Scoundrels

D --> f001ish attempts at misuse of resources

D --> fail2ban

73	[sshd]  45.55.225.152
35	[sshd]  187.64.1.64
18	[sshd]  92.63.194.47
18	[sshd]  51.77.231.161
16	[sshd]  74.83.164.26
14	[sshd]  171.235.82.105
13	[sshd]  116.110.117.42
12	[sshd]  183.103.35.202
12	[sshd]  183.103.35.198
12	[sshd]  121.157.82.202
12	[sshd]  47.22.135.70
11	[sshd]  59.25.197.150
9	[sshd]  46.148.21.32
8	[sshd]  220.94.205.222
8	[sshd]  218.88.164.159
... list truncated...

D --> via http

3 requests from 134.175.143.46 3 requests from 139.199.19.227 3 requests from 216.10.245.81 2 requests from 1.197.212.12 2 requests from 115.216.57.39 2 requests from 80.84.57.96 1 requests from 80.84.57.101 1 requests from 134.209.93.91 1 requests from 121.42.50.93 1 requests from 46.164.141.55 1 requests from 180.253.173.232 1 requests from 80.84.57.94 1 requests from 123.125.71.114 1 requests from 106.46.62.67 1 requests from 209.17.97.82 ... 34 items truncated ...

19 requests for / 8 requests for /wp-login.php 3 requests for /TP/public/index.php 3 requests for /TP/index.php 3 requests for /thinkphp/html/public/index.php 2 requests for /cart/ 2 requests for /index.php 2 requests for /shop/ 2 requests for /catalog/ 2 requests for /store/ 1 requests for /plus/carbuyaction.php 1 requests for /plus/bookfeedback.php 1 requests for http://5.188.210.101/echo.php 1 requests for //admin/config.php 1 requests for /1580a7c7/admin.php ... 7 items truncated ...

D --> via ssh

83 attempts from  79.10.0.0/15 75 attempts from  132.247.0.0/16 25 attempts from  45.55.192.0/18 17 attempts from  116.110.112.0/21 15 attempts from  47.20.0.0/14 15 attempts from  187.64.0.0/17 14 attempts from  92.63.194.0/24 13 attempts from  183.96.0.0/13 12 attempts from  168.232.130.0/24 11 attempts from  220.92.0.0/14 10 attempts from  175.208.0.0/13 10 attempts from  171.235.80.0/21 8 attempts from  108.176.0.0/18 7 attempts from  59.24.0.0/13 7 attempts from  51.77.0.0/16 7 attempts from  211.224.0.0/13 7 attempts from  121.152.0.0/13 6 attempts from  199.19.224.0/22 6 attempts from  119.192.0.0/13 5 attempts from  74.83.128.0/17 ... 5 items truncated ...

183 attempts on root 61 attempts on admin 32 attempts on pi 8 attempts on user 8 attempts on ubnt 6 attempts on ubuntu 4 attempts on test 4 attempts on support 3 attempts on webmaster 3 attempts on postgres 3 attempts on operator 3 attempts on nagios 3 attempts on guest 3 attempts on ftpuser 2 attempts on user1 2 attempts on ts 2 attempts on test1 2 attempts on oracle 2 attempts on logout 2 attempts on ftp1 ... 10 items truncated ..

D --> via smtp

18 attempts from  167.71.229.132 4 attempts from  223.29.193.189 4 attempts from  212.37.80.4 4 attempts from  201.17.157.75 4 attempts from  200.114.216.150 4 attempts from  200.68.140.155 4 attempts from  197.0.116.79 4 attempts from  191.125.11.226 4 attempts from  187.183.32.74 4 attempts from  178.90.224.71 4 attempts from  142.217.46.37 4 attempts from  129.45.74.95 4 attempts from  95.250.48.60 4 attempts from  95.92.244.172 4 attempts from  95.23.141.127 4 attempts from  94.62.118.37 4 attempts from  92.46.141.55 4 attempts from  91.191.1.82 4 attempts from  91.126.53.230 4 attempts from  89.115.52.76 ... 15 items truncated ..

53 of Recipient address rejected: Please see http://www.openspf.net/Why?s=mfrom 42 of Recipient address rejected: Warcraft Realms sold this address to spammers 23 of Recipient address rejected: User unknown in local recipient table 21 of Recipient address rejected: LinkedIn client list got hacked by spammers 16 of Recipient address rejected: Tumblr user list got hacked by spammers 15 of Recipient address rejected: MSPaintFanAdvenures got hacked by spammers 12 of Sender address rejected: Domain not found 9 of Recipient address rejected: OpenRaid sold this address to spammers 6 of improper command pipelining after MAIL 6 of Recipient address rejected: Improper use of SMTP command pipelining 5 of Relay access denied 4 of Recipient address rejected: ArmorGames got hacked by spammers 2 of Client host rejected: Access denied

