Dec 10 23:59:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:50383 -> 97.120.154.75:3389
Dec 10 23:59:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:50383 -> 97.120.154.75:3389
Dec 10 23:58:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:48566 -> 97.120.154.75:5670
Dec 10 23:58:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:48566 -> 97.120.154.75:5670
Dec 10 23:58:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:42325 -> 97.120.154.75:20470
Dec 10 23:58:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:42325 -> 97.120.154.75:20470
Dec 10 23:57:35 snort[29511]: [1:2403372:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.12.169:59714 -> 97.120.154.75:19
Dec 10 23:57:35 snort[29511]: [1:2403372:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.12.169:59714 -> 97.120.154.75:19
Dec 10 23:55:52 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 14.29.111.160:44370 -> 97.120.154.75:1433
Dec 10 23:55:52 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 14.29.111.160:44370 -> 97.120.154.75:1433
Dec 10 23:55:52 snort[29511]: [1:2403314:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 8 [Classification: Misc Attack] [Priority: 2] {TCP} 14.29.111.160:44370 -> 97.120.154.75:1433
Dec 10 23:55:52 snort[29511]: [1:2403314:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 8 [Classification: Misc Attack] [Priority: 2] {TCP} 14.29.111.160:44370 -> 97.120.154.75:1433
Dec 10 23:55:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.61:19094 -> 97.120.154.75:27017
Dec 10 23:55:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.61:19094 -> 97.120.154.75:27017
Dec 10 23:54:31 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:39427 -> 97.120.154.75:8089
Dec 10 23:54:31 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:39427 -> 97.120.154.75:8089
Dec 10 23:54:24 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5091 -> 97.120.154.75:5060
Dec 10 23:54:24 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5091 -> 97.120.154.75:5060
Dec 10 23:54:24 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5091 -> 97.120.154.75:5060
Dec 10 23:54:24 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5091 -> 97.120.154.75:5060
Dec 10 23:54:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1892
Dec 10 23:54:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1892
Dec 10 23:53:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:45805 -> 97.120.154.75:38499
Dec 10 23:53:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:45805 -> 97.120.154.75:38499
Dec 10 23:53:51 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 197.159.134.22:44420 -> 97.120.154.75:1433
Dec 10 23:53:51 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 197.159.134.22:44420 -> 97.120.154.75:1433
Dec 10 23:52:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:20118 -> 97.120.154.75:8089
Dec 10 23:52:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:20118 -> 97.120.154.75:8089
Dec 10 23:52:16 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:20118 -> 97.120.154.75:8089
Dec 10 23:52:16 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:20118 -> 97.120.154.75:8089
Dec 10 23:51:59 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9075
Dec 10 23:51:59 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9075
Dec 10 23:49:42 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:38304 -> 97.120.154.75:139
Dec 10 23:49:42 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:38304 -> 97.120.154.75:139
Dec 10 23:49:42 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:38304 -> 97.120.154.75:139
Dec 10 23:49:42 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:38304 -> 97.120.154.75:139
Dec 10 23:47:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.154.75:5128
Dec 10 23:47:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.154.75:5128
Dec 10 23:47:30 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:49351
Dec 10 23:47:30 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:49351
Dec 10 23:47:18 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.147.254:29011 -> 97.120.154.75:7777
Dec 10 23:47:18 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.147.254:29011 -> 97.120.154.75:7777
Dec 10 23:46:21 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:56952 -> 97.120.154.75:1028
Dec 10 23:46:21 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:56952 -> 97.120.154.75:1028
Dec 10 23:46:21 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:56952 -> 97.120.154.75:1028
Dec 10 23:46:21 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:56952 -> 97.120.154.75:1028
Dec 10 23:46:02 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 119.147.214.15:49956 -> 97.120.154.75:1433
Dec 10 23:46:02 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 119.147.214.15:49956 -> 97.120.154.75:1433
Dec 10 23:43:33 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41780 -> 97.120.154.75:1069
Dec 10 23:43:33 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41780 -> 97.120.154.75:1069
Dec 10 23:43:33 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41780 -> 97.120.154.75:1069
Dec 10 23:43:33 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41780 -> 97.120.154.75:1069
Dec 10 23:42:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:401
Dec 10 23:42:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:401
Dec 10 23:42:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3383
Dec 10 23:42:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3383
Dec 10 23:41:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:41784 -> 97.120.154.75:36179
Dec 10 23:41:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:41784 -> 97.120.154.75:36179
Dec 10 23:40:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.227:37604 -> 97.120.154.75:22163
Dec 10 23:40:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.227:37604 -> 97.120.154.75:22163
Dec 10 23:40:20 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.74.186.117:51889 -> 97.120.154.75:1433
