|
|
6e234b3a1f
|
update: 🤖 Some updates 🤖
|
2023-07-29 10:17:27 +02:00 |
|
|
|
54dabf7a56
|
ci: add merge and lock workflows
|
2023-07-29 09:16:05 +02:00 |
|
|
|
39000b32f9
|
update: 🤖 Some updates 🤖
|
2023-07-29 08:49:58 +02:00 |
|
|
|
e96769b57f
|
Merge #2 - Update stretchoid IPs
|
2023-07-29 00:07:37 +02:00 |
|
|
|
433b6c3bb2
|
[data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5689175570
|
2023-07-29 00:05:58 +02:00 |
|
|
|
71f7790e32
|
Merge #1 - Update stretchoid IPs
|
2023-07-29 00:04:12 +02:00 |
|
|
|
d3c4867a13
|
[data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5679982559
|
2023-07-29 00:03:22 +02:00 |
|
|
|
c0b30a2f35
|
update: 🤖 Some updates 🤖
|
2023-07-28 07:24:05 +00:00 |
|
|
|
c31fe90748
|
update: 🤖 Some updates 🤖
|
2023-07-27 14:30:42 +02:00 |
|
|
|
d23c305a9c
|
[data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5679401046
|
2023-07-27 13:30:28 +02:00 |
|
|
|
4441ff2559
|
Fix template path
|
2023-07-27 13:29:20 +02:00 |
|
|
|
130636c1ad
|
Fix installing sudo-bot
|
2023-07-27 12:24:30 +02:00 |
|
|
|
6c10124e63
|
[data] Update stretchoid IPs
|
2023-07-27 12:23:24 +02:00 |
|
|
|
5e532489c3
|
Fixup the workflow description
|
2023-07-27 09:47:33 +02:00 |
|
|
|
66f1b0fda1
|
Add sudo-bot
|
2023-07-27 09:45:06 +02:00 |
|
|
|
728054c00e
|
[data] Update stretchoid IPs
Ref: https://github.com/datacenters-network/security/actions/runs/5674462727
|
2023-07-27 09:18:58 +02:00 |
|
|
|
b2bd424002
|
Improve the workflow
|
2023-07-27 09:15:27 +02:00 |
|
|
|
8462d84465
|
[data] Change the IP format for stretchoid
Ref: https://github.com/SilvrrGIT/IP-Lists/issues/85#issuecomment-1651708481
Ref: https://github.com/SilvrrGIT/IP-Lists/issues/85
|
2023-07-26 14:52:54 +02:00 |
|
|
|
7538bdeed3
|
[data] sort stretchoid data by locale C.UTF-8
|
2023-07-26 14:33:25 +02:00 |
|
|
|
14b153b16a
|
[data] Update stretchoid IPs
|
2023-07-26 14:30:10 +02:00 |
|
|
|
5a80c3b268
|
[data] Update CloudFront IPs
|
2023-07-26 14:05:50 +02:00 |
|
|
|
91060878a6
|
Sort AWS CloudFront IPs
|
2023-07-26 14:01:49 +02:00 |
|
|
|
99ef798e0c
|
Also build AWS CloudFront
|
2023-07-26 13:58:19 +02:00 |
|
|
|
8b4861045a
|
Add more data
|
2023-07-26 13:57:10 +02:00 |
|
|
|
f0b1047ee1
|
Add a workflow to build lists
|
2023-07-26 13:56:11 +02:00 |
|
|
|
a52122dc72
|
Data update
|
2023-07-26 13:55:56 +02:00 |
|
|
|
d364be38df
|
Data update
|
2023-07-25 23:17:30 +02:00 |
|
|
|
111fda859d
|
Add a list of bad IPs for stretchoid
|
2023-07-25 18:32:01 +02:00 |
|
|
|
6ae56c939b
|
Add more data for stretchoid
|
2023-07-25 18:19:27 +02:00 |
|
|
|
f6e374d11e
|
Upload diff from 1 to 2
|
2023-07-24 15:46:07 +02:00 |
|
|
|
3c888ac794
|
Add more stretchoid analysis
|
2023-07-24 15:42:18 +02:00 |
|
|
|
5c6fdd91d4
|
Add a better reverse result
|
2023-07-24 02:08:07 +02:00 |
|
|
|
b43bddd5d7
|
Add stretchoid analysis
|
2023-07-23 20:45:16 +02:00 |
|
|
|
4dd9025fb8
|
Add censys scanner
