Este projeto surgiu com uma simples conversa com um dos diretores da BS2 internet, estamos planejando criar uma ferramenta para bloquear todo o tráfego que não fosse oriundo do Brasil. Dito isso, o projeto apresentado é apenas uma PoC (Proof of Concept) não tem a intenção de se tornar um projeto profissional.
Quem administra servidores de hospedagem, sabem que todos os dias recebemos ataques de brute force, negação de serviço, etc. A mitigação desses ataques, quase sempre é realizada com sucesso, visto que as técnicas utilizadas já são conhecidas. Recentemente, comecei a analisar alguns dos IP’s que ficavam bloqueados nos firewalls e pensei em automatizar esse processo, pelo menos para saber de onde estão vindos os ataques.
Honeypot
Utilizei uma técnica para atrair os ataques, a técnica conhecida como honeypot, se basea na criação de uma máquina para ser atacada. Criei uma máquina na Amazon Web Services com o serviço SSH exposto para a internet, não passou muito tempo os ataques começaram a surgir.
O primeiro IP que apareceu no meu mapa era um relay da rede TOR que estava hospedado na França, fiquei um pouco surpreso, estava esperando algo vindo da Rússia ou China. Duas semanas depois, eu já estava recebendo ataques da China, Japão, Coréia do Sul, etc. Acho que dos seis continentes existentes na terra, só não recebi ataques da Antártida e da Oceania.
Montando o projeto
Eu utilizei o fail2ban para bloquear os ataques que eu recebia, todos os bans eram permanentes, para manter o mapa cada vez mais cheio. Talvez, a única “ferramenta” que vocês não conheçam, seja o geohash, um sistema para gerar um código único, baseado na latitude e longitude. Foi o geohash que permitiu que os pontos aparecessem no mapa.
Para salvar os valores, ip, latitude, longitude, geohash, usei um banco de dados muito simples e rapído, chamado InfluxDB e o grafana para consultar os dados no InfluxDB e popular o mapa. É uma solução simples, porém, a apresentação ficou muito elegante.
Como podem notar na imagem acima, a china ultrapassou rapidamente qualquer outro pais. Esses chineses, rsrs.
Investigando alguns IP’s
A china foi a campeã de bloqueios, o curioso é que todos os IP’s bloqueados estavam dentro de um conjunto. Eu recebi uma série de ataques vindo de uma rede 222.186., todos os IP’s pertence a mesma organização CHINANET jiangsu province backbone.
Lista completa dos IP’s chineses vindo da mesma rede.
222.186.190.2
222.186.180.8
222.186.175.150
222.186.175.148
222.186.175.183
222.186.175.163
222.186.175.202
222.186.173.142
222.186.175.154
222.186.169.192
222.186.173.215
222.186.180.223
222.186.175.167
222.186.173.154
222.186.175.169
222.186.180.41
222.186.173.226
222.186.180.6
222.186.175.212
222.186.180.147
222.186.175.215
222.186.175.217
222.186.175.182
222.186.169.194
222.186.175.216
222.186.175.151
222.186.173.238
222.186.173.201
Agora, falando do Brasil, recebi alguns ataques vindo de São Paulo, Rio de Janeiro e Goiania. Segue a lista dos IP’s.
131.100.62.239
191.234.182.188
189.62.163.15
187.14.162.247
187.22.122.58
187.20.182.37
189.124.126.142
179.70.119.186
191.203.19.128
177.141.124.184
191.232.242.173
Lista completa dos IP’s bloqueados e identificados
Autor: Gabriel "bsd0x" Dutra
Github: github.com/bsd0x
Twitter: https://twitter.com/bsd0x1
-------------------------------------------
root@ip-172-31-70-224:~# influx
Visit https://enterprise.influxdata.com to register for updates, InfluxDB server management, and monitoring.