Dec 10 23:40:20 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.74.186.117:51889 -> 97.120.154.75:1433
Dec 10 23:40:20 snort[29511]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.74.186.117:51889 -> 97.120.154.75:1433
Dec 10 23:40:20 snort[29511]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.74.186.117:51889 -> 97.120.154.75:1433
Dec 10 23:40:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:8787
Dec 10 23:40:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:8787
Dec 10 23:39:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:53245 -> 97.120.154.75:60464
Dec 10 23:39:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:53245 -> 97.120.154.75:60464
Dec 10 23:38:30 snort[29511]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.202:57236 -> 97.120.154.75:3283
Dec 10 23:38:30 snort[29511]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.202:57236 -> 97.120.154.75:3283
Dec 10 23:37:26 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.65.105.100:19914 -> 97.120.154.75:1433
Dec 10 23:37:26 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.65.105.100:19914 -> 97.120.154.75:1433
Dec 10 23:36:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:586
Dec 10 23:36:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:586
Dec 10 23:36:09 snort[29511]: [1:2403390:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 46 [Classification: Misc Attack] [Priority: 2] {TCP} 59.148.60.94:38959 -> 97.120.154.75:23
Dec 10 23:36:09 snort[29511]: [1:2403390:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 46 [Classification: Misc Attack] [Priority: 2] {TCP} 59.148.60.94:38959 -> 97.120.154.75:23
Dec 10 23:36:01 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.95.117.22:6807 -> 97.120.154.75:1433
Dec 10 23:36:01 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.95.117.22:6807 -> 97.120.154.75:1433
Dec 10 23:35:33 snort[29511]: [1:2403381:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 [Classification: Misc Attack] [Priority: 2] {UDP} 52.73.169.169:51366 -> 97.120.154.75:161
Dec 10 23:35:33 snort[29511]: [1:2403381:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 [Classification: Misc Attack] [Priority: 2] {UDP} 52.73.169.169:51366 -> 97.120.154.75:161
Dec 10 23:32:19 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.118:60000 -> 97.120.154.75:143
Dec 10 23:32:19 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.118:60000 -> 97.120.154.75:143
Dec 10 23:30:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:46067 -> 97.120.154.75:5674
Dec 10 23:30:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:46067 -> 97.120.154.75:5674
Dec 10 23:30:21 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 124.205.183.42:56696 -> 97.120.154.75:1433
Dec 10 23:30:21 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 124.205.183.42:56696 -> 97.120.154.75:1433
Dec 10 23:28:57 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5767
Dec 10 23:28:57 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5767
Dec 10 23:27:16 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.4.29.174:54339 -> 97.120.154.75:1433
Dec 10 23:27:16 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.4.29.174:54339 -> 97.120.154.75:1433
Dec 10 23:26:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:50424 -> 97.120.154.75:43252
Dec 10 23:26:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:50424 -> 97.120.154.75:43252
Dec 10 23:25:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:42692 -> 97.120.154.75:48010
Dec 10 23:25:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:42692 -> 97.120.154.75:48010
Dec 10 23:25:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.154.75:1819
Dec 10 23:25:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.154.75:1819
Dec 10 23:25:08 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:55941 -> 97.120.154.75:465
Dec 10 23:25:08 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:55941 -> 97.120.154.75:465
Dec 10 23:24:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:48855 -> 97.120.154.75:8295
Dec 10 23:24:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:48855 -> 97.120.154.75:8295
Dec 10 23:22:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:266
Dec 10 23:22:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:266
Dec 10 23:22:22 snort[29511]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.172.8.10:40001 -> 97.120.154.75:445
Dec 10 23:22:22 snort[29511]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.172.8.10:40001 -> 97.120.154.75:445
Dec 10 23:22:12 snort[29511]: [1:2403444:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 73 [Classification: Misc Attack] [Priority: 2] {TCP} 82.221.105.6:30909 -> 97.120.154.75:14147
Dec 10 23:22:12 snort[29511]: [1:2403444:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 73 [Classification: Misc Attack] [Priority: 2] {TCP} 82.221.105.6:30909 -> 97.120.154.75:14147
Dec 10 23:21:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:46314 -> 97.120.154.75:11366
Dec 10 23:21:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:46314 -> 97.120.154.75:11366
Dec 10 23:21:50 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:46314 -> 97.120.154.75:11366
Dec 10 23:21:50 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:46314 -> 97.120.154.75:11366
Dec 10 23:20:30 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1475
Dec 10 23:20:30 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1475
Dec 10 23:20:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:46645 -> 97.120.154.75:55962
Dec 10 23:20:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:46645 -> 97.120.154.75:55962
Dec 10 23:18:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:41791 -> 97.120.154.75:28026
Dec 10 23:18:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:41791 -> 97.120.154.75:28026
Dec 10 23:18:31 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:41791 -> 97.120.154.75:28026
Dec 10 23:18:31 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:41791 -> 97.120.154.75:28026
Dec 10 23:17:36 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.154.75:6203
