Scoundrels

D --> f001ish attempts at misuse of resources

D --> fail2ban

140	[sshd]  106.51.78.188
111	[sshd]  181.123.177.204
101	[sshd]  85.172.107.10
99	[sshd]  190.96.49.189
99	[sshd]  189.51.120.98
78	[sshd]  45.224.126.168
76	[sshd]  1.34.107.92
65	[sshd]  202.131.227.60
61	[sshd]  132.248.52.241
57	[sshd]  190.128.241.2
53	[sshd]  187.190.235.89
50	[sshd]  187.44.106.12
50	[sshd]  175.182.91.104
46	[sshd]  190.187.104.146
45	[sshd]  121.166.225.22
... list truncated...

D --> via http

3 requests from 118.89.103.173 2 requests from 77.247.109.40 2 requests from 103.92.104.66 1 requests from 121.57.225.140 1 requests from 178.128.242.123 1 requests from 66.249.79.221 1 requests from 63.247.65.162 1 requests from 66.249.79.50 1 requests from 149.56.123.177 1 requests from 209.17.96.130 1 requests from 118.24.180.167 1 requests from 60.191.38.77 1 requests from 210.75.207.91 1 requests from 178.18.140.106 1 requests from 66.240.192.138 ... 20 items truncated ...

13 requests for / 8 requests for /wp-login.php 2 requests for /TP/public/index.php 2 requests for /Admin1680a7c7/Login.php 2 requests for /TP/index.php 1 requests for www.ipip.net:443 1 requests for //admin/config.php... 1 requests for /config.php 1 requests for cn.bing.com:443 1 requests for /thinkphp/html/public/index.php 1 requests for www.baidu.com:443 1 requests for http://5.188.210.101/echo.php 1 requests for /admin/config.php 1 requests for /login.action 1 requests for /xmlrpc.php... ... 2 items truncated ...

D --> via ssh

52 attempts from  106.51.64.0/19 51 attempts from  31.210.208.0/21 49 attempts from  181.56.69.0/24 46 attempts from  101.231.0.0/16 42 attempts from  175.208.0.0/13 41 attempts from  181.123.176.0/22 37 attempts from  190.96.32.0/19 37 attempts from  189.51.112.0/20 35 attempts from  85.172.96.0/20 28 attempts from  107.173.70.0/23 28 attempts from  1.34.0.0/16 27 attempts from  45.224.126.0/24 24 attempts from  202.131.224.0/19 23 attempts from  46.105.0.0/16 22 attempts from  190.128.192.0/18 22 attempts from  132.248.0.0/17 20 attempts from  187.190.235.0/24 19 attempts from  187.44.96.0/20 18 attempts from  190.187.96.0/20 18 attempts from  175.182.64.0/18 ... 71 items truncated ...

315 attempts on root 82 attempts on admin 46 attempts on test 34 attempts on pi 26 attempts on oracle 25 attempts on ubuntu 24 attempts on mysql 22 attempts on backup 17 attempts on server 17 attempts on guest 12 attempts on user 11 attempts on ftpuser 7 attempts on www 7 attempts on webmaster 7 attempts on lp 6 attempts on uucp 6 attempts on mail 6 attempts on 22 5 attempts on postgres 5 attempts on ftp ... 64 items truncated ..

D --> via smtp

4 attempts from  195.208.130.126 4 attempts from  87.126.232.8

20 of Recipient address rejected: Warcraft Realms sold this address to spammers 5 of Sender address rejected: Domain not found 4 of Client host rejected: Access denied