Connected to http://localhost:8086 version 0.10.0
InfluxDB shell 0.10.0
> use fail2ban
Using database fail2ban
> select * from fail2ban_ips;
name: fail2ban_ips
------------------
time country geohash ip localization
1598681529186847425 FR u09tvmqrejb4 212.47.229.4 48.8534,2.3488
1598681529247367514 CN wtw3egg46zgm 222.186.190.2 31.2222,121.4581
1598681529334784995 CN wwhubf6nkc4r 218.92.0.224 34.5984,119.2156
1598691603149733219 CN wtw3egg46zgm 222.186.180.8 31.2222,121.4581
1598691603260558023 CN wtw3egg46zgm 222.186.175.150 31.2222,121.4581
1598691603327409821 CN wtw3egg46zgm 218.92.0.247 31.2222,121.4581
1598691603428858082 CN wtw3egg46zgm 218.92.0.249 31.2222,121.4581
1598691603499371652 CN wwhszd9jz789 218.92.0.184 34.5997,119.1594
1598702404189529894 CN wwhszd9jz789 218.92.0.175 34.5997,119.1594
1598702404294088434 CN wtw3egg46zgm 222.186.175.148 31.2222,121.4581
1598702404387900744 CN wtw3egg46zgm 222.186.175.183 31.2222,121.4581
1598702404544135872 US dr5regy3zpwg 198.98.49.181 40.7143,-74.0060
1598702404644344207 CN wwhubf6nkc4r 218.92.0.223 34.5984,119.2156
1598712114768910974 CN wtw3egg46zgm 222.186.175.163 31.2222,121.4581
1598712114838224365 CN wtte94zqpt3p 61.177.172.61 31.5689,120.2886
1598712114953248136 CN ws0e9060s30w 218.92.0.210 23.1167,113.2500
1598712115054551211 CN wtw3egg46zgm 222.186.175.202 31.2222,121.4581
1598712115139639293 CN wtw3egg46zgm 222.186.173.142 31.2222,121.4581
1598716804268610927 CN wtw3egg46zgm 222.186.175.154 31.2222,121.4581
1598716804366935319 VN w3gvd6m29c2m 45.119.212.105 10.8230,106.6296
1598720406032002610 CN wwhszd9jz789 218.92.0.171 34.5997,119.1594
1598724006335265273 CN wtw3egg46zgm 222.186.169.192 31.2222,121.4581
1598727605121192990 CN wtw3egg46zgm 222.186.173.215 31.2222,121.4581
1598731207345653652 CN wtte94zqpt3p 61.177.172.168 31.5689,120.2886
1598738499357251983 CN wx4g08vy534y 112.85.42.172 39.9075,116.3972
1598738499447898294 CN wx4g08vy534y 112.85.42.174 39.9075,116.3972
1598738712792797161 CN wtte94zqpt3p 61.177.172.54 31.5689,120.2886
1598739653424698857 BR 6gdzbyucv6gz 131.100.62.239 -23.9128,-52.3431
1598742008291293493 CN wtte94zqpt3p 61.177.172.177 31.5689,120.2886
1598742008355046180 CN wtw3egg46zgm 222.186.180.223 31.2222,121.4581
1598742008441556667 CN wtw3egg46zgm 222.186.175.167 31.2222,121.4581
1598742008528203198 CN wtw3egg46zgm 222.186.173.154 31.2222,121.4581
1598749207054392581 JP xn739f6jbvg7 122.26.87.3 35.4333,139.6500
1598752807712777945 CN wtw3egg46zgm 218.92.0.251 31.2222,121.4581
1598760009300392131 CN wtw3egg46zgm 222.186.175.169 31.2222,121.4581
1598767206431682292 CN wwe0w76b26e3 111.14.221.8 36.6683,116.9972
1598767206520828335 CN wtw3egg46zgm 222.186.180.41 31.2222,121.4581
1598767206605917063 CN wtw3egg46zgm 222.186.173.226 31.2222,121.4581
1598774406423836547 CN wtw3egg46zgm 222.186.180.6 31.2222,121.4581
1598781606316516938 CN wtw3egg46zgm 222.186.175.212 31.2222,121.4581