Dec 10 23:17:36 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.154.75:6203
Dec 10 23:14:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5221
Dec 10 23:14:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5221
Dec 10 23:14:14 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.163.159.70:48963 -> 97.120.154.75:1433
Dec 10 23:14:14 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.163.159.70:48963 -> 97.120.154.75:1433
Dec 10 23:13:32 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:47382 -> 97.120.154.75:4022
Dec 10 23:13:32 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:47382 -> 97.120.154.75:4022
Dec 10 23:13:32 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:47382 -> 97.120.154.75:4022
Dec 10 23:13:32 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:47382 -> 97.120.154.75:4022
Dec 10 23:13:06 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:50125 -> 97.120.154.75:20219
Dec 10 23:13:06 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:50125 -> 97.120.154.75:20219
Dec 10 23:12:23 snort[29511]: [1:2403326:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 [Classification: Misc Attack] [Priority: 2] {TCP} 35.204.232.74:56116 -> 97.120.154.75:9306
Dec 10 23:12:23 snort[29511]: [1:2403326:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 [Classification: Misc Attack] [Priority: 2] {TCP} 35.204.232.74:56116 -> 97.120.154.75:9306
Dec 10 23:12:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33889
Dec 10 23:12:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33889
Dec 10 23:12:16 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33889
Dec 10 23:12:16 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33889
Dec 10 23:11:26 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.205.176.28:65491 -> 97.120.154.75:1433
Dec 10 23:11:26 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.205.176.28:65491 -> 97.120.154.75:1433
Dec 10 23:10:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:6887
Dec 10 23:10:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:6887
Dec 10 23:09:52 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.130.155:46400 -> 97.120.154.75:7002
Dec 10 23:09:52 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.130.155:46400 -> 97.120.154.75:7002
Dec 10 23:08:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.89:53192 -> 97.120.154.75:9030
Dec 10 23:08:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.89:53192 -> 97.120.154.75:9030
Dec 10 23:07:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.154.75:6001
Dec 10 23:07:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.154.75:6001
Dec 10 23:06:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:48255 -> 97.120.154.75:8293
Dec 10 23:06:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:48255 -> 97.120.154.75:8293
Dec 10 23:04:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46821 -> 97.120.154.75:8089
Dec 10 23:04:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46821 -> 97.120.154.75:8089
Dec 10 23:04:56 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46821 -> 97.120.154.75:8089
Dec 10 23:04:56 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46821 -> 97.120.154.75:8089
Dec 10 23:04:42 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.182:61000 -> 97.120.154.75:18251
Dec 10 23:04:42 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.182:61000 -> 97.120.154.75:18251
Dec 10 23:04:26 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:53886
Dec 10 23:04:26 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:53886
Dec 10 23:04:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3158
Dec 10 23:04:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3158
Dec 10 23:04:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3065
Dec 10 23:04:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3065
Dec 10 23:03:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23395
Dec 10 23:03:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23395
Dec 10 23:03:33 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23395
Dec 10 23:03:33 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23395
Dec 10 23:02:57 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:5049
Dec 10 23:02:57 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:5049
Dec 10 23:02:47 snort[29511]: [1:2403348:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 [Classification: Misc Attack] [Priority: 2] {TCP} 45.120.39.126:39987 -> 97.120.154.75:23
Dec 10 23:02:47 snort[29511]: [1:2403348:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 [Classification: Misc Attack] [Priority: 2] {TCP} 45.120.39.126:39987 -> 97.120.154.75:23
Dec 10 23:00:38 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2251
Dec 10 23:00:38 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2251
Dec 10 23:00:10 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:47206 -> 97.120.154.75:33910
Dec 10 23:00:10 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:47206 -> 97.120.154.75:33910
Dec 10 22:59:02 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5157
Dec 10 22:59:02 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5157
Dec 10 22:58:52 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:52 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:52 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:52 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:52 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:52 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5102 -> 97.120.154.75:5060
Dec 10 22:58:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10042
Dec 10 22:58:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10042
Dec 10 22:58:40 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 22:58:40 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 22:58:02 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:29698
Dec 10 22:58:02 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:29698
Dec 10 22:56:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:91