Ref: https://support.censys.io/hc/en-us/articles/360043177092-Opt-Out-of-Data-Collection
|
2023-07-23 12:54:04 +02:00 |
|
|
|
c3ae00f037
|
Add more bad IPs
IP(50): 141.98.11.53 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(51): 141.98.10.132 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(72): 154.127.53.41 - 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(78): 85.215.94.1 - 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224
IP(90): 45.146.55.231 - 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0
IP(126): 185.241.208.53 - 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116
IP(132): 189.177.186.233 - 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(138): 218.85.202.248 - 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(150): 103.139.45.73 - 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(460): 20.78.36.222 - 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(556): 201.103.117.233 - 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK
IP(1703): 141.98.10.150 - 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110
IP(5136): 80.94.95.206 - 80.94.95.0 - 80.94.95.255 : BT-HOSTER
NET(1): 14.102.240.0 - 23.19.47.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["20.78.36.222"]
NET(1): 45.146.55.0 - 45.146.55.255 : VCUS-45-146-55-0 -> ["45.146.55.231"]
NET(1): 80.94.95.0 - 80.94.95.255 : BT-HOSTER -> ["80.94.95.206"]
NET(1): 85.214.0.0 - 85.215.255.255 : DE-TECT-20050224 -> ["85.215.94.1"]
NET(1): 103.85.36.0 - 103.192.159.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["103.139.45.73"]
NET(1): 154.33.0.0 - 155.3.255.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["154.127.53.41"]
NET(1): 185.241.208.0 - 185.241.211.255 : NL-LEGACO-20180116 -> ["185.241.208.53"]
NET(1): 189.0.0.0 - 190.92.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["189.177.186.233"]
NET(1): 201.49.192.0 - 201.148.167.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["201.103.117.233"]
NET(1): 218.0.0.0 - 220.158.195.255 : NON-RIPE-NCC-MANAGED-ADDRESS-BLOCK -> ["218.85.202.248"]
NET(3): 141.98.8.0 - 141.98.11.255 : LT-HOSTBALTIC-20190110 -> ["141.98.11.53","141.98.10.132","141.98.10.150"]
|
2023-07-15 15:38:46 +02:00 |
|
|
|
8f5389e71a
|
Add docs
|
2023-07-15 15:38:15 +02:00 |
|
|
|
c9b83784d7
|
Add IPv6 addresses for CloudFront
|
2023-06-23 18:58:45 +02:00 |
|
|
|
bfd1be4a73
|
use the global amazon endpoint and add more IPv4 for CloudFront
|
2023-06-23 18:57:14 +02:00 |
|
|
|
7bcf89346c
|
Remove crowdsec IP list
Ref: 39d1895653
|
2023-06-23 18:34:07 +02:00 |
|
|
|
1d3525e300
|
Add cloudfront IP ranges
|
2023-06-23 18:33:43 +02:00 |
|
|
|
39d1895653
|
[temp] Update crowdsec list for microtik
|
2023-02-21 18:47:41 +01:00 |
|
|
|
900efe9ca8
|
[temp] Update crowdsec list for microtik
|
2023-02-21 14:20:28 +01:00 |
|
|
|
31e290a228
|
[temp] Add crowdsec list for microtik
|
2023-02-21 13:25:55 +01:00 |
|
|
|
eea32de73a
|
Add more bad IPs
|