1598792406301644870 CN wtw3egg46zgm 222.186.180.147 31.2222,121.4581
1598792406431826067 CN wtw3egg46zgm 222.186.175.215 31.2222,121.4581
1598796006085150202 CN wtw3egg46zgm 222.186.175.217 31.2222,121.4581
1598799606944092627 CN wwhszd9jz789 218.92.0.165 34.5997,119.1594
1598799607032646846 CN wtw3egg46zgm 222.186.175.182 31.2222,121.4581
1598806807066552455 CN wtw3egg46zgm 222.186.169.194 31.2222,121.4581
1598806807160489771 CN wtte94zqpt3p 61.177.172.142 31.5689,120.2886
1598810410831115714 NL u173zq2sdm0x 141.98.9.32 52.3740,4.8897
1598810410962934319 NL u173zq2sdm0x 141.98.9.33 52.3740,4.8897
1598810411021519482 NL u173zq2sdm0x 141.98.9.34 52.3740,4.8897
1598810411108359918 NL u173zq2sdm0x 141.98.9.35 52.3740,4.8897
1598810411165239098 NL u173zq2sdm0x 141.98.9.36 52.3740,4.8897
1598810411253471164 NL u173zq2sdm0x 141.98.9.31 52.3740,4.8897
1598810411340317445 CN wtw3egg46zgm 222.186.175.216 31.2222,121.4581
1598810411426835921 CN wtw3egg46zgm 218.92.0.248 31.2222,121.4581
1598817607543893221 CN wtw3egg46zgm 222.186.175.151 31.2222,121.4581
1598832010629661205 CN wtw3egg46zgm 222.186.173.238 31.2222,121.4581
1598839208783308813 CN wtw3egg46zgm 222.186.173.201 31.2222,121.4581
1598864407467854197 IT u0nkwenhjgku 88.149.143.229 45.8082,9.0832
1598889610497927714 RU v1pntbctz4g1 31.173.168.226 51.7727,55.0988
1598889610563107146 KR wydj54xzvjsv 119.197.77.72 37.4565,126.7052
1598896769241325363 GB gcn9hc0we3y6 51.195.166.192 50.8074,-1.8998
1598896769449351819 BR 6gyt9n5m5ysj 191.234.182.188 -22.9056,-47.0608
1598911214131612393 US dp9mp8g5cv9g 65.29.175.106 43.0712,-87.9084
1598911214270999317 KR wydp53xyby1g 222.236.141.123 37.8024,126.7160
1598911214484107071 HK wecnwpekx24g 113.255.253.193 22.2783,114.1747
1598911214615126535 SE u628233by9ub 83.250.5.147 57.7072,11.9668
1598911214748649452 HK wecnwpekx24g 1.65.143.19 22.2783,114.1747
1598911214884750815 LT u3zhcj158spm 86.100.88.76 55.7068,21.1391
1598911215017453188 ES eysenn2yw3e8 185.137.106.180 37.1253,-4.6569
1598911215148998709 UA u8wnf6r7w5nb 152.89.22.242 49.0120,31.0466
1598911215282340360 HK wecnwpekx24g 219.78.159.147 22.2783,114.1747
1598911215413005644 EC 6rbntn5v6fhj 201.219.50.223 -0.2298,-78.5250
1598911215546666466 SE u67t24xzcyt1 213.113.130.17 58.5942,16.1826
1598911215680643875 KR wydm9qwvg1vw 175.198.81.207 37.5660,126.9784
1598911215811424021 KR wydm9qwvg1vw 1.230.26.66 37.5660,126.9784
1598911215942346761 BY u9edek1qq8jr 134.17.33.128 53.9000,27.5667
1598911216074715935 TW wsmgtrv1km2t 123.241.131.20 24.5643,120.8237
1598911216207989834 VE d3y9m8pz0u06 200.84.171.5 10.0647,-69.3570
1598922014645794336 BZ d517918myznz 85.209.0.217 17.4995,-88.1976
1598925615369920551 BR 6gyf4c29u5g7 189.62.163.15 -23.5475,-46.6361
1598925615508905134 RU ucfwsum2psf6 77.41.96.176 56.0097,37.4819
1598925615642737526 TW wsj8dzh3mxfn 220.143.22.51 22.6266,120.3613