D --> blacklisted

Blacklisted by hand
pkts	bytes	target	prot	source
165	8184	REFUSE	all	49.64.0.0/11
230	13800	REFUSE	all	193.32.160.0/24
3647	218K	REFUSE	tcp	222.184.0.0/13
Auto-blacklisted by triggering a trap
pkts	bytes	target	prot	source
0	0	REFUSE	all	5.2.77.146
12	524	REFUSE	all	5.189.187.77
6	264	REFUSE	all	13.233.249.132
0	0	REFUSE	all	13.250.226.6
0	0	REFUSE	all	31.24.33.250
25	1112	REFUSE	all	34.69.145.194
16	960	REFUSE	all	34.251.241.226
6	360	REFUSE	all	37.187.71.202
14	644	REFUSE	all	37.187.123.70
0	0	REFUSE	all	37.187.143.98
0	0	REFUSE	all	39.98.163.123
0	0	REFUSE	all	39.100.104.196
0	0	REFUSE	all	43.240.65.221
9	1236	REFUSE	all	43.252.231.204
2	80	REFUSE	all	45.40.165.15
0	0	REFUSE	all	45.40.166.153
8	344	REFUSE	all	45.40.166.166
0	0	REFUSE	all	45.40.166.168
0	0	REFUSE	all	45.84.0.61
0	0	REFUSE	all	45.141.84.18
8	344	REFUSE	all	46.182.222.10
0	0	REFUSE	all	46.246.62.176
0	0	REFUSE	all	49.232.40.104
5	212	REFUSE	all	49.235.79.16
0	0	REFUSE	all	50.62.161.49
0	0	REFUSE	all	50.63.197.36
0	0	REFUSE	all	51.15.117.50
2	104	REFUSE	all	51.68.11.207
0	0	REFUSE	all	51.68.11.211
0	0	REFUSE	all	51.68.11.223
0	0	REFUSE	all	51.68.11.231
6	304	REFUSE	all	51.68.88.232
11	464	REFUSE	all	51.75.201.142
30	1520	REFUSE	all	51.89.224.145
0	0	REFUSE	all	51.159.1.170
0	0	REFUSE	all	51.159.30.6
4	240	REFUSE	all	51.254.39.64
0	0	REFUSE	all	54.37.121.239
25	1500	REFUSE	all	54.250.87.247
0	0	REFUSE	all	61.131.78.210
0	0	REFUSE	all	74.208.56.190
0	0	REFUSE	all	74.208.56.209
11	1104	REFUSE	all	74.208.57.143
0	0	REFUSE	all	74.208.58.211
11	1102	REFUSE	all	74.208.59.62
7	344	REFUSE	all	79.129.5.107
0	0	REFUSE	all	79.170.40.37
9	416	REFUSE	all	81.67.21.152
10	424	REFUSE	all	81.88.49.11
0	0	REFUSE	all	82.165.81.63
0	0	REFUSE	all	82.165.82.69
11	1090	REFUSE	all	82.165.84.85
11	1092	REFUSE	all	82.165.85.135
11	1090	REFUSE	all	82.165.86.81
32	1816	REFUSE	all	82.212.169.135
10	424	REFUSE	all	82.220.37.26
0	0	REFUSE	all	83.167.244.178
12	608	REFUSE	all	85.204.246.240
4	240	REFUSE	all	89.22.52.17
60	3040	REFUSE	all	89.35.39.60
6	304	REFUSE	all	89.35.39.180
8	344	REFUSE	all	91.238.161.174
7	304	REFUSE	all	94.102.13.100
0	0	REFUSE	all	94.137.31.114
0	0	REFUSE	all	94.191.8.36
537	27500	REFUSE	all	94.191.28.13
0	0	REFUSE	all	94.245.60.168
2	80	REFUSE	all	95.110.227.41
11	652	REFUSE	all	96.20.234.9
0	0	REFUSE	all	103.7.43.46
2	80	REFUSE	all	103.79.177.157
0	0	REFUSE	all	103.83.36.101
0	0	REFUSE	all	103.215.81.107
0	0	REFUSE	all	104.200.134.161
7	304	REFUSE	all	104.248.147.78
0	0	REFUSE	all	106.52.186.37
0	0	REFUSE	all	109.167.231.203
0	0	REFUSE	all	112.200.224.1
0	0	REFUSE	all	113.111.83.155
496	25368	REFUSE	all	114.115.215.96
0	0	REFUSE	all	114.215.254.34
0	0	REFUSE	all	115.28.17.58
5	200	REFUSE	all	115.29.76.145
69	3476	REFUSE	all	115.226.159.181
89	4492	REFUSE	all	115.229.206.11
0	0	REFUSE	all	118.24.56.210
689	35152	REFUSE	all	118.24.72.48
3	152	REFUSE	all	118.89.139.150
