Commit Graph

408 Commits

Author SHA1 Message Date
6e234b3a1f update: 🤖 Some updates 🤖 2023-07-29 10:17:27 +02:00
54dabf7a56 ci: add merge and lock workflows 2023-07-29 09:16:05 +02:00
39000b32f9 update: 🤖 Some updates 🤖 2023-07-29 08:49:58 +02:00
e96769b57f Merge #2 - Update stretchoid IPs 2023-07-29 00:07:37 +02:00
433b6c3bb2 [data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5689175570
2023-07-29 00:05:58 +02:00
71f7790e32 Merge #1 - Update stretchoid IPs 2023-07-29 00:04:12 +02:00
d3c4867a13 [data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5679982559
2023-07-29 00:03:22 +02:00
c0b30a2f35 update: 🤖 Some updates 🤖 2023-07-28 07:24:05 +00:00
c31fe90748 update: 🤖 Some updates 🤖 2023-07-27 14:30:42 +02:00
d23c305a9c [data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5679401046
2023-07-27 13:30:28 +02:00
4441ff2559 Fix template path 2023-07-27 13:29:20 +02:00
130636c1ad Fix installing sudo-bot 2023-07-27 12:24:30 +02:00
6c10124e63 [data] Update stretchoid IPs 2023-07-27 12:23:24 +02:00
5e532489c3 Fixup the workflow description 2023-07-27 09:47:33 +02:00
66f1b0fda1 Add sudo-bot 2023-07-27 09:45:06 +02:00
728054c00e [data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5674462727
2023-07-27 09:18:58 +02:00
b2bd424002 Improve the workflow 2023-07-27 09:15:27 +02:00
8462d84465 [data] Change the IP format for stretchoid
Ref: https://github.com/SilvrrGIT/IP-Lists/issues/85#issuecomment-1651708481
Ref: https://github.com/SilvrrGIT/IP-Lists/issues/85
2023-07-26 14:52:54 +02:00
7538bdeed3 [data] sort stretchoid data by locale C.UTF-8 2023-07-26 14:33:25 +02:00
14b153b16a [data] Update stretchoid IPs 2023-07-26 14:30:10 +02:00
5a80c3b268 [data] Update CloudFront IPs 2023-07-26 14:05:50 +02:00
91060878a6 Sort AWS CloudFront IPs 2023-07-26 14:01:49 +02:00
99ef798e0c Also build AWS CloudFront 2023-07-26 13:58:19 +02:00
8b4861045a Add more data 2023-07-26 13:57:10 +02:00
f0b1047ee1 Add a workflow to build lists 2023-07-26 13:56:11 +02:00
a52122dc72 Data update 2023-07-26 13:55:56 +02:00
d364be38df Data update 2023-07-25 23:17:30 +02:00
111fda859d Add a list of bad IPs for stretchoid 2023-07-25 18:32:01 +02:00
6ae56c939b Add more data for stretchoid 2023-07-25 18:19:27 +02:00
f6e374d11e Upload diff from 1 to 2 2023-07-24 15:46:07 +02:00
3c888ac794 Add more stretchoid analysis 2023-07-24 15:42:18 +02:00
5c6fdd91d4 Add a better reverse result 2023-07-24 02:08:07 +02:00
b43bddd5d7 Add stretchoid analysis 2023-07-23 20:45:16 +02:00
4dd9025fb8 Add censys scanner
Ref: https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection
2023-07-23 12:54:04 +02:00
c3ae00f037 Add more bad IPs
IP(50): 141.98.11.53 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(51): 141.98.10.132 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(72): 154.127.53.41 - 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(78): 85.215.94.1 - 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224
IP(90): 45.146.55.231 - 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0
IP(126): 185.241.208.53 - 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116
IP(132): 189.177.186.233 - 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(138): 218.85.202.248 - 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(150): 103.139.45.73 - 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(460): 20.78.36.222 - 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(556): 201.103.117.233 - 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(1703): 141.98.10.150 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(5136): 80.94.95.206 - 80.94.95.0 - 80.94.95.255 : BT-HOSTER

