0	REFUSE	all	3.12.71.221
0	0	REFUSE	all	3.70.222.50
0	0	REFUSE	all	3.72.74.40
0	0	REFUSE	all	3.81.170.156
0	0	REFUSE	all	3.85.226.109
0	0	REFUSE	all	3.95.250.83
0	0	REFUSE	all	3.111.86.202
0	0	REFUSE	all	3.239.84.139
0	0	REFUSE	all	5.135.178.33
0	0	REFUSE	all	5.161.150.214
0	0	REFUSE	all	5.161.192.126
0	0	REFUSE	all	5.196.168.201
0	0	REFUSE	all	5.253.27.252
0	0	REFUSE	all	8.131.70.17
0	0	REFUSE	all	8.218.55.107
0	0	REFUSE	all	13.71.84.20
0	0	REFUSE	all	13.92.232.23
0	0	REFUSE	all	18.212.111.160
0	0	REFUSE	all	20.109.101.102
0	0	REFUSE	all	20.232.170.228
0	0	REFUSE	all	23.137.251.61
1	60	REFUSE	all	23.251.102.74
0	0	REFUSE	all	34.121.171.26
0	0	REFUSE	all	35.201.139.237
1	40	REFUSE	all	35.216.169.119
0	0	REFUSE	all	35.216.190.48
1	40	REFUSE	all	35.216.216.40
0	0	REFUSE	all	35.225.94.95
0	0	REFUSE	all	36.139.63.59
7	280	REFUSE	all	37.44.238.97
0	0	REFUSE	all	37.44.238.151
0	0	REFUSE	all	37.44.238.222
0	0	REFUSE	all	37.49.229.52
0	0	REFUSE	all	39.86.142.212
0	0	REFUSE	all	39.101.185.186
0	0	REFUSE	all	40.88.131.222
0	0	REFUSE	all	41.216.188.92
0	0	REFUSE	all	42.117.2.213
0	0	REFUSE	all	43.128.108.240
0	0	REFUSE	all	43.129.246.148
0	0	REFUSE	all	43.156.205.162
0	0	REFUSE	all	45.61.187.252
0	0	REFUSE	all	45.79.157.175
4	160	REFUSE	all	45.81.243.34
0	0	REFUSE	all	45.82.122.102
0	0	REFUSE	all	45.95.55.150
2	80	REFUSE	all	45.128.232.112
1	40	REFUSE	all	45.128.232.149
0	0	REFUSE	all	45.138.16.52
0	0	REFUSE	all	45.138.16.150
0	0	REFUSE	all	47.108.75.213
0	0	REFUSE	all	49.233.9.52
0	0	REFUSE	all	50.7.218.146
0	0	REFUSE	all	50.19.23.190
0	0	REFUSE	all	50.31.21.8
0	0	REFUSE	all	52.162.218.19
0	0	REFUSE	all	54.36.189.152
0	0	REFUSE	all	54.146.249.205
0	0	REFUSE	all	54.168.194.112
0	0	REFUSE	all	54.180.81.37
0	0	REFUSE	all	58.18.38.131
0	0	REFUSE	all	58.124.208.10
0	0	REFUSE	all	59.89.229.92
0	0	REFUSE	all	59.106.220.244
0	0	REFUSE	all	61.216.43.181
0	0	REFUSE	all	64.227.30.80
0	0	REFUSE	all	65.108.211.7
0	0	REFUSE	all	65.109.162.123
0	0	REFUSE	all	65.109.171.109
3	132	REFUSE	all	67.168.193.129
0	0	REFUSE	all	67.202.31.53
0	0	REFUSE	all	67.222.131.158
0	0	REFUSE	all	69.75.133.122
0	0	REFUSE	all	74.207.237.46
0	0	REFUSE	all	78.135.89.10
3	156	REFUSE	all	78.142.18.92
6	312	REFUSE	all	79.124.8.3
0	0	REFUSE	all	79.124.58.130
0	0	REFUSE	all	79.153.113.221
0	0	REFUSE	all	80.76.51.29