D --> blacklisted

Blacklisted by hand
pkts	bytes	target	prot	source
0	0	REFUSE	all	5.188.62.0/24
0	0	REFUSE	all	5.188.62.0/24
428	25012	REFUSE	all	49.64.0.0/11
8	480	REFUSE	all	185.86.164.0/24
4783	287K	REFUSE	tcp	222.184.0.0/13
Auto-blacklisted by triggering a trap
pkts	bytes	target	prot	source
8	344	REFUSE	all	5.61.250.112
0	0	REFUSE	all	5.101.156.59
3	180	REFUSE	all	5.196.12.2
0	0	REFUSE	all	23.228.90.14
0	0	REFUSE	all	23.247.81.45
0	0	REFUSE	all	34.69.21.55
0	0	REFUSE	all	34.212.247.190
0	0	REFUSE	all	34.251.241.226
0	0	REFUSE	all	35.188.202.199
0	0	REFUSE	all	35.224.155.4
0	0	REFUSE	all	35.226.142.96
0	0	REFUSE	all	35.232.14.255
0	0	REFUSE	all	35.240.189.61
3	180	REFUSE	all	36.89.39.193
0	0	REFUSE	all	37.59.60.115
0	0	REFUSE	all	37.187.143.98
0	0	REFUSE	all	39.98.127.242
713	36396	REFUSE	all	42.202.134.6
0	0	REFUSE	all	43.252.229.59
0	0	REFUSE	all	43.252.231.162
0	0	REFUSE	all	45.40.135.73
0	0	REFUSE	all	45.40.156.12
0	0	REFUSE	all	45.64.113.64
0	0	REFUSE	all	46.118.152.141
0	0	REFUSE	all	46.182.222.10
0	0	REFUSE	all	47.92.161.232
10	500	REFUSE	all	47.92.246.20
0	0	REFUSE	all	49.234.81.16
9	360	REFUSE	all	49.235.173.198
0	0	REFUSE	all	50.28.49.55
0	0	REFUSE	all	51.68.11.223
0	0	REFUSE	all	51.83.234.51
0	0	REFUSE	all	52.161.29.98
0	0	REFUSE	all	59.42.121.198
0	0	REFUSE	all	59.173.8.178
24	1216	REFUSE	all	66.235.169.51
0	0	REFUSE	all	69.163.224.106
0	0	REFUSE	all	74.208.57.19
11	1092	REFUSE	all	74.208.57.143
0	0	REFUSE	all	74.208.58.57
0	0	REFUSE	all	79.137.13.241
0	0	REFUSE	all	79.170.40.37
0	0	REFUSE	all	79.170.40.244
0	0	REFUSE	all	81.88.48.113
11	1090	REFUSE	all	82.165.80.54
0	0	REFUSE	all	82.165.80.241
11	1090	REFUSE	all	82.165.82.69
0	0	REFUSE	all	82.165.86.88
0	0	REFUSE	all	82.165.86.200
0	0	REFUSE	all	82.223.111.102
0	0	REFUSE	all	85.166.233.254
6	304	REFUSE	all	85.204.246.240
0	0	REFUSE	all	86.96.82.147
0	0	REFUSE	all	89.35.39.60
6	304	REFUSE	all	89.35.39.180
0	0	REFUSE	all	89.46.90.250
3	180	REFUSE	all	89.216.124.253
8	344	REFUSE	all	89.252.155.197
3	180	REFUSE	all	91.208.99.2
0	0	REFUSE	all	91.223.69.6
0	0	REFUSE	all	97.74.24.103
0	0	REFUSE	all	101.200.184.110
0	0	REFUSE	all	103.18.109.163
6	252	REFUSE	all	103.30.41.18
0	0	REFUSE	all	103.70.190.126
0	0	REFUSE	all	103.81.85.21
0	0	REFUSE	all	103.82.235.10
0	0	REFUSE	all	106.13.39.23
0	0	REFUSE	all	106.13.131.4
0	0	REFUSE	all	107.170.255.48
559	29032	REFUSE	all	111.26.185.208
0	0	REFUSE	all	111.181.70.10
0	0	REFUSE	all	111.230.248.96
0	0	REFUSE	all	114.215.142.49
0	0	REFUSE	all	118.24.63.246
8	320	REFUSE	all	118.24.180.167
0	0	REFUSE	all	118.67.244.17
23	1970	REFUSE	all	118.89.103.173