1598925615773150598 KR wydurrwgttd7 121.158.45.50 37.3514,127.9453
1598925616005026826 KR wydm9qwvg1vw 221.138.50.58 37.5660,126.9784
1598925616206214218 HK wecnwpekx24g 168.70.69.186 22.2783,114.1747
1598925616341713158 US dr5regy3zpwg 74.72.104.14 40.7143,-74.0060
1598925616472157561 KR wydm9qwvg1vw 221.148.155.163 37.5660,126.9784
1598925616607425740 TW wsmc65z3fsqj 113.61.199.106 24.1469,120.6839
1598925616738411541 US cb74dvr69j2f 140.186.57.67 46.8750,-96.9004
1598925616868845064 CA dpzke4uc2dt1 99.233.151.187 44.4001,-79.6663
1598925617001329701 US dhwvjggvhnsp 73.125.199.72 26.2129,-80.2498
1598925617141975137 BG sx8dfub4fyvk 95.42.20.9 42.6975,23.3241
1598925617273876328 SE u628233by9ub 213.142.9.231 57.7072,11.9668
1598925617407261073 KR wydjm42wume7 119.69.6.91 37.4989,126.7831
1598925617541044436 KR wydurrwgttd7 211.250.133.183 37.3514,127.9453
1598932816511548568 GR sqzxfy5h9696 85.75.36.145 39.3648,21.9219
1598932816646488043 LT u99zp7b5wjc1 141.98.10.211 54.6892,25.2798
1598932816781242953 LT u99zp7b5wjc1 141.98.10.212 54.6892,25.2798
1598932816912304634 LT u99zp7b5wjc1 141.98.10.214 54.6892,25.2798
1598932817043640656 LT u99zp7b5wjc1 141.98.10.209 54.6892,25.2798
1598932817177301565 LT u99zp7b5wjc1 141.98.10.210 54.6892,25.2798
1598936418586204979 NL u173zq2sdm0x 141.98.9.163 52.3740,4.8897
1598936418717354932 NL u173zq2sdm0x 141.98.9.165 52.3740,4.8897
1598936418851100374 NL u173zq2sdm0x 141.98.9.166 52.3740,4.8897
1598936418985328765 NL u173zq2sdm0x 141.98.9.162 52.3740,4.8897
1598950818081203750 DE u33dc1v0z3cd 185.220.101.8 52.5244,13.4105
1598950818214591461 DE u33dc1v0z3cd 185.220.102.254 52.5244,13.4105
1599004819013277660 TW wsmc65z3fsqj 27.96.250.164 24.1469,120.6839
1599004819151858023 HK wecnwpekx24g 223.19.27.217 22.2783,114.1747
1599004819446758459 KR wydm9qwvg1vw 211.46.30.230 37.5660,126.9784
1599004819673340270 HK wecnwpekx24g 221.124.101.93 22.2783,114.1747
1599004819810984808 HK wecnwpekx24g 223.16.146.128 22.2783,114.1747
1599004819948506988 VN w6mrns0mk9kg 112.197.139.4 13.9096,108.9190
1599004820083833427 KR wydm9qwvg1vw 121.162.48.218 37.5660,126.9784
1599004820218943548 SE u6s8c04qg2bp 90.224.199.131 59.1955,17.6253
1599004820346407794 UA ubcu2fwrm0km 37.57.65.189 49.9808,36.2527
1599004820484584271 RU v1pntbctz4g1 85.192.155.7 51.7727,55.0988
1599004820621518398 CN wx4g08vy534y 112.85.42.143 39.9075,116.3972
1599004820756931701 KR wydp53xyby1g 125.142.122.130 37.8024,126.7160
1599004820892197169 TW wsj8dzh3mxfn 114.27.129.16 22.6266,120.3613
1599004821031671477 HK wecnwpekx24g 221.127.107.122 22.2783,114.1747
1599004821169099757 RU v31sf1jy8vs7 95.71.141.101 51.4666,58.4552
1599004821306595595 US dqcnk750c3wt 69.137.35.62 39.0840,-77.1528
1599004821442511240 BD wh0ddbukhrsb 103.113.192.86 22.9443,90.8300
1599004821584207470 CY swpytje8xsmt 109.110.231.86 34.9229,33.6233