0	0	REFUSE	all	81.19.135.24
0	0	REFUSE	all	83.150.215.90
0	0	REFUSE	all	85.31.46.157
0	0	REFUSE	all	89.117.113.198
42	1680	REFUSE	all	89.248.165.52
2	120	REFUSE	all	92.118.39.108
0	0	REFUSE	all	92.118.39.109
0	0	REFUSE	all	92.204.139.118
0	0	REFUSE	all	92.205.25.182
0	0	REFUSE	all	93.158.90.136
0	0	REFUSE	all	93.158.90.137
0	0	REFUSE	all	93.158.90.143
0	0	REFUSE	all	93.158.90.161
0	0	REFUSE	all	94.142.51.44
0	0	REFUSE	all	94.195.114.228
0	0	REFUSE	all	95.214.27.107
0	0	REFUSE	all	101.34.223.139
0	0	REFUSE	all	101.99.90.175
0	0	REFUSE	all	103.35.64.73
0	0	REFUSE	all	103.74.120.192
0	0	REFUSE	all	103.92.27.198
0	0	REFUSE	all	103.144.247.252
0	0	REFUSE	all	103.147.32.184
0	0	REFUSE	all	103.150.227.10
0	0	REFUSE	all	103.152.164.103
0	0	REFUSE	all	103.171.181.149
0	0	REFUSE	all	104.129.63.114
0	0	REFUSE	all	104.218.49.211
0	0	REFUSE	all	104.237.158.24
0	0	REFUSE	all	106.52.142.198
1	60	REFUSE	all	106.255.253.178
0	0	REFUSE	all	107.170.192.16
0	0	REFUSE	all	107.170.242.13
0	0	REFUSE	all	107.170.252.8
5	212	REFUSE	all	108.162.28.6
0	0	REFUSE	all	108.170.55.202
0	0	REFUSE	all	109.70.100.5
0	0	REFUSE	all	111.90.145.188
0	0	REFUSE	all	111.90.150.28
0	0	REFUSE	all	111.90.150.36
0	0	REFUSE	all	111.90.150.171
0	0	REFUSE	all	114.30.223.119
0	0	REFUSE	all	116.62.155.4
0	0	REFUSE	all	117.212.170.245
0	0	REFUSE	all	117.252.220.21
0	0	REFUSE	all	118.70.177.135
0	0	REFUSE	all	118.193.72.169
0	0	REFUSE	all	122.194.11.95
0	0	REFUSE	all	125.32.155.14
0	0	REFUSE	all	125.212.241.69
0	0	REFUSE	all	128.1.248.26
0	0	REFUSE	all	128.1.248.42
0	0	REFUSE	all	128.14.133.58
0	0	REFUSE	all	128.14.134.170
2	80	REFUSE	all	128.14.209.162
0	0	REFUSE	all	128.199.118.28
0	0	REFUSE	all	129.213.127.118
0	0	REFUSE	all	135.134.173.73
0	0	REFUSE	all	138.68.163.10
0	0	REFUSE	all	139.59.254.35
0	0	REFUSE	all	139.144.96.150
0	0	REFUSE	all	139.144.150.45
0	0	REFUSE	all	139.144.150.205
0	0	REFUSE	all	140.238.69.139
0	0	REFUSE	all	142.4.22.16
0	0	REFUSE	all	142.44.243.214
0	0	REFUSE	all	144.126.198.24
0	0	REFUSE	all	144.217.6.125
0	0	REFUSE	all	145.239.157.190
0	0	REFUSE	all	146.190.64.200
0	0	REFUSE	all	146.190.93.89
6	360	REFUSE	all	147.78.47.249
0	0	REFUSE	all	148.72.211.24
0	0	REFUSE	all	148.72.211.177
1	60	REFUSE	all	148.72.244.186
0	0	REFUSE	all	148.72.244.254
0	0	REFUSE	all	150.95.112.79
