(From massaro.elvira@outlook.com) Good afternoon, I was just on your site and filled out your "contact us" form. The feedback page on your site sends you these messages to your email account which is why you're reading through my message right now right? That's the most important achievement with any type of online ad, making people actually READ your message and I did that just now with you! If you have an ad message you would like to promote to tons of websites via their contact forms in the US or anywhere in the world send me a quick note now, I can even focus on your required niches and my pricing is super low. Reply here: cluffcathey@gmail.com

cease spam https://bit.ly/3eOn4NP

xmlrpc attack

\[2019-06-30 02:51:17\] NOTICE\[13863\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4988' \(callid: 1608923948-2061755336-1128346913\) - Failed to authenticate
\[2019-06-30 02:51:17\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-30T02:51:17.458+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1608923948-2061755336-1128346913",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/5.62.20.29/4988",Challenge="1561855877/b18a00277b2703bbefddd95b38ce0040",Response="c1bc74bff7d9385f212c17b83ad115fd",ExpectedResponse=""
\[2019-06-30 02:51:17\] NOTICE\[9010\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4988' \(callid: 1608923948-2061755336-1128346913\) - Failed to authenticate
\[2019-06-30 02:51:17\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed"

\[2019-06-28 23:37:05\] NOTICE\[6698\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4810' \(callid: 1212332597-181271954-1975405061\) - Failed to authenticate
\[2019-06-28 23:37:05\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-28T23:37:05.441+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1212332597-181271954-1975405061",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/5.62.20.29/4810",Challenge="1561757825/5a09e93d871d0ec6dbb9aae6ce30519a",Response="009ba431b84c54a04969a67b0e713671",ExpectedResponse=""
\[2019-06-28 23:37:05\] NOTICE\[9010\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4810' \(callid: 1212332597-181271954-1975405061\) - Failed to authenticate
\[2019-06-28 23:37:05\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",Eve

\[2019-06-26 19:10:16\] NOTICE\[6698\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4984' \(callid: 1123662215-1751604747-1881376636\) - Failed to authenticate
\[2019-06-26 19:10:16\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-26T19:10:16.338+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1123662215-1751604747-1881376636",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/5.62.20.29/4984",Challenge="1561569016/0930a85763bf6074b2af47ada1dcffb5",Response="f6c4feac56e0e91df5d7c31b89aa2c48",ExpectedResponse=""
\[2019-06-26 19:10:16\] NOTICE\[13863\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4984' \(callid: 1123662215-1751604747-1881376636\) - Failed to authenticate
\[2019-06-26 19:10:16\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",E

\[2019-06-25 13:54:39\] NOTICE\[6698\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4910' \(callid: 1216347939-613472863-126438486\) - Failed to authenticate
\[2019-06-25 13:54:39\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventTV="2019-06-25T13:54:39.174+0200",Severity="Error",Service="PJSIP",EventVersion="1",AccountID="\",SessionID="1216347939-613472863-126438486",LocalAddress="IPV4/UDP/188.40.118.248/5060",RemoteAddress="IPV4/UDP/5.62.20.29/4910",Challenge="1561463679/908ad69afd13bf595c71f9ddde1414b5",Response="97a521c61d622031eeb01fbc8b4087bc",ExpectedResponse=""
\[2019-06-25 13:54:39\] NOTICE\[5109\] res_pjsip/pjsip_distributor.c: Request 'REGISTER' from '\' failed for '5.62.20.29:4910' \(callid: 1216347939-613472863-126438486\) - Failed to authenticate
\[2019-06-25 13:54:39\] SECURITY\[3671\] res_security_log.c: SecurityEvent="ChallengeResponseFailed",EventT

Automatic report - Banned IP Access

(From mccloughry.belen@outlook.com) Are You interested in advertising that charges less than $49 every month and sends thousands of people who are ready to buy directly to your website? For details visit: http://www.buy-website-traffic.xyz

(From mccloughry.belen@outlook.com) Are You interested in advertising that charges less than $49 every month and sends thousands of people who are ready to buy directly to your website? For details visit: http://www.buy-website-traffic.xyz

(From carlota.colleano@googlemail.com) Looking for fresh buyers? Get thousands of people who are ready to buy sent directly to your website. Boost your profits super fast. Start seeing results in as little as 48 hours. To get details Check out: http://bit.ly/buy-website-visitors

0,59-02/04 [bc00/m59] PostRequest-Spammer scoring: lisboa

0,59-02/04 [bc00/m59] PostRequest-Spammer scoring: lisboa

0,59-02/04 [bc00/m59] PostRequest-Spammer scoring: lisboa

0,53-03/06 [bc01/m62] PostRequest-Spammer scoring: essen

0,53-03/06 [bc01/m62] PostRequest-Spammer scoring: essen

Sunday, August 30, 2020 11:43 PM Received from: 5.62.20.47  From: Ramon Omar  Muslim email spam solicitation form spam bot

