Sep 28 17:37:24 h2829583 sshd[12072]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106

Sep 28 08:35:14 scw-tender-jepsen sshd[11517]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106
Sep 28 08:35:16 scw-tender-jepsen sshd[11517]: Failed password for invalid user sandeep from 197.5.145.106 port 9993 ssh2

SSH Login Bruteforce

Sep 25 03:41:12 serwer sshd\[30525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106  user=root
Sep 25 03:41:13 serwer sshd\[30525\]: Failed password for root from 197.5.145.106 port 9376 ssh2
Sep 25 03:48:38 serwer sshd\[31181\]: Invalid user vinay from 197.5.145.106 port 9378
Sep 25 03:48:38 serwer sshd\[31181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106
...

Sep 25 03:41:12 serwer sshd\[30525\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106  user=root
Sep 25 03:41:13 serwer sshd\[30525\]: Failed password for root from 197.5.145.106 port 9376 ssh2
Sep 25 03:48:38 serwer sshd\[31181\]: Invalid user vinay from 197.5.145.106 port 9378
Sep 25 03:48:38 serwer sshd\[31181\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.106
...

Invalid user ftpuser from 197.5.145.30 port 11085

Oct 12 08:05:59 server sshd[19613]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.30  user=root
Oct 12 08:06:01 server sshd[19613]: Failed password for invalid user root from 197.5.145.30 port 10216 ssh2
Oct 12 08:27:39 server sshd[20758]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.30
Oct 12 08:27:41 server sshd[20758]: Failed password for invalid user service from 197.5.145.30 port 10217 ssh2

(sshd) Failed SSH login from 197.5.145.69 (TN/Tunisia/-): 5 in the last 3600 secs

Invalid user craig from 197.5.145.69 port 10179

Sep 29 20:44:40 roki-contabo sshd\[24095\]: Invalid user tester1 from 197.5.145.69
Sep 29 20:44:40 roki-contabo sshd\[24095\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.69
Sep 29 20:44:42 roki-contabo sshd\[24095\]: Failed password for invalid user tester1 from 197.5.145.69 port 9611 ssh2
Sep 29 20:50:25 roki-contabo sshd\[24250\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.69  user=root
Sep 29 20:50:28 roki-contabo sshd\[24250\]: Failed password for root from 197.5.145.69 port 9613 ssh2
...

SSH brute-force attack detected from [197.5.145.69]

SSH brute-force attack detected from [197.5.145.69]

Brute%20Force%20SSH

SSH Invalid Login

SSH Invalid Login

Invalid user nagios from 197.5.145.102 port 10915

2020-10-03T12:28:00.178833centos sshd[5270]: Invalid user admin from 197.5.145.69 port 10782
2020-10-03T12:28:02.698031centos sshd[5270]: Failed password for invalid user admin from 197.5.145.69 port 10782 ssh2
2020-10-03T12:31:36.651340centos sshd[5529]: Invalid user warehouse from 197.5.145.69 port 10783
...

$f2bV_matches

Oct  1 20:16:58 h1745522 sshd[11441]: Invalid user pos from 197.5.145.75 port 10898
Oct  1 20:16:58 h1745522 sshd[11441]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.75
Oct  1 20:16:58 h1745522 sshd[11441]: Invalid user pos from 197.5.145.75 port 10898
Oct  1 20:17:01 h1745522 sshd[11441]: Failed password for invalid user pos from 197.5.145.75 port 10898 ssh2
Oct  1 20:20:28 h1745522 sshd[11620]: Invalid user ec2-user from 197.5.145.75 port 10899
Oct  1 20:20:28 h1745522 sshd[11620]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.75
Oct  1 20:20:28 h1745522 sshd[11620]: Invalid user ec2-user from 197.5.145.75 port 10899
Oct  1 20:20:30 h1745522 sshd[11620]: Failed password for invalid user ec2-user from 197.5.145.75 port 10899 ssh2
Oct  1 20:24:04 h1745522 sshd[11758]: Invalid user prueba from 197.5.145.75 port 10900
...

Sep 29 20:09:36 con01 sshd[1201840]: Invalid user user from 197.5.145.93 port 10056
Sep 29 20:09:36 con01 sshd[1201840]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=197.5.145.93 
Sep 29 20:09:36 con01 sshd[1201840]: Invalid user user from 197.5.145.93 port 10056
Sep 29 20:09:37 con01 sshd[1201840]: Failed password for invalid user user from 197.5.145.93 port 10056 ssh2
Sep 29 20:13:27 con01 sshd[1209841]: Invalid user ftpuser from 197.5.145.93 port 10057
...

51.68.229.177 - - [14/Aug/2020:04:23:08 +0100] "POST /wp-login.php HTTP/1.1" 200 1605 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.68.229.177 - - [14/Aug/2020:04:23:08 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
51.68.229.177 - - [14/Aug/2020:04:42:08 +0100] "POST /wp-login.php HTTP/1.1" 200 1875 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

Port-scan: detected 259 distinct ports within a 24-hour window.

