| 192.35.168.80 |
attack |
Honeypot hit: [2020-09-06 00:46:51 +0300] Connected from 192.35.168.80 to (HoneypotIP):110 |
2020-09-06 13:24:26 |
| 66.240.192.138 |
attack |
TCP (SYN) 66.240.192.138:17313 -> port 465, len 44 |
2020-09-06 13:16:29 |
| 207.244.252.113 |
attackbots |
(From superior@brainboost.com) From:
HEADLINE NEWS August 2020
Bill Gates: "Americans Must Use This... I Never Leave Home Without Taking It First"
That's Bill Gates talking about this breakthrough treatment for getting his brain back in top shape. He is not happy with where the country is headed and so he has poured money into a treatment that has rescued his mental clarity and it's doing the same accross the nation.
Speaking on the TODAY Show last month, Bill Gates, Founder of Microsoft, spoke to the audience... "America is losing because of our own stupidity" We have got to change the way things are. You won't believe what Mr. Gates said he uses... "
Full Story Inside >
https://dclks.com/click.cgi?a=662x9a3059&o=72x335249&t=85x34d6a5&sub2=brain
If you have a brain you must use this. See what the Sharks say... |
2020-09-06 13:14:16 |
| 138.122.97.118 |
attackbots |
Sep 5 16:17:25 mailman postfix/smtpd[11570]: warning: unknown[138.122.97.118]: SASL PLAIN authentication failed: authentication failure |
2020-09-06 13:05:22 |
| 61.177.172.168 |
attack |
Sep 6 07:24:01 plg sshd[12098]: Failed none for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:01 plg sshd[12098]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=61.177.172.168 user=root
Sep 6 07:24:03 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:07 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:11 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:14 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:19 plg sshd[12098]: Failed password for invalid user root from 61.177.172.168 port 52973 ssh2
Sep 6 07:24:19 plg sshd[12098]: error: maximum authentication attempts exceeded for invalid user root from 61.177.172.168 port 52973 ssh2 [preauth]
... |
2020-09-06 13:26:11 |
| 162.158.159.140 |
attack |
srv02 Scanning Webserver Target(80:http) Events(1) .. |
2020-09-06 13:27:18 |
| 165.90.3.122 |
attack |
[Sun Sep 06 03:13:25.153543 2020] [:error] [pid 2754:tid 140397330274048] [client 165.90.3.122:65500] [client 165.90.3.122] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "972"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "X1PxZdlmuncnyx65RuMHlQAAAGU"]
... |
2020-09-06 13:06:58 |
| 185.234.219.230 |
attack |
Sep 5 21:19:20 baraca dovecot: auth-worker(46691): passwd(arodriguez,185.234.219.230): unknown user
Sep 5 22:02:10 baraca dovecot: auth-worker(49707): passwd(wedding,185.234.219.230): unknown user
Sep 5 22:44:30 baraca dovecot: auth-worker(52517): passwd(restore,185.234.219.230): unknown user
Sep 5 23:27:58 baraca dovecot: auth-worker(55592): passwd(jason,185.234.219.230): unknown user
Sep 6 00:11:16 baraca dovecot: auth-worker(58840): passwd(laser,185.234.219.230): unknown user
Sep 6 00:55:12 baraca dovecot: auth-worker(61307): passwd(dentrix,185.234.219.230): unknown user
... |
2020-09-06 13:09:28 |
| 190.14.47.108 |
attack |
failed_logins |
2020-09-06 13:07:43 |
| 211.142.26.106 |
attackspam |
Sep 5 23:35:00 ip106 sshd[8913]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=211.142.26.106
Sep 5 23:35:02 ip106 sshd[8913]: Failed password for invalid user carter from 211.142.26.106 port 8393 ssh2
... |
2020-09-06 13:30:43 |
| 162.214.111.167 |
attackspambots |
TCP (SYN) 162.214.111.167:45179 -> port 2152, len 44 |
2020-09-06 13:04:21 |
| 148.72.209.9 |
attackspambots |
148.72.209.9 - - [06/Sep/2020:07:34:33 +0200] "GET /wp-login.php HTTP/1.1" 200 9061 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
148.72.209.9 - - [06/Sep/2020:07:34:36 +0200] "POST /wp-login.php HTTP/1.1" 200 9312 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0"
148.72.209.9 - - [06/Sep/2020:07:34:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 427 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2020-09-06 13:36:52 |
| 157.230.42.11 |
attackbots |
Sep 5 18:34:24 ns382633 sshd\[28910\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root
Sep 5 18:34:26 ns382633 sshd\[28910\]: Failed password for root from 157.230.42.11 port 56584 ssh2
Sep 5 18:59:20 ns382633 sshd\[501\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root
Sep 5 18:59:22 ns382633 sshd\[501\]: Failed password for root from 157.230.42.11 port 47282 ssh2
Sep 5 19:21:29 ns382633 sshd\[4417\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=157.230.42.11 user=root |
2020-09-06 13:14:41 |
| 85.165.38.54 |
attackspambots |
BURG,WP GET /wp-login.php |
2020-09-06 13:28:25 |
| 187.85.29.54 |
attackbotsspam |
TCP (SYN) 187.85.29.54:17485 -> port 23, len 44 |
2020-09-06 13:37:06 |