0	0	REFUSE	all	150.230.247.143
0	0	REFUSE	all	151.106.35.235
30	1800	REFUSE	all	152.89.196.54
0	0	REFUSE	all	157.90.227.150
8	332	REFUSE	all	157.245.87.17
0	0	REFUSE	all	158.69.23.79
0	0	REFUSE	all	161.35.155.246
0	0	REFUSE	all	162.221.192.26
0	0	REFUSE	all	162.241.120.248
0	0	REFUSE	all	162.241.152.79
0	0	REFUSE	all	162.243.136.25
0	0	REFUSE	all	164.92.175.238
0	0	REFUSE	all	167.99.54.31
0	0	REFUSE	all	170.17.138.105
0	0	REFUSE	all	170.83.252.153
1	60	REFUSE	all	171.244.21.74
0	0	REFUSE	all	172.89.118.55
0	0	REFUSE	all	172.104.81.115
0	0	REFUSE	all	172.104.193.44
179	10985	REFUSE	all	172.105.18.94
0	0	REFUSE	all	173.82.78.214
0	0	REFUSE	all	177.203.153.25
0	0	REFUSE	all	178.18.254.87
3	120	REFUSE	all	179.43.154.248
18	866	REFUSE	all	179.43.177.242
0	0	REFUSE	all	179.43.190.234
0	0	REFUSE	all	180.179.198.180
0	0	REFUSE	all	180.228.160.196
0	0	REFUSE	all	181.117.240.43
0	0	REFUSE	all	182.120.139.249
0	0	REFUSE	all	185.176.222.37
0	0	REFUSE	all	185.183.122.143
0	0	REFUSE	all	185.190.24.90
0	0	REFUSE	all	185.220.100.252
20	1040	REFUSE	all	185.241.208.40
0	0	REFUSE	all	188.171.35.7
0	0	REFUSE	all	190.92.159.48
0	0	REFUSE	all	190.145.68.131
0	0	REFUSE	all	190.211.252.122
0	0	REFUSE	all	192.46.224.95
0	0	REFUSE	all	192.53.166.16
0	0	REFUSE	all	192.64.113.147
0	0	REFUSE	all	192.185.4.142
0	0	REFUSE	all	192.241.201.18
0	0	REFUSE	all	193.32.162.158
10	400	REFUSE	all	193.35.18.216
2	120	REFUSE	all	193.118.53.194
0	0	REFUSE	all	193.118.53.210
51	2584	REFUSE	all	193.142.146.226
0	0	REFUSE	all	193.142.147.68
0	0	REFUSE	all	193.151.146.61
0	0	REFUSE	all	193.169.254.188
0	0	REFUSE	all	193.202.110.29
0	0	REFUSE	all	194.87.151.73
0	0	REFUSE	all	194.87.151.116
0	0	REFUSE	all	194.169.175.26
1	40	REFUSE	all	195.178.120.44
2	80	REFUSE	all	198.199.92.121
0	0	REFUSE	all	198.199.97.240
0	0	REFUSE	all	198.199.111.75
0	0	REFUSE	all	199.167.138.128
0	0	REFUSE	all	200.150.69.11
0	0	REFUSE	all	200.205.134.87
0	0	REFUSE	all	202.60.10.185
0	0	REFUSE	all	203.33.207.24
0	0	REFUSE	all	203.124.41.171
0	0	REFUSE	all	203.212.241.119
0	0	REFUSE	all	207.154.225.47
0	0	REFUSE	all	208.100.26.230
0	0	REFUSE	all	208.109.12.159
0	0	REFUSE	all	209.17.114.78
0	0	REFUSE	all	212.224.98.109
0	0	REFUSE	all	217.76.51.188
0	0	REFUSE	all	219.93.110.225
0	0	REFUSE	all	219.157.213.210
0	0	REFUSE	all	220.132.94.174