| 172.81.235.238 |
attack |
SSH Invalid Login |
2020-10-03 06:35:02 |
| 103.57.220.28 |
attackspambots |
WordPress wp-login brute force :: 103.57.220.28 0.076 BYPASS [02/Oct/2020:20:41:24 0000] [censored_2] "POST /wp-login.php HTTP/1.1" 200 2577 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-10-03 07:05:44 |
| 34.120.202.146 |
attack |
RU spamvertising, health fraud - From: GlucaFIX
UBE 185.176.220.179 (EHLO gopxk.imkeeperr.com) 2 Cloud Ltd.
Spam link redfloppy.com = 185.246.116.174 Vpsville LLC – phishing redirect:
a) aptrk13.com = 35.204.93.160 Google
b) www.ep20trk.com = 34.120.202.146 Google
c) www.glucafix.us = 104.27.187.98, 104.27.186.98, 172.67.201.182 Cloudflare
d) glucafix.us = ditto
Images -
- http://redfloppy.com/web/imgs/mi1tb6fg.png = dailybetterhealth.com = 104.27.138.27, 104.27.139.27, 172.67.218.161 Cloudflare
- http://redfloppy.com/web/imgs/24sc48jt.png = unsub; no entity/address |
2020-10-03 06:48:21 |
| 122.51.248.76 |
attackspambots |
Oct 3 00:46:04 DAAP sshd[4579]: Invalid user yhlee from 122.51.248.76 port 58192
Oct 3 00:46:04 DAAP sshd[4579]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=122.51.248.76
Oct 3 00:46:04 DAAP sshd[4579]: Invalid user yhlee from 122.51.248.76 port 58192
Oct 3 00:46:06 DAAP sshd[4579]: Failed password for invalid user yhlee from 122.51.248.76 port 58192 ssh2
Oct 3 00:49:28 DAAP sshd[4592]: Invalid user cs from 122.51.248.76 port 53470
... |
2020-10-03 06:55:10 |
| 139.155.91.141 |
attackspambots |
2020-10-02T22:35:38.294198shield sshd\[24953\]: Invalid user git from 139.155.91.141 port 38092
2020-10-02T22:35:38.303149shield sshd\[24953\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.91.141
2020-10-02T22:35:40.415755shield sshd\[24953\]: Failed password for invalid user git from 139.155.91.141 port 38092 ssh2
2020-10-02T22:40:28.378099shield sshd\[25266\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.91.141 user=root
2020-10-02T22:40:30.972083shield sshd\[25266\]: Failed password for root from 139.155.91.141 port 36610 ssh2 |
2020-10-03 06:46:51 |
| 222.186.42.57 |
attackspam |
Oct 2 19:47:07 shivevps sshd[10678]: Failed password for root from 222.186.42.57 port 34526 ssh2
Oct 2 19:47:13 shivevps sshd[10680]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.42.57 user=root
Oct 2 19:47:15 shivevps sshd[10680]: Failed password for root from 222.186.42.57 port 64609 ssh2
... |
2020-10-03 06:57:12 |
| 165.22.98.186 |
attack |
DATE:2020-10-03 00:44:05, IP:165.22.98.186, PORT:ssh SSH brute force auth (docker-dc) |
2020-10-03 07:00:24 |
| 1.255.48.197 |
attack |
(From annabelle@merchantpay.top) I have a quick question about working with your business. Like most business owners you just want to survive through to 2021. In order for that to happen you need to save every dollar possible right? This is an honest question, would you continue with the high credit card processing fees if there was another way? New laws are on your side. Test this newly released card processing model this October - just send a phone number and we'll call.
$24.99/mo Flat Fee Credit Card Processing (Unlimited)
1) As a small business owner accepting credit/debit, recently passed State Laws are on your side. - Were you aware?
New state regulations now in effect, the law was successfully passed in 46 states - effective since August 2019.
Since that date you shouldn't be paying above 0.75% Credit Card Processing Fees.
2) You're legally able to demand this new option.
Bottom Line: Your processor isn't telling you everything. Why are they hiding the lower fee options?
We repre |
2020-10-03 06:58:51 |
| 81.18.134.18 |
attack |
Unauthorised access (Oct 2) SRC=81.18.134.18 LEN=52 TTL=118 ID=15089 DF TCP DPT=445 WINDOW=8192 SYN |
2020-10-03 06:36:03 |
| 114.232.109.187 |
attack |
SSH Invalid Login |
2020-10-03 06:38:00 |
| 182.126.87.169 |
attack |
DATE:2020-10-02 22:38:55, IP:182.126.87.169, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-10-03 07:04:32 |
| 13.80.46.69 |
attack |
TCP (SYN) 13.80.46.69:1152 -> port 445, len 44 |
2020-10-03 06:38:13 |
| 122.155.223.59 |
attackspam |
SSH Invalid Login |
2020-10-03 06:48:46 |
| 101.133.174.69 |
attackbotsspam |
101.133.174.69 - - [03/Oct/2020:01:07:05 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
101.133.174.69 - - [03/Oct/2020:01:07:09 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
101.133.174.69 - - [03/Oct/2020:01:07:12 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-10-03 07:16:00 |
| 27.151.115.81 |
attackspam |
port scan and connect, tcp 1433 (ms-sql-s) |
2020-10-03 06:55:49 |