Aug 14 06:07:03 inter-technics sshd[11137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.175.171.169  user=root
Aug 14 06:07:06 inter-technics sshd[11137]: Failed password for root from 85.175.171.169 port 50310 ssh2
Aug 14 06:08:52 inter-technics sshd[11218]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.175.171.169  user=root
Aug 14 06:08:54 inter-technics sshd[11218]: Failed password for root from 85.175.171.169 port 46808 ssh2
Aug 14 06:10:36 inter-technics sshd[11473]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=85.175.171.169  user=root
Aug 14 06:10:38 inter-technics sshd[11473]: Failed password for root from 85.175.171.169 port 43320 ssh2
...

[2020-08-14 00:24:17] NOTICE[1185][C-000020ad] chan_sip.c: Call from '' (40.117.92.2:55655) to extension '+36011390498256029' rejected because extension not found in context 'public'.
[2020-08-14 00:24:17] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-14T00:24:17.321-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+36011390498256029",SessionID="0x7f10c405ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/40.117.92.2/55655",ACLName="no_extension_match"
[2020-08-14 00:26:51] NOTICE[1185][C-000020b1] chan_sip.c: Call from '' (40.117.92.2:63702) to extension '+37011390498256029' rejected because extension not found in context 'public'.
[2020-08-14 00:26:51] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-14T00:26:51.784-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="+37011390498256029",SessionID="0x7f10c40a18e8",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV
...

Aug 13 18:29:06 web9 sshd\[16491\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192  user=root
Aug 13 18:29:08 web9 sshd\[16491\]: Failed password for root from 222.186.169.192 port 50076 ssh2
Aug 13 18:29:21 web9 sshd\[16491\]: Failed password for root from 222.186.169.192 port 50076 ssh2
Aug 13 18:29:29 web9 sshd\[16526\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.169.192  user=root
Aug 13 18:29:31 web9 sshd\[16526\]: Failed password for root from 222.186.169.192 port 55124 ssh2

Aug 14 11:14:22 webhost01 sshd[14470]: Failed password for root from 120.88.46.226 port 59466 ssh2
...

$f2bV_matches

Aug 14 04:13:19 localhost sshd[85744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173  user=root
Aug 14 04:13:22 localhost sshd[85744]: Failed password for root from 112.85.42.173 port 18667 ssh2
Aug 14 04:13:25 localhost sshd[85744]: Failed password for root from 112.85.42.173 port 18667 ssh2
Aug 14 04:13:19 localhost sshd[85744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173  user=root
Aug 14 04:13:22 localhost sshd[85744]: Failed password for root from 112.85.42.173 port 18667 ssh2
Aug 14 04:13:25 localhost sshd[85744]: Failed password for root from 112.85.42.173 port 18667 ssh2
Aug 14 04:13:19 localhost sshd[85744]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.85.42.173  user=root
Aug 14 04:13:22 localhost sshd[85744]: Failed password for root from 112.85.42.173 port 18667 ssh2
Aug 14 04:13:25 localhost sshd[85744]: Failed pas
...

[2020-08-14 01:03:40] NOTICE[1185][C-000020d9] chan_sip.c: Call from '' (77.247.109.88:60908) to extension '01146812400621' rejected because extension not found in context 'public'.
[2020-08-14 01:03:40] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-14T01:03:40.154-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="01146812400621",SessionID="0x7f10c405ea98",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/77.247.109.88/60908",ACLName="no_extension_match"
[2020-08-14 01:03:41] NOTICE[1185][C-000020da] chan_sip.c: Call from '' (77.247.109.88:50492) to extension '9011441519470478' rejected because extension not found in context 'public'.
[2020-08-14 01:03:41] SECURITY[1203] res_security_log.c: SecurityEvent="FailedACL",EventTV="2020-08-14T01:03:41.508-0400",Severity="Error",Service="SIP",EventVersion="1",AccountID="9011441519470478",SessionID="0x7f10c43e3a48",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/
...

Dovecot Invalid User Login Attempt.

167.99.156.48 - - [14/Aug/2020:05:26:27 +0100] "POST /wp-login.php HTTP/1.1" 200 2216 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
167.99.156.48 - - [14/Aug/2020:05:26:38 +0100] "POST /wp-login.php HTTP/1.1" 200 2195 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
167.99.156.48 - - [14/Aug/2020:05:26:43 +0100] "POST /xmlrpc.php HTTP/1.1" 403 219 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
...

2020-08-13T23:10:43.8520191495-001 sshd[57929]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.122.98.2  user=root
2020-08-13T23:10:46.3864971495-001 sshd[57929]: Failed password for root from 103.122.98.2 port 54708 ssh2
2020-08-13T23:15:24.3895151495-001 sshd[58137]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.122.98.2  user=root
2020-08-13T23:15:26.5021661495-001 sshd[58137]: Failed password for root from 103.122.98.2 port 36416 ssh2
2020-08-13T23:20:29.5948431495-001 sshd[58305]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.122.98.2  user=root
2020-08-13T23:20:31.5765801495-001 sshd[58305]: Failed password for root from 103.122.98.2 port 46416 ssh2
...

(From zachery.whisler46@outlook.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/1dAy4vPZrdUXvaCsT0J0dHpQcBiCqXElS8hyOwgN2pr8/edit

Automatic report - Banned IP Access

1597376501 - 08/14/2020 05:41:41 Host: 111.76.16.50/111.76.16.50 Port: 445 TCP Blocked