1599004821718890730 PA d1qmvq287nnf 190.218.132.163 8.0764,-80.9794
1599004821854377198 RU v3g9vb7r3fbc 77.222.108.240 55.1540,61.4291
1599004821993741946 HK wecnwpekx24g 58.152.199.57 22.2783,114.1747
1599004822129011602 TW wsj8dzh3mxfn 114.47.176.187 22.6266,120.3613
1599004822264479686 HK wecnwpekx24g 223.16.155.39 22.2783,114.1747
1599004822398994183 KR wy6wf9nug73g 211.229.221.30 36.3491,127.3849
1599004822540542828 ES eysenn2yw3e8 185.234.159.68 37.1253,-4.6569
1599004822676231694 IE gc6gdcrhgqr9 51.171.112.182 52.6542,-7.2522
1599004822811648152 HK wecnwpekx24g 219.78.249.208 22.2783,114.1747
1599004822947004190 HK wecnwpekx24g 119.237.106.195 22.2783,114.1747
1599004823331006020 CN ws0e9060s30w 222.90.28.99 23.1167,113.2500
1599004823468811302 UA u8vxn8fzbjfb 176.36.69.72 50.4547,30.5238
1599004823610906009 HK wecnwpekx24g 223.16.201.220 22.2783,114.1747
1599004823751943941 HK wecnwpekx24g 58.153.113.184 22.2783,114.1747
1599004823888397990 UA u8vxn8fzbjfb 93.72.121.32 50.4547,30.5238
1599004824020965323 GB gcpvj0u6ybr6 213.248.112.37 51.5085,-0.1257
1599004824157224456 HK wecnwpekx24g 112.118.154.39 22.2783,114.1747
1599004824293265540 RU uf407zhm7bjx 95.72.79.209 56.3333,36.7333
1599004824429864482 HK wecnwpekx24g 42.98.211.95 22.2783,114.1747
1599004824566886307 UA u8x8xbuybtep 77.122.203.3 47.9057,33.3940
1599004824699786959 GB gcw2jpfubf3e 81.88.166.204 53.4809,-2.2374
1599004824836491008 US dr5pr69kvr52 100.1.169.63 40.6640,-74.2107
1599004824977795274 HK wecnwpekx24g 219.77.75.130 22.2783,114.1747
1599004825114474428 RU ufp23q362ytr 5.166.211.12 56.3287,44.0020
1599004825253260579 KR wydm9qwvg1vw 183.101.244.165 37.5660,126.9784
1599004825388863308 CY sy0p640und2m 87.228.185.194 35.0361,33.8392
1599004825527929999 BR 75cnkrvsbttc 187.14.162.247 -22.7642,-43.3994
1599008425716352097 SE u6sce0t4z1z0 46.59.17.108 59.3294,18.0687
1599008426004554290 MO webwrc3xzgu9 60.246.199.87 22.2006,113.5461
1599008426142130162 US dng1cj9p0ex2 162.154.47.54 38.3078,-85.7359
1599008426278535478 TW wsqqmxbf482f 1.162.171.107 25.0478,121.5319
1599008426415855780 PA d1mrunpssfd4 190.219.136.64 8.4273,-82.4309
1599008426553317709 MO webwrc3xzgu9 60.246.9.15 22.2006,113.5461
1599008426689943905 KR wy4rbp9ngz43 121.147.9.57 35.1547,126.9156
1599008426831753305 KR wydm9qwvg1vw 118.36.174.59 37.5660,126.9784
1599008426969247951 CN wwgqdmt7z4bm 111.33.31.67 39.1422,117.1767
1599008427107625087 KR wydnnpnkmtwx 112.157.129.192 37.6564,126.8350
1599008427243664722 HK wecnwpekx24g 1.65.198.230 22.2783,114.1747
1599008427379220383 CN ws1078q101c4 14.215.128.96 22.5455,114.0683
1599008427518101247 BR 6gxp2jfs06s9 187.22.122.58 -24.0058,-46.4028
1599008427659209749 HK wecnwpekx24g 219.79.222.159 22.2783,114.1747
1599012028006353138 NA k7upstptgrj1 160.242.62.144 -22.5594,17.0832
1599012028144651412 BR 7h2y8jt2zj9x 187.20.182.37 -19.9208,-43.9378
