| 193.169.252.37 |
attackbots |
2020/10/03 09:35:21 [error] 22863#22863: *5514135 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 193.169.252.37, server: _, request: "GET /wp-login.php HTTP/1.1", host: "waldatmen.com"
2020/10/03 09:35:21 [error] 22863#22863: *5514135 open() "/usr/share/nginx/html/wp-login.php" failed (2: No such file or directory), client: 193.169.252.37, server: _, request: "GET //wp-login.php HTTP/1.1", host: "waldatmen.com" |
2020-10-03 20:39:37 |
| 128.199.160.35 |
attackspam |
SSH brutforce |
2020-10-03 20:56:01 |
| 46.101.8.39 |
attackbots |
20 attempts against mh-ssh on comet |
2020-10-03 20:58:32 |
| 123.30.149.76 |
attackbots |
Oct 3 11:02:35 scw-gallant-ride sshd[12402]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=123.30.149.76 |
2020-10-03 20:41:09 |
| 190.36.156.72 |
attackbots |
Unauthorised access (Oct 2) SRC=190.36.156.72 LEN=52 TTL=116 ID=7606 DF TCP DPT=445 WINDOW=8192 SYN |
2020-10-03 21:04:10 |
| 211.220.27.191 |
attackbotsspam |
Invalid user jack from 211.220.27.191 port 37902 |
2020-10-03 20:49:17 |
| 41.207.7.240 |
attack |
Lines containing failures of 41.207.7.240
Oct 2 22:24:45 new sshd[31337]: Did not receive identification string from 41.207.7.240 port 57604
Oct 2 22:24:45 new sshd[31338]: Did not receive identification string from 41.207.7.240 port 57607
Oct 2 22:24:48 new sshd[31341]: Did not receive identification string from 41.207.7.240 port 57651
Oct 2 22:24:48 new sshd[31339]: Invalid user dircreate from 41.207.7.240 port 57884
Oct 2 22:24:48 new sshd[31339]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.207.7.240
Oct 2 22:24:50 new sshd[31339]: Failed password for invalid user dircreate from 41.207.7.240 port 57884 ssh2
Oct 2 22:24:50 new sshd[31343]: Invalid user dircreate from 41.207.7.240 port 57893
Oct 2 22:24:50 new sshd[31343]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=41.207.7.240
Oct 2 22:24:50 new sshd[31339]: Connection closed by invalid user dircreate 41.207.7.240 port ........
------------------------------ |
2020-10-03 20:41:29 |
| 51.254.37.192 |
attack |
(sshd) Failed SSH login from 51.254.37.192 (FR/France/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Oct 3 01:14:10 server5 sshd[9274]: Invalid user ofbiz from 51.254.37.192
Oct 3 01:14:12 server5 sshd[9274]: Failed password for invalid user ofbiz from 51.254.37.192 port 57676 ssh2
Oct 3 01:18:05 server5 sshd[11135]: Invalid user root01 from 51.254.37.192
Oct 3 01:18:07 server5 sshd[11135]: Failed password for invalid user root01 from 51.254.37.192 port 40362 ssh2
Oct 3 01:21:23 server5 sshd[12514]: Invalid user docker from 51.254.37.192 |
2020-10-03 20:37:14 |
| 111.198.48.204 |
attackspambots |
Oct 2 16:43:41 Tower sshd[28959]: Connection from 111.198.48.204 port 53972 on 192.168.10.220 port 22 rdomain ""
Oct 2 16:43:45 Tower sshd[28959]: Invalid user test from 111.198.48.204 port 53972
Oct 2 16:43:45 Tower sshd[28959]: error: Could not get shadow information for NOUSER
Oct 2 16:43:45 Tower sshd[28959]: Failed password for invalid user test from 111.198.48.204 port 53972 ssh2
Oct 2 16:43:45 Tower sshd[28959]: Received disconnect from 111.198.48.204 port 53972:11: Bye Bye [preauth]
Oct 2 16:43:45 Tower sshd[28959]: Disconnected from invalid user test 111.198.48.204 port 53972 [preauth] |
2020-10-03 20:37:53 |
| 139.59.161.78 |
attackbots |
Invalid user cute from 139.59.161.78 port 49620 |
2020-10-03 20:39:55 |
| 190.156.238.155 |
attackspam |
Oct 3 08:42:45 rush sshd[1930]: Failed password for root from 190.156.238.155 port 59074 ssh2
Oct 3 08:46:45 rush sshd[1961]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.156.238.155
Oct 3 08:46:47 rush sshd[1961]: Failed password for invalid user marie from 190.156.238.155 port 33518 ssh2
... |
2020-10-03 20:36:03 |
| 34.120.202.146 |
attack |
RU spamvertising, health fraud - From: GlucaFIX
UBE 185.176.220.179 (EHLO gopxk.imkeeperr.com) 2 Cloud Ltd.
Spam link redfloppy.com = 185.246.116.174 Vpsville LLC – phishing redirect:
a) aptrk13.com = 35.204.93.160 Google
b) www.ep20trk.com = 34.120.202.146 Google
c) www.glucafix.us = 104.27.187.98, 104.27.186.98, 172.67.201.182 Cloudflare
d) glucafix.us = ditto
Images -
- http://redfloppy.com/web/imgs/mi1tb6fg.png = dailybetterhealth.com = 104.27.138.27, 104.27.139.27, 172.67.218.161 Cloudflare
- http://redfloppy.com/web/imgs/24sc48jt.png = unsub; no entity/address |
2020-10-03 20:40:17 |
| 1.255.48.197 |
attack |
(From annabelle@merchantpay.top) I have a quick question about working with your business. Like most business owners you just want to survive through to 2021. In order for that to happen you need to save every dollar possible right? This is an honest question, would you continue with the high credit card processing fees if there was another way? New laws are on your side. Test this newly released card processing model this October - just send a phone number and we'll call.
$24.99/mo Flat Fee Credit Card Processing (Unlimited)
1) As a small business owner accepting credit/debit, recently passed State Laws are on your side. - Were you aware?
New state regulations now in effect, the law was successfully passed in 46 states - effective since August 2019.
Since that date you shouldn't be paying above 0.75% Credit Card Processing Fees.
2) You're legally able to demand this new option.
Bottom Line: Your processor isn't telling you everything. Why are they hiding the lower fee options?
We repre |
2020-10-03 20:52:07 |
| 103.55.91.131 |
attack |
Unauthorised connection attempt detected at AUO NODE 4. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-10-03 20:31:45 |
| 182.254.195.46 |
attack |
Invalid user dspace from 182.254.195.46 port 36834 |
2020-10-03 20:52:29 |