0	0	REFUSE	all	118.126.64.85
672	34096	REFUSE	all	119.28.104.104
0	0	REFUSE	all	119.59.125.140
0	0	REFUSE	all	119.145.148.219
3	120	REFUSE	all	120.24.190.242
6	240	REFUSE	all	120.27.35.11
0	0	REFUSE	all	121.42.54.54
8	344	REFUSE	all	121.57.224.205
9	384	REFUSE	all	121.57.225.140
0	0	REFUSE	all	121.127.246.53
0	0	REFUSE	all	122.51.186.177
12	720	REFUSE	all	123.31.43.173
0	0	REFUSE	all	123.206.226.149
0	0	REFUSE	all	129.28.138.4
8	344	REFUSE	all	129.121.177.200
0	0	REFUSE	all	132.148.104.162
0	0	REFUSE	all	132.148.104.163
571	29036	REFUSE	all	134.175.45.222
0	0	REFUSE	all	139.59.59.75
0	0	REFUSE	all	139.59.89.178
11	464	REFUSE	all	139.59.164.196
8	320	REFUSE	all	139.155.9.4
0	0	REFUSE	all	140.143.90.193
0	0	REFUSE	all	142.4.1.222
0	0	REFUSE	all	142.4.209.40
11	464	REFUSE	all	142.44.240.254
0	0	REFUSE	all	144.76.21.165
0	0	REFUSE	all	144.202.114.148
0	0	REFUSE	all	148.70.252.15
52	2624	REFUSE	all	149.56.123.177
0	0	REFUSE	all	149.255.58.51
0	0	REFUSE	all	149.255.62.89
0	0	REFUSE	all	150.95.8.196
0	0	REFUSE	all	150.109.69.201
0	0	REFUSE	all	154.221.20.190
0	0	REFUSE	all	159.65.95.16
0	0	REFUSE	all	160.16.105.24
0	0	REFUSE	all	162.144.141.141
3	180	REFUSE	all	162.214.14.226
0	0	REFUSE	all	166.62.117.102
0	0	REFUSE	all	167.71.46.162
54	3327	REFUSE	all	167.114.210.127
0	0	REFUSE	all	169.1.85.17
0	0	REFUSE	all	173.44.35.55
2	104	REFUSE	all	173.201.196.97
0	0	REFUSE	all	173.254.56.27
9	384	REFUSE	all	175.184.165.47
8	344	REFUSE	all	178.18.140.106
0	0	REFUSE	all	178.128.72.117
9	384	REFUSE	all	178.128.242.123
0	0	REFUSE	all	178.156.202.83
8	384	REFUSE	all	184.168.27.33
0	0	REFUSE	all	184.168.152.183
0	0	REFUSE	all	184.168.193.97
0	0	REFUSE	all	184.168.193.153
0	0	REFUSE	all	184.168.193.218
0	0	REFUSE	all	185.2.4.27
11	1092	REFUSE	all	185.26.156.52
31	1496	REFUSE	all	185.81.157.236
11	560	REFUSE	all	185.85.212.170
0	0	REFUSE	all	185.180.198.27
8	896	REFUSE	all	185.216.116.31
0	0	REFUSE	all	185.222.57.237
6	304	REFUSE	all	188.213.49.210
6	304	REFUSE	all	188.213.49.221
0	0	REFUSE	all	188.240.208.26
6	360	REFUSE	all	192.99.47.10
0	0	REFUSE	all	192.99.200.69
3	180	REFUSE	all	192.163.252.198
4	240	REFUSE	all	193.112.152.22
36	1824	REFUSE	all	194.61.24.29
0	0	REFUSE	all	198.71.236.17
1	60	REFUSE	all	204.152.252.35
0	0	REFUSE	all	208.64.137.231
0	0	REFUSE	all	208.113.171.103
0	0	REFUSE	all	209.251.180.190
13	688	REFUSE	all	210.75.207.91
0	0	REFUSE	all	211.13.204.1
26	1308	REFUSE	all	211.149.241.198
0	0	REFUSE	all	212.64.83.74
0	0	REFUSE	all	216.218.189.80
2	104	REFUSE	all	217.73.131.5
0	0	REFUSE	all	217.160.78.171
13	640	REFUSE	all	220.248.165.19
7	280	REFUSE	all	222.87.198.6