1599012028284480437 US dhvrmxquxrjd 75.113.213.108 28.0338,-82.3659
1599091220275607611 CA c2fcqz8m2uks 96.50.224.169 49.4806,-119.5858
1599091220341488164 SE u7xv05hx1fme 78.71.119.4 65.5841,22.1547
1599091220432351765 UA u8mb7w6yy6wc 178.92.176.153 46.4857,30.7438
1599091220493129045 SE u6scdctw6dcu 213.103.133.0 59.3355,18.0582
1599091220555197832 HK wecnwpekx24g 119.236.177.151 22.2783,114.1747
1599091220613715522 KR wy5z8nhf0zjk 112.185.238.230 35.1017,129.0300
1599091220675474356 HK wecnwpekx24g 113.254.70.174 22.2783,114.1747
1599091220737885428 HK wecnwpekx24g 116.49.131.4 22.2783,114.1747
1599091220797766742 TW wsmc65z3fsqj 210.209.255.2 24.1469,120.6839
1599091220860458463 HK wecnwpekx24g 223.17.185.237 22.2783,114.1747
1599091220920566610 HK wecnwpekx24g 113.252.201.30 22.2783,114.1747
1599091220980406053 KR wydm9qwvg1vw 175.208.167.110 37.5660,126.9784
1599091221041059765 ES ezjmgtxg5jtm 185.171.166.188 40.4165,-3.7026
1599091221102597968 NL u173w9jf1pf8 35.220.192.160 52.3008,4.8639
1599091221161959294 US dp3wj6x1yvrn 89.187.182.111 41.8500,-87.6500
1599091221222586161 BZ d517918myznz 85.209.0.252 17.4995,-88.1976
1599091221313155710 CN wtte94zqpt3p 112.85.42.69 31.5689,120.2886
1599091221373860451 US 9zvwspf94t62 199.19.226.35 44.7791,-93.3363
1599091221756762961 BZ d517918myznz 85.209.0.85 17.4995,-88.1976
1599091221821920308 CN wqj6ysx3h3gp 118.194.132.112 34.2583,108.9286
1599091221884225494 JP xn0m77v9qn7m 45.120.159.173 34.6937,135.5022
1599091221947851260 BY u9edek1qq8jr 134.17.174.254 53.9000,27.5667
1599091222039921926 KR wy4rbp9ngz43 125.136.42.80 35.1547,126.9156
1599091222101769361 CN wtw3egg46zgm 117.48.143.109 31.2222,121.4581
1599091222163612639 KR wy7gukcp6y4w 58.230.164.240 35.8428,129.2117
1599091222224006022 BR 6fuuue6j6we9 189.124.126.142 -28.6775,-49.3697
1599091222286253950 HK wecnwpekx24g 112.118.135.240 22.2783,114.1747
1599091222349514331 BR 75fjg9t2qs9y 179.70.119.186 -22.8872,-42.0262
1599091222412024977 KR wyd6hbq2bqde 121.137.164.197 36.9156,127.1314
1599091222502853504 KR wydz6wvhnefc 221.159.205.165 37.8747,127.7342
1599091222592853606 US dqbyhexq43hn 47.53.169.98 39.0437,-77.4875
1599091222652996963 PL u3qcnhhkdkms 195.191.162.83 52.2298,21.0118
1599091222715650782 UA ubdchnqdr053 91.241.248.174 48.0230,37.8022
1599091222777230865 KR wydp53xyby1g 211.227.39.53 37.8024,126.7160
1599091222839118110 FR u09tvmqrejb4 51.77.210.201 48.8534,2.3488
1599091222901822731 CN wt3mbpw2xh74 119.96.26.255 30.5833,114.2667
1599091222960958414 CN ws1078q101c4 183.63.53.98 22.5455,114.0683
1599091223052868151 US 9q5ctjs66m6p 198.55.107.181 34.0443,-118.2509
1599091223113967558 US 9v0e3466xujk 24.175.101.65 28.7091,-100.4995
1599091223175272729 UA u8wgynxt2fw8 109.95.34.179 48.5083,32.2662
1599091223237347171 PY 6g3nvk17jpk2 181.126.28.119 -25.5097,-54.6111
1599091223300207887 TW wsmc65z3fsqj 111.83.38.29 24.1469,120.6839
