| 106.55.167.58 |
attack |
sshd: Failed password for invalid user .... from 106.55.167.58 port 54504 ssh2 (7 attempts) |
2020-10-03 19:47:35 |
| 207.244.252.113 |
attackspambots |
(From annabelle@merchantpay.top) I have a quick question about working with your business. Like most business owners you just want to survive through to 2021. In order for that to happen you need to save every dollar possible right? This is an honest question, would you continue with the high credit card processing fees if there was another way? New laws are on your side. Test this newly released card processing model this October - just send a phone number and we'll call.
$24.99/mo Flat Fee Credit Card Processing (Unlimited)
1) As a small business owner accepting credit/debit, recently passed State Laws are on your side. - Were you aware?
New state regulations now in effect, the law was successfully passed in 46 states - effective since August 2019.
Since that date you shouldn't be paying above 0.75% Credit Card Processing Fees.
2) You're legally able to demand this new option.
Bottom Line: Your processor isn't telling you everything. Why are they hiding the lower fee options?
We repre |
2020-10-03 20:02:21 |
| 190.85.163.46 |
attackbotsspam |
2020-10-03T10:07:13.993947shield sshd\[19806\]: Invalid user ansible from 190.85.163.46 port 49765
2020-10-03T10:07:14.005630shield sshd\[19806\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46
2020-10-03T10:07:16.468801shield sshd\[19806\]: Failed password for invalid user ansible from 190.85.163.46 port 49765 ssh2
2020-10-03T10:11:28.705758shield sshd\[20209\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=190.85.163.46 user=root
2020-10-03T10:11:30.366648shield sshd\[20209\]: Failed password for root from 190.85.163.46 port 53818 ssh2 |
2020-10-03 19:39:22 |
| 157.245.244.212 |
attackbots |
SSH brute-force attack detected from [157.245.244.212] |
2020-10-03 19:36:59 |
| 5.154.243.131 |
attack |
$f2bV_matches |
2020-10-03 19:28:01 |
| 194.87.138.33 |
attackbotsspam |
DATE:2020-10-02 22:33:48, IP:194.87.138.33, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-10-03 19:46:24 |
| 143.255.130.2 |
attack |
2020-10-03T09:51:17.813880abusebot-4.cloudsearch.cf sshd[14119]: Invalid user ubuntu from 143.255.130.2 port 44886
2020-10-03T09:51:17.822282abusebot-4.cloudsearch.cf sshd[14119]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.130.2
2020-10-03T09:51:17.813880abusebot-4.cloudsearch.cf sshd[14119]: Invalid user ubuntu from 143.255.130.2 port 44886
2020-10-03T09:51:19.568242abusebot-4.cloudsearch.cf sshd[14119]: Failed password for invalid user ubuntu from 143.255.130.2 port 44886 ssh2
2020-10-03T09:55:37.486080abusebot-4.cloudsearch.cf sshd[14171]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=143.255.130.2 user=root
2020-10-03T09:55:39.926063abusebot-4.cloudsearch.cf sshd[14171]: Failed password for root from 143.255.130.2 port 54472 ssh2
2020-10-03T10:00:18.144919abusebot-4.cloudsearch.cf sshd[14221]: Invalid user teamspeak from 143.255.130.2 port 35838
... |
2020-10-03 19:54:07 |
| 129.28.169.185 |
attackspambots |
Invalid user kang from 129.28.169.185 port 56482 |
2020-10-03 20:06:59 |
| 166.170.223.56 |
attack |
Brute forcing email accounts |
2020-10-03 19:40:18 |
| 189.52.77.150 |
attackbots |
1601670848 - 10/02/2020 22:34:08 Host: 189.52.77.150/189.52.77.150 Port: 445 TCP Blocked
... |
2020-10-03 19:33:01 |
| 118.70.170.120 |
attackbots |
Invalid user mcguitaruser from 118.70.170.120 port 41760 |
2020-10-03 19:44:36 |
| 174.217.20.86 |
attack |
Brute forcing email accounts |
2020-10-03 19:26:45 |
| 185.147.215.8 |
attack |
[2020-10-03 07:36:48] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.147.215.8:50507' - Wrong password
[2020-10-03 07:36:48] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T07:36:48.249-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="681",SessionID="0x7f22f8572958",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/50507",Challenge="62416b62",ReceivedChallenge="62416b62",ReceivedHash="6b5b9a01efe696a27b885be9697d29a8"
[2020-10-03 07:39:23] NOTICE[1182] chan_sip.c: Registration from '' failed for '185.147.215.8:56379' - Wrong password
[2020-10-03 07:39:23] SECURITY[1204] res_security_log.c: SecurityEvent="InvalidPassword",EventTV="2020-10-03T07:39:23.343-0400",Severity="Error",Service="SIP",EventVersion="2",AccountID="195",SessionID="0x7f22f83b6678",LocalAddress="IPV4/UDP/192.168.244.6/5060",RemoteAddress="IPV4/UDP/185.147.215.8/563
... |
2020-10-03 19:50:32 |
| 212.129.16.53 |
attackbotsspam |
Invalid user mailman from 212.129.16.53 port 55374 |
2020-10-03 19:51:01 |
| 103.141.174.130 |
attackbotsspam |
srvr2: (mod_security) mod_security (id:920350) triggered by 103.141.174.130 (BD/-/-): 1 in the last 600 secs; Ports: *; Direction: inout; Trigger: LF_MODSEC; Logs: 2020/10/02 22:33:37 [error] 142888#0: *187758 [client 103.141.174.130] ModSecurity: Access denied with code 406 (phase 2). Matched "Operator `Rx' with parameter `^[\d.:]+$' against variable `REQUEST_HEADERS:Host' [redacted] [file "/etc/modsecurity.d/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "718"] [id "920350"] [rev ""] [msg "Host header is a numeric IP address"] [redacted] [severity "4"] [ver "OWASP_CRS/3.3.0"] [maturity "0"] [accuracy "0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "paranoia-level/1"] [tag "OWASP_CRS"] [tag "capec/1000/210/272"] [tag "PCI/6.5.10"] [redacted] [uri "/"] [unique_id "160167081795.491896"] [ref "o0,15v21,15"], client: 103.141.174.130, [redacted] request: "GET / HTTP/1.1" [redacted] |
2020-10-03 19:51:23 |