| 45.58.50.135 |
attackspam |
(From keithhoff@imail.party)
Hello,
I have not received an update regarding measures you're taking to combat COVID-19. I hope you'll assure us that you are following all recently released guidelines and taking every precaution to protect our community?
I'm very concerned that countless young people are not taking COVID-19 seriously (ex. the Spring Break beaches are still packed). I think the only way to combat this 'whatever attitude' is by sharing as much information as possible.
I hope you will add an alert banner with a link to the CDC's coronavirus page (https://www.cdc.gov/coronavirus/2019-ncov/index.html) or the WHO's page. More importantly, please consider copy & pasting this Creative Commons 4.0 (free to re-publish) article to your site (https://covidblog.info).
Without strict measures and an *educated community*, the number of cases will increase exponentially throughout the global population!
Stay safe,
Keith |
2020-03-20 06:11:43 |
| 123.30.149.76 |
attackbots |
$f2bV_matches_ltvn |
2020-03-20 06:19:07 |
| 123.25.30.87 |
attackbots |
2020-03-1922:52:231jF35R-0003vs-34\<=info@whatsup2013.chH=\(localhost\)[123.25.30.87]:48740P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3653id=0A0FB9EAE1351BA87471388044535516@whatsup2013.chT="iamChristina"forthomaseppler87@gmail.commarcusr0456@gmail.com2020-03-1922:54:231jF37P-00049q-9p\<=info@whatsup2013.chH=cpe.xe-2-1-1-800.aaanqe10.dk.customer.tdc.net\(localhost\)[2.109.111.130]:36891P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3692id=BBBE085B5084AA19C5C08931F5E2AF83@whatsup2013.chT="iamChristina"fordriesie83@gmail.comadam1z@hotmail.com2020-03-1922:53:291jF36W-00043a-Tq\<=info@whatsup2013.chH=\(localhost\)[123.20.187.163]:57951P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:info@whatsup2013.chS=3597id=686DDB88835779CA16135AE226872822@whatsup2013.chT="iamChristina"forag2013762@gmail.comryanpfisher34@gmail.com2020-03-1922:53:111jF36F-00042D-BJ\<=info@whatsup2013.chH=\(localhost\)[14.169.17 |
2020-03-20 06:12:37 |
| 173.211.31.234 |
attackspambots |
(From keithhoff@imail.party)
Hello,
I have not received an update regarding measures you're taking to combat COVID-19. I hope you'll assure us that you are following all recently released guidelines and taking every precaution to protect our community?
I'm very concerned that countless young people are not taking COVID-19 seriously (ex. the Spring Break beaches are still packed). I think the only way to combat this 'whatever attitude' is by sharing as much information as possible.
I hope you will add an alert banner with a link to the CDC's coronavirus page (https://www.cdc.gov/coronavirus/2019-ncov/index.html) or the WHO's page. More importantly, please consider copy & pasting this Creative Commons 4.0 (free to re-publish) article to your site (https://covidblog.info).
Without strict measures and an *educated community*, the number of cases will increase exponentially throughout the global population!
Stay safe,
Keith |
2020-03-20 06:15:50 |
| 107.179.192.160 |
attackspambots |
CMS (WordPress or Joomla) login attempt. |
2020-03-20 06:28:47 |
| 141.98.10.127 |
attack |
[2020-03-19 17:54:42] NOTICE[1148] chan_sip.c: Registration from '' failed for '141.98.10.127:59582' - Wrong password
[2020-03-19 17:54:42] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-19T17:54:42.971-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="Lind",SessionID="0x7fd82c530768",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/141.98.10.127/59582",Challenge="5dd753a4",ReceivedChallenge="5dd753a4",ReceivedHash="28aed93faa5711038a04d90082fa1007"
[2020-03-19 17:54:44] NOTICE[1148] chan_sip.c: Registration from '' failed for '141.98.10.127:62998' - Wrong password
[2020-03-19 17:54:44] SECURITY[1163] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-03-19T17:54:44.880-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="harley",SessionID="0x7fd82cdb8718",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/141.98.10
... |
2020-03-20 06:00:28 |
| 35.230.162.59 |
attackspambots |
WordPress login Brute force / Web App Attack on client site. |
2020-03-20 06:21:01 |
| 141.8.183.102 |
attack |
[Fri Mar 20 04:54:23.144502 2020] [:error] [pid 26247:tid 140596796794624] [client 141.8.183.102:52393] [client 141.8.183.102] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "XnPqDwDHKyRZYePqYJvIXgAAAC4"]
... |
2020-03-20 06:15:19 |
| 52.224.180.67 |
attackbotsspam |
Mar 19 21:42:40 XXXXXX sshd[28882]: Invalid user gitlab-psql from 52.224.180.67 port 26502 |
2020-03-20 06:16:19 |
| 187.167.194.79 |
attackbots |
Automatic report - Port Scan Attack |
2020-03-20 06:02:21 |
| 148.233.136.34 |
attackspam |
SSH bruteforce |
2020-03-20 06:07:01 |
| 177.220.175.135 |
attackspambots |
Mar 19 22:53:53 andromeda sshd\[39881\]: Invalid user git from 177.220.175.135 port 6813
Mar 19 22:53:54 andromeda sshd\[39881\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=177.220.175.135
Mar 19 22:53:55 andromeda sshd\[39881\]: Failed password for invalid user git from 177.220.175.135 port 6813 ssh2 |
2020-03-20 06:30:18 |
| 34.237.89.47 |
attackspambots |
Mar 19 23:22:48 markkoudstaal sshd[3977]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=34.237.89.47
Mar 19 23:22:49 markkoudstaal sshd[3977]: Failed password for invalid user git from 34.237.89.47 port 54402 ssh2
Mar 19 23:26:52 markkoudstaal sshd[4528]: Failed password for root from 34.237.89.47 port 47908 ssh2 |
2020-03-20 06:36:38 |
| 111.231.109.151 |
attackbotsspam |
Mar 19 22:47:22 Ubuntu-1404-trusty-64-minimal sshd\[19825\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.109.151 user=root
Mar 19 22:47:23 Ubuntu-1404-trusty-64-minimal sshd\[19825\]: Failed password for root from 111.231.109.151 port 47390 ssh2
Mar 19 22:51:59 Ubuntu-1404-trusty-64-minimal sshd\[23158\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.109.151 user=root
Mar 19 22:52:02 Ubuntu-1404-trusty-64-minimal sshd\[23158\]: Failed password for root from 111.231.109.151 port 59720 ssh2
Mar 19 22:54:03 Ubuntu-1404-trusty-64-minimal sshd\[24007\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=111.231.109.151 user=irc |
2020-03-20 06:28:16 |
| 107.180.21.239 |
attackspam |
This GoDaddy hosted phishing site is impersonating a banking website. |
2020-03-20 06:09:50 |