1599091223360815555 TW wsmc65z3fsqj 106.107.244.62 24.1469,120.6839
1599091223425670105 HK wecnwpekx24g 183.178.128.231 22.2783,114.1747
1599091223489574111 US 9q5ctr186n4v 194.180.224.130 34.0522,-118.2437
1599091223552441857 US drt3qg70jebe 98.216.243.161 42.4251,-71.0662
1599091223632260720 US dn6m9pv98umh 64.139.73.170 36.1659,-86.7844
1599091224008715113 HK wecnwpekx24g 119.247.93.178 22.2783,114.1747
1599091224070517197 BR 75cm9q58tc9c 191.203.19.128 -22.9064,-43.1822
1599091224139509949 UA u8v7m5wbyc1h 178.54.208.134 49.8094,30.1121
1599091224202407301 UA ub6eym2szdyn 31.202.216.191 47.0951,37.5413
1599091224302025027 KR wy67v35j8n5s 211.194.75.208 35.8219,127.1489
1599091224362801647 CY swpmrf13wbgg 194.154.144.167 34.6841,33.0379
1599091224425351847 US dr28h60nf8bj 73.130.227.206 40.7934,-77.8600
1599091224487026830 HK wecnwpekx24g 119.236.251.23 22.2783,114.1747
1599091224548753231 CN wt47hmc8kvhs 182.107.200.17 28.6840,115.8531
1599091224619083364 FR u09tvqnfzuzr 193.104.211.30 48.8567,2.3497
1599091224681472458 HK wecnwpekx24g 221.124.207.104 22.2783,114.1747
1599091224744279634 KR wydj54xzvjsv 175.210.62.189 37.4565,126.7052
1599091224834419884 HK wecnwpekx24g 223.17.48.217 22.2783,114.1747
1599091224897291214 KR wy7fntme1w0r 210.220.94.73 35.5372,129.3167
1599091224960382564 HK wecnwpekx24g 218.103.196.125 22.2783,114.1747
1599091225022185558 KR wydm9qwvg1vw 221.167.202.141 37.5660,126.9784
1599149317955669870 DE u1jpe058uf4y 46.91.200.32 51.9435,7.1681
1599149318030286074 CN wx4g08vy534y 27.211.211.36 39.9075,116.3972
1599149318125450903 CN wkz5reqhpknb 150.138.92.202 27.3086,111.4319
1599149318190321872 ES ezjmgtxg5jtm 170.253.28.71 40.4165,-3.7026
1599156025903449631 US 9q5ctr186n4v 194.180.224.103 34.0522,-118.2437
1599177625826843061 DE u1hg6hwk0buy 185.132.53.194 51.2217,6.7762
1599177625893583667 BZ d517918myznz 85.209.0.237 17.4995,-88.1976
1599177625959344279 NL u173zq2sdm0x 45.148.10.28 52.3740,4.8897
1599181222468836640 IR tnke41gyzy3m 212.33.199.92 35.6944,51.4215
1599264027738925460 US drmjwmubyr0q 74.97.19.201 41.7798,-71.4373
1599264027805875850 IR tnke41gyzy3m 212.33.199.104 35.6944,51.4215
1599264027899068346 DE u0yjje5xuw2f 139.59.128.123 50.1155,8.6842
1599264027990501868 US 9q9k2pj9t7wz 64.227.88.245 37.3483,-121.9844
1599264028054776513 HK wecnwpekx24g 112.118.20.204 22.2783,114.1747
1599264028146705784 KR wvcyxh62juy6 218.149.178.65 33.5097,126.5219
1599264028239744549 HK wecnwpekx24g 58.153.146.6 22.2783,114.1747
1599264028330992206 TW wsj8vz0y2pr0 111.254.84.24 22.6714,120.4881
1599264028391648878 HK wecnwpekx24g 221.125.1.229 22.2783,114.1747
1599264028454365917 KR wy5qq073ewc9 123.248.132.160 34.8503,128.5886
1599264028520010392 RU ufjhk242yb4j 188.68.13.65 56.9972,40.9714
1599264028613026868 SE u6u1nj6nwd9f 155.4.230.73 60.6745,17.1417
1599264028781843407 KR wyeerpwv74nc 218.149.219.45 37.1759,128.9889