2022-12-09 23:45:03 +01:00 |
|
|
|
27dfddaef0
|
Add new bad IPs from crowdsec alerts list for emails
|
2022-11-21 21:40:30 +01:00 |
|
|
|
984627f4c6
|
Add more hacking emails IPs
|
2022-11-12 19:08:57 +01:00 |
|
|
|
c73ab8e070
|
Add more attacking IPs
Most for postfix attacks majority are postscreen-rbl
|
2022-11-12 18:56:37 +01:00 |
|
|
|
bf18ac538f
|
Remove duplicates
|
2022-11-07 15:02:10 +01:00 |
|
|
|
c2e40487df
|
Add more bad IPs that did more than 10 attacks found in my logs
IP(11): 94.46.179.75
IP(14): 5.34.207.243
IP(20): 60.167.113.234
IP(20): 114.102.34.118
IP(20): 114.99.130.40
IP(20): 212.192.219.146
IP(20): 223.240.209.152
IP(21): 60.167.53.218
IP(21): 117.64.225.169
IP(21): 117.68.193.203
IP(21): 185.225.73.88
IP(31): 81.161.229.108
IP(31): 185.128.27.106
IP(42): 94.46.179.80
IP(43): 34.64.224.143
IP(57): 2.58.46.138
IP(69): 77.81.139.90
IP(72): 20.125.124.9
IP(72): 143.198.18.3
IP(76): 5.253.204.58
IP(82): 156.96.119.125
IP(90): 20.41.119.26
IP(110): 5.34.207.171
IP(112): 5.34.207.157
IP(113): 5.34.207.187
IP(119): 93.177.75.74
IP(136): 176.111.173.26
IP(150): 185.104.186.2
IP(194): 5.34.207.248
IP(383): 5.34.207.242
IP(386): 5.34.207.237
IP(388): 5.34.207.234
IP(423): 52.165.31.20
IP(503): 45.95.243.8
IP(557): 194.165.16.67
IP(588): 103.153.79.225
IP(614): 5.34.207.152
IP(1775): 141.98.11.17
IP(2120): 141.98.10.194
IP(2455): 141.98.10.108
IP(2467): 141.98.10.81
IP(2485): 91.224.92.110
IP(2505): 141.98.11.37
IP(2554): 45.125.65.37
IP(2701): 141.98.11.112
IP(2702): 141.98.10.84
IP(2727): 45.125.66.22
IP(2741): 45.125.65.159
IP(2767): 141.98.11.119
IP(2798): 141.98.11.81
IP(2798): 141.98.11.74
IP(2812): 141.98.10.24
IP(2816): 45.125.66.24
IP(2816): 141.98.11.113
IP(2818): 45.125.66.55
IP(2830): 141.98.11.51
IP(2848): 141.98.10.27
IP(2860): 141.98.10.70
IP(2869): 141.98.11.75
IP(2878): 141.98.10.203
IP(2899): 141.98.11.19
IP(2902): 141.98.10.217
IP(2908): 141.98.11.95
IP(2959): 141.98.10.82
IP(8585): 5.34.207.172
IP(9417): 5.34.207.116
IP(10728): 5.34.207.48
IP(11617): 87.246.7.75
IP(54742): 5.34.207.225
|
2022-11-07 14:56:50 +01:00 |
|
|
|
72324ebe39
|
Add more bad IPs:
Reasons:
212.70.149.71
EMAIL SPAM
45.141.101.215
EMAIL SPAM [RU]
212.70.149.72
EMAIL SPAM [GB]
23.94.218.159
EMAIL SPAM [USA]
5.34.207.225
EMAIL AUTH HACKS
103.153.79.225
EMAIL AUTH HACKS [Vietnam]
5.34.207.48
EMAIL AUTH HACKS
87.246.7.75
EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
87.246.7.75
HIGH EMAIL AUTH HACKS
141.98.11.81
EMAIL AUTH HACKS
114.102.34.118
EMAIL AUTH HACKS [CN]
103.153.79.225
EMAIL AUTH HACKS
194.165.16.67
EMAIL AUTH HACKS
45.95.243.8
EMAIL AUTH HACKS
52.165.31.20
EMAIL AUTH HACKS
185.104.186.2
EMAIL AUTH HACKS
176.111.173.26
EMAIL AUTH HACKS
93.177.75.74
EMAIL AUTH HACKS
176.59.7.53
WTF ??
217.66.157.45
Strange port scans
209.142.101.67
Strange try to access port 17843
2.185.78.229
Strange port scans
20.29.94.192
EMAIL AUTH HACKS
|
2022-11-07 14:47:44 +01:00 |
|