66	3610	REFUSE	all	118.123.6.216
11	540	REFUSE	all	118.126.64.37
0	0	REFUSE	all	119.18.52.80
670	34168	REFUSE	all	119.28.116.223
478	24440	REFUSE	all	119.29.5.37
0	0	REFUSE	all	120.27.6.97
0	0	REFUSE	all	120.78.196.45
17	972	REFUSE	all	120.92.89.35
1	40	REFUSE	all	120.151.29.128
6	240	REFUSE	all	121.42.13.194
0	0	REFUSE	all	121.42.49.168
6	240	REFUSE	all	121.42.50.93
0	0	REFUSE	all	121.42.154.116
0	0	REFUSE	all	122.14.208.63
0	0	REFUSE	all	132.148.105.8
2	120	REFUSE	all	132.148.144.214
0	0	REFUSE	all	132.232.63.71
9	448	REFUSE	all	132.232.94.184
0	0	REFUSE	all	132.232.109.224
0	0	REFUSE	all	132.232.160.234
0	0	REFUSE	all	132.232.225.43
15	822	REFUSE	all	134.175.143.46
9	372	REFUSE	all	134.209.71.190
0	0	REFUSE	all	138.68.55.201
0	0	REFUSE	all	138.68.215.182
7	304	REFUSE	all	139.59.33.208
9	384	REFUSE	all	139.99.115.27
0	0	REFUSE	all	139.159.133.141
0	0	REFUSE	all	139.186.17.128
16	752	REFUSE	all	139.199.19.227
566	28880	REFUSE	all	139.219.142.105
0	0	REFUSE	all	140.143.16.158
7	344	REFUSE	all	143.59.232.111
522	26792	REFUSE	all	148.70.236.30
7	292	REFUSE	all	148.70.252.15
12	564	REFUSE	all	149.56.31.218
0	0	REFUSE	all	149.129.67.223
10	424	REFUSE	all	159.69.164.194
0	0	REFUSE	all	162.144.126.104
0	0	REFUSE	all	162.208.49.151
0	0	REFUSE	all	162.214.14.226
0	0	REFUSE	all	165.22.106.182
9	384	REFUSE	all	165.22.144.17
6	360	REFUSE	all	167.99.74.119
0	0	REFUSE	all	173.201.196.96
0	0	REFUSE	all	173.254.56.27
0	0	REFUSE	all	177.185.192.89
0	0	REFUSE	all	178.18.140.106
0	0	REFUSE	all	178.62.236.68
70	3536	REFUSE	all	178.137.82.147
2	88	REFUSE	all	180.253.173.232
0	0	REFUSE	all	181.46.141.46
10	444	REFUSE	all	182.38.206.54
0	0	REFUSE	all	182.50.132.108
0	0	REFUSE	all	182.61.151.91
0	0	REFUSE	all	183.111.79.212
0	0	REFUSE	all	184.168.27.33
0	0	REFUSE	all	184.168.27.196
8	344	REFUSE	all	184.168.193.98
0	0	REFUSE	all	184.168.193.151
0	0	REFUSE	all	185.17.198.18
0	0	REFUSE	all	185.26.156.52
1	60	REFUSE	all	185.31.163.237
31	2258	REFUSE	all	185.81.157.154
0	0	REFUSE	all	185.219.238.38
3	120	REFUSE	all	186.43.32.98
0	0	REFUSE	all	188.134.177.38
45	2280	REFUSE	all	188.213.49.210
6	304	REFUSE	all	188.240.208.26
0	0	REFUSE	all	191.252.51.52
0	0	REFUSE	all	192.151.218.99
0	0	REFUSE	all	192.169.243.224
10	444	REFUSE	all	192.227.77.220
0	0	REFUSE	all	193.109.46.22
18	912	REFUSE	all	194.61.24.29
0	0	REFUSE	all	198.54.125.100
1	60	REFUSE	all	198.71.230.1
0	0	REFUSE	all	198.71.236.73
0	0	REFUSE	all	198.252.105.21
5	300	REFUSE	all	199.192.22.86
1	40	REFUSE	all	201.17.26.134
11	560	REFUSE	all	201.95.77.140
3	156	REFUSE	all	203.68.182.101
7	304	REFUSE	all	204.152.252.35
0	0	REFUSE	all	205.204.76.192
0	0	REFUSE	all	210.190.168.90
22	1215	REFUSE	all	213.222.56.130
13	620	REFUSE	all	216.10.245.81
2	104	REFUSE	all	217.73.131.5
3	180	REFUSE	all	217.160.6.31
0	0	REFUSE	all	222.73.129.15
0	0	REFUSE	all	222.186.130.20
13	544	REFUSE	all	222.186.130.22
6	264	REFUSE	all	223.130.27.20