1599264029255715201 CL 63kn3xyg0m9h 190.95.40.66 -36.8270,-73.0498
1599264029323559372 DE u0qzfdqnr4qu 109.192.219.158 47.7820,9.6106
1599264029430005123 SE u630q7y9nnmb 217.31.170.24 57.7210,12.9401
1599264029522393807 HK wecnwpekx24g 223.17.64.97 22.2783,114.1747
1599264029586253836 SE u6sbcpy10eu3 92.35.123.32 59.2371,17.9819
1599264029679378539 CA dpwztxr378j5 170.52.71.133 43.5459,-80.2560
1599264029783437918 HK wecnwpekx24g 203.218.140.152 22.2783,114.1747
1599264029846908838 UA ubeuq9mgfgds 91.241.190.246 48.5671,39.3171
1599264029929485360 NL u173zq2sdm0x 165.22.201.37 52.3740,4.8897
1599264030033197712 CA dpz88g6gd14d 165.22.230.226 43.7001,-79.4163
1599264030137999637 IN tdr5jr8mk90m 139.59.36.117 13.2257,77.5750
1599264030243247974 DE u1my6fjcbmsm 91.96.29.236 53.1412,8.2147
1599264030350231386 US dr725u4n30f6 142.93.195.249 40.8043,-74.0121
1599264030414440705 RU ucm7zpd06vk7 37.235.182.228 52.7317,41.4433
1599264030506216311 KR wy7c01z6hf39 182.219.222.149 35.3420,129.0336
1599264030670908704 HK wecnwpekx24g 203.218.16.161 22.2783,114.1747
1599264030763763003 KR wvcyxh62juy6 121.189.109.184 33.5097,126.5219
1599264030828415432 HK wecnwpekx24g 220.246.177.144 22.2783,114.1747
1599264030933423363 BR 6gyf4c29u5g7 177.141.124.184 -23.5475,-46.6361
1599264030996265977 KR wvcyxh62juy6 14.49.241.27 33.5097,126.5219
1599264031060589638 KR wy6rku93k0qs 119.204.116.49 36.4556,127.1247
1599264031125222661 SE u6s8c04qg2bp 213.66.94.61 59.1955,17.6253
1599264031216218425 HK wecnwpekx24g 113.252.25.89 22.2783,114.1747
1599264031280489940 LU u0u65rx9p75q 107.189.10.174 49.6117,6.1300
1599264031348381640 US 9v6kpvcxhxn0 209.141.41.103 30.2672,-97.7431
1599264031414359114 CN wx4g08vy534y 116.129.254.131 39.9075,116.3972
1599264031507042508 TW wsmc65z3fsqj 114.46.76.221 24.1469,120.6839
1599264031570020916 HK wecnwpekx24g 219.76.153.228 22.2783,114.1747
1599264031684098736 US dp3wj6x1yvrn 209.236.101.141 41.8500,-87.6500
1599264031776670430 TW wsjwzh0vq2x0 1.170.107.214 23.7094,120.5433
1599264031839965705 HK wecnwpekx24g 1.36.241.201 22.2783,114.1747
1599264031933101946 CA dpsbwumpzq5j 108.170.189.6 42.3001,-83.0165
1599350434500247226 US 9v1zrqymy7tx 13.85.152.27 29.4375,-98.4616
1599350434596779212 KR wy4rbp9ngz43 121.148.220.88 35.1547,126.9156
1599350434688747683 FR u0c8yvhv98ub 88.139.197.20 49.3790,2.4126
1599350434780295847 BZ d517918myznz 85.209.0.8 17.4995,-88.1976
1599350434873435627 US dpxgvp4xbp41 23.94.183.112 42.8865,-78.8784
1599350434963827703 ZA k3vngpzrgst8 41.193.122.77 -33.9258,18.4232
1599350435069938820 US dr725u4n30f6 64.227.0.131 40.8043,-74.0121
1599350435175791206 BR 6gyt9n5m5ysj 191.232.242.173 -22.9056,-47.0608
1599357634832231200 US dr725u4n30f6 161.35.126.137 40.8043,-74.0121
Link do projeto no GitHub: https://github.com/bsd0x/fail2ban-attack-monitoring
bsd0x changed their profile photo