NET(1): 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["20.78.36.222"]
NET(1): 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0 -> ["45.146.55.231"]
NET(1): 80.94.95.0 - 80.94.95.255 : BT-HOSTER -> ["80.94.95.206"]
NET(1): 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224 -> ["85.215.94.1"]
NET(1): 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["103.139.45.73"]
NET(1): 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["154.127.53.41"]
NET(1): 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116 -> ["185.241.208.53"]
NET(1): 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["189.177.186.233"]
NET(1): 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["201.103.117.233"]
NET(1): 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["218.85.202.248"]
NET(3): 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110 -> ["141.98.11.53","141.98.10.132","141.98.10.150"]
2023-07-15 15:38:46 +02:00
8f5389e71a Add docs 2023-07-15 15:38:15 +02:00
c9b83784d7 Add IPv6 addresses for CloudFront 2023-06-23 18:58:45 +02:00
bfd1be4a73 use the global amazon endpoint and add more IPv4 for CloudFront 2023-06-23 18:57:14 +02:00
7bcf89346c Remove crowdsec IP list
Ref: 39d1895653
2023-06-23 18:34:07 +02:00
1d3525e300 Add cloudfront IP ranges 2023-06-23 18:33:43 +02:00
39d1895653 [temp] Update crowdsec list for microtik 2023-02-21 18:47:41 +01:00
900efe9ca8 [temp] Update crowdsec list for microtik 2023-02-21 14:20:28 +01:00
31e290a228 [temp] Add crowdsec list for microtik 2023-02-21 13:25:55 +01:00
eea32de73a Add more bad IPs 2022-12-09 23:45:03 +01:00
27dfddaef0 Add new bad IPs from crowdsec alerts list for emails 2022-11-21 21:40:30 +01:00
984627f4c6 Add more hacking emails IPs 2022-11-12 19:08:57 +01:00
c73ab8e070 Add more attacking IPs
Most for postfix attacks majority are postscreen-rbl
2022-11-12 18:56:37 +01:00
bf18ac538f Remove duplicates 2022-11-07 15:02:10 +01:00
c2e40487df Add more bad IPs that did more than 10 attacks found in my logs
IP(11): 94.46.179.75
IP(14): 5.34.207.243
IP(20): 60.167.113.234
IP(20): 114.102.34.118
IP(20): 114.99.130.40
IP(20): 212.192.219.146
IP(20): 223.240.209.152
IP(21): 60.167.53.218
IP(21): 117.64.225.169
IP(21): 117.68.193.203
IP(21): 185.225.73.88
IP(31): 81.161.229.108
IP(31): 185.128.27.106
IP(42): 94.46.179.80
IP(43): 34.64.224.143
IP(57): 2.58.46.138
IP(69): 77.81.139.90
IP(72): 20.125.124.9
IP(72): 143.198.18.3
IP(76): 5.253.204.58
IP(82): 156.96.119.125
IP(90): 20.41.119.26
IP(110): 5.34.207.171
IP(112): 5.34.207.157
IP(113): 5.34.207.187
IP(119): 93.177.75.74
IP(136): 176.111.173.26
IP(150): 185.104.186.2
IP(194): 5.34.207.248
IP(383): 5.34.207.242
IP(386): 5.34.207.237
IP(388): 5.34.207.234
IP(423): 52.165.31.20
IP(503): 45.95.243.8
IP(557): 194.165.16.67
IP(588): 103.153.79.225
IP(614): 5.34.207.152
IP(1775): 141.98.11.17
IP(2120): 141.98.10.194
IP(2455): 141.98.10.108
IP(2467): 141.98.10.81
IP(2485): 91.224.92.110
IP(2505): 141.98.11.37
IP(2554): 45.125.65.37
IP(2701): 141.98.11.112
IP(2702): 141.98.10.84
IP(2727): 45.125.66.22
IP(2741): 45.125.65.159
IP(2767): 141.98.11.119
IP(2798): 141.98.11.81
IP(2798): 141.98.11.74
IP(2812): 141.98.10.24
IP(2816): 45.125.66.24
IP(2816): 141.98.11.113
IP(2818): 45.125.66.55
IP(2830): 141.98.11.51
IP(2848): 141.98.10.27
IP(2860): 141.98.10.70
IP(2869): 141.98.11.75
IP(2878): 141.98.10.203
IP(2899): 141.98.11.19
IP(2902): 141.98.10.217
IP(2908): 141.98.11.95
IP(2959): 141.98.10.82
IP(8585): 5.34.207.172
IP(9417): 5.34.207.116
IP(10728): 5.34.207.48
IP(11617): 87.246.7.75
IP(54742): 5.34.207.225
2022-11-07 14:56:50 +01:00
72324ebe39 Add more bad IPs:
Reasons:
212.70.149.71
EMAIL SPAM
45.141.101.215
EMAIL SPAM [RU]
212.70.149.72
EMAIL SPAM [GB]
23.94.218.159
EMAIL SPAM [USA]
5.34.207.225
EMAIL AUTH HACKS
103.153.79.225
EMAIL AUTH HACKS [Vietnam]
5.34.207.48
EMAIL AUTH HACKS
87.246.7.75
EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
87.246.7.75
HIGH EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
114.102.34.118
EMAIL AUTH HACKS [CN]
103.153.79.225
EMAIL AUTH HACKS
194.165.16.67
EMAIL AUTH HACKS
45.95.243.8
EMAIL AUTH HACKS
52.165.31.20
EMAIL AUTH HACKS
185.104.186.2
EMAIL AUTH HACKS
176.111.173.26
EMAIL AUTH HACKS
93.177.75.74
EMAIL AUTH HACKS
176.59.7.53
WTF ??
217.66.157.45
Strange port scans
209.142.101.67
Strange try to access port 17843
2.185.78.229
Strange port scans
20.29.94.192
EMAIL AUTH HACKS
2022-11-07 14:47:44 +01:00