(From yvette.whiteman@outlook.com) Good evening, I was just checking out your website and filled out your feedback form. The feedback page on your site sends you these messages to your email account which is the reason you're reading through my message right now correct? That's the holy grail with any type of advertising, making people actually READ your advertisement and this is exactly what you're doing now! If you have an ad message you would like to promote to thousands of websites via their contact forms in the US or to any country worldwide let me know, I can even focus on specific niches and my charges are very low. Shoot me an email here: danialuciano8439@gmail.com

report abuse here https://bit.ly/2VBnm2R

(From blankenship.ricky@hotmail.com) Hi, I was just checking out your site and submitted this message via your contact form. The contact page on your site sends you these messages via email which is the reason you're reading my message at this moment right? That's the most important accomplishment with any type of online ad, getting people to actually READ your message and this is exactly what you're doing now! If you have something you would like to promote to millions of websites via their contact forms in the U.S. or to any country worldwide let me know, I can even focus on your required niches and my pricing is very reasonable. Reply here: kinleytrey96@gmail.com

discontinue seeing these ad messages https://bit.ly/2yp4480

0,55-11/02 [bc01/m17] PostRequest-Spammer scoring: essen

0,58-03/03 [bc01/m23] PostRequest-Spammer scoring: berlin

1,42-02/04 [bc01/m65] PostRequest-Spammer scoring: berlin

Sep 20 06:17:42 [host] sshd[28137]: pam_unix(sshd:
Sep 20 06:17:44 [host] sshd[28137]: Failed passwor
Sep 20 06:21:43 [host] sshd[28153]: pam_unix(sshd:

[N10.H2.VM2] Port Scanner Detected Blocked by UFW

Sep 20 07:25:57 hosting sshd[19290]: Invalid user catadmin from 139.155.71.61 port 59906
Sep 20 07:25:57 hosting sshd[19290]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.155.71.61
Sep 20 07:25:57 hosting sshd[19290]: Invalid user catadmin from 139.155.71.61 port 59906
Sep 20 07:25:59 hosting sshd[19290]: Failed password for invalid user catadmin from 139.155.71.61 port 59906 ssh2
Sep 20 07:43:47 hosting sshd[21109]: Invalid user test1 from 139.155.71.61 port 33230
...

SSH 2020-09-20 01:23:12	3.216.7.137	139.99.22.221	>	POST	sketsagram.com	/wp-login.php	HTTP/1.1	-	-
2020-09-20 07:47:14	3.216.7.137	139.99.22.221	>	GET	presidenonline.com	/wp-login.php	HTTP/1.1	-	-
2020-09-20 07:47:15	3.216.7.137	139.99.22.221	>	POST	presidenonline.com	/wp-login.php	HTTP/1.1	-	-

2020-09-20T07:49:14.332493lavrinenko.info sshd[14876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130  user=root
2020-09-20T07:49:16.640114lavrinenko.info sshd[14876]: Failed password for root from 222.186.180.130 port 17371 ssh2
2020-09-20T07:49:14.332493lavrinenko.info sshd[14876]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.180.130  user=root
2020-09-20T07:49:16.640114lavrinenko.info sshd[14876]: Failed password for root from 222.186.180.130 port 17371 ssh2
2020-09-20T07:49:20.114997lavrinenko.info sshd[14876]: Failed password for root from 222.186.180.130 port 17371 ssh2
...

Multiple SSH authentication failures from 111.93.58.18

2020-09-20T04:13:22.295451upcloud.m0sh1x2.com sshd[8534]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=95.ip-91-134-135.eu  user=root
2020-09-20T04:13:23.851182upcloud.m0sh1x2.com sshd[8534]: Failed password for root from 91.134.135.95 port 39452 ssh2

Sep 19 22:29:44 staging sshd[42786]: Invalid user gpadmin from 103.98.17.75 port 37872
Sep 19 22:29:46 staging sshd[42786]: Failed password for invalid user gpadmin from 103.98.17.75 port 37872 ssh2
Sep 19 22:33:42 staging sshd[42820]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.98.17.75  user=root
Sep 19 22:33:44 staging sshd[42820]: Failed password for root from 103.98.17.75 port 48462 ssh2
...

10 attempts against mh-pma-try-ban on river

Sep 20 07:14:28 site1 sshd\[9767\]: Invalid user postgres from 103.133.214.157Sep 20 07:14:29 site1 sshd\[9767\]: Failed password for invalid user postgres from 103.133.214.157 port 40992 ssh2Sep 20 07:18:44 site1 sshd\[9864\]: Invalid user mxuser from 103.133.214.157Sep 20 07:18:46 site1 sshd\[9864\]: Failed password for invalid user mxuser from 103.133.214.157 port 44412 ssh2Sep 20 07:22:54 site1 sshd\[9942\]: Invalid user test from 103.133.214.157Sep 20 07:22:56 site1 sshd\[9942\]: Failed password for invalid user test from 103.133.214.157 port 47832 ssh2
...

ssh brute force

Automatic report - Banned IP Access

Found on   Binary Defense     / proto=6  .  srcport=3567  .  dstport=1433  .     (2315)

54.39.16.73 (CA/Canada/-), 8 distributed sshd attacks on account [root] in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_DISTATTACK; Logs: Sep 20 00:07:30 server5 sshd[26855]: Failed password for root from 51.75.249.224 port 53550 ssh2
Sep 20 00:07:13 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2
Sep 20 00:07:16 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2
Sep 20 00:07:36 server5 sshd[27125]: Failed password for root from 54.39.16.73 port 49026 ssh2
Sep 20 00:07:07 server5 sshd[26653]: Failed password for root from 51.158.111.157 port 50914 ssh2
Sep 20 00:07:11 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2
Sep 20 00:07:18 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2
Sep 20 00:07:20 server5 sshd[26736]: Failed password for root from 198.251.83.73 port 35698 ssh2

IP Addresses Blocked:

51.75.249.224 (FR/France/-)
198.251.83.73 (US/United States/-)

Sep 20 06:54:05 h2829583 sshd[1449]: Failed password for root from 89.163.223.246 port 54678 ssh2