Dec 10 22:56:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:91
Dec 10 22:55:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:45144 -> 97.120.154.75:51149
Dec 10 22:55:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:45144 -> 97.120.154.75:51149
Dec 10 22:54:41 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.195.23.135:65237 -> 97.120.154.75:1433
Dec 10 22:54:41 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.195.23.135:65237 -> 97.120.154.75:1433
Dec 10 22:53:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.83:55627 -> 97.120.154.75:3389
Dec 10 22:53:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.83:55627 -> 97.120.154.75:3389
Dec 10 22:53:33 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:14469
Dec 10 22:53:33 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:14469
Dec 10 22:51:56 snort[29511]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.67.135.47:15663 -> 97.120.154.75:23
Dec 10 22:51:56 snort[29511]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.67.135.47:15663 -> 97.120.154.75:23
Dec 10 22:51:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:43403 -> 97.120.154.75:27570
Dec 10 22:51:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:43403 -> 97.120.154.75:27570
Dec 10 22:51:10 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 148.255.62.99:52766 -> 97.120.154.75:1433
Dec 10 22:51:10 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 148.255.62.99:52766 -> 97.120.154.75:1433
Dec 10 22:50:35 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.45:62341 -> 97.120.154.75:111
Dec 10 22:50:35 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.45:62341 -> 97.120.154.75:111
Dec 10 22:50:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:43575 -> 97.120.154.75:8288
Dec 10 22:50:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:43575 -> 97.120.154.75:8288
Dec 10 22:49:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.154.75:169
Dec 10 22:49:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.154.75:169
Dec 10 22:47:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3363
Dec 10 22:47:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3363
Dec 10 22:47:31 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3363
Dec 10 22:47:31 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3363
Dec 10 22:45:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:44303 -> 97.120.154.75:33389
Dec 10 22:45:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:44303 -> 97.120.154.75:33389
Dec 10 22:44:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:24026 -> 97.120.154.75:8089
Dec 10 22:44:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:24026 -> 97.120.154.75:8089
Dec 10 22:44:31 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:24026 -> 97.120.154.75:8089
Dec 10 22:44:31 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:24026 -> 97.120.154.75:8089
Dec 10 22:43:49 snort[29511]: [1:2403344:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 [Classification: Misc Attack] [Priority: 2] {TCP} 42.61.78.62:40189 -> 97.120.154.75:445
Dec 10 22:43:49 snort[29511]: [1:2403344:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 [Classification: Misc Attack] [Priority: 2] {TCP} 42.61.78.62:40189 -> 97.120.154.75:445
Dec 10 22:43:38 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 122.180.145.225:57914 -> 97.120.154.75:1433
Dec 10 22:43:38 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 122.180.145.225:57914 -> 97.120.154.75:1433
Dec 10 22:41:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:50484 -> 97.120.154.75:65200
Dec 10 22:41:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:50484 -> 97.120.154.75:65200
Dec 10 22:41:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.80:55629 -> 97.120.154.75:3389
Dec 10 22:41:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.80:55629 -> 97.120.154.75:3389
Dec 10 22:39:17 snort[29511]: [1:2403415:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 58 [Classification: Misc Attack] [Priority: 2] {UDP} 65.49.20.96:51968 -> 97.120.154.75:443
Dec 10 22:39:17 snort[29511]: [1:2403415:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 58 [Classification: Misc Attack] [Priority: 2] {UDP} 65.49.20.96:51968 -> 97.120.154.75:443
Dec 10 22:35:17 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 94.98.232.22:41828 -> 97.120.154.75:1433
Dec 10 22:35:17 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 94.98.232.22:41828 -> 97.120.154.75:1433
Dec 10 22:34:06 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:32145
Dec 10 22:34:06 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:32145
Dec 10 22:33:43 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 194.169.235.47:40129 -> 97.120.154.75:1433
Dec 10 22:33:43 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 194.169.235.47:40129 -> 97.120.154.75:1433
Dec 10 22:33:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:403
Dec 10 22:33:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:403
Dec 10 22:32:55 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:38762 -> 97.120.154.75:129
Dec 10 22:32:55 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:38762 -> 97.120.154.75:129
Dec 10 22:28:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:42510 -> 97.120.154.75:65367
Dec 10 22:28:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:42510 -> 97.120.154.75:65367
Dec 10 22:27:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:41784 -> 97.120.154.75:36180
Dec 10 22:27:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:41784 -> 97.120.154.75:36180
Dec 10 22:27:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:44727 -> 97.120.154.75:33380
Dec 10 22:27:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:44727 -> 97.120.154.75:33380
Dec 10 22:26:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4408
Dec 10 22:26:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4408
Dec 10 22:26:50 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4408
Dec 10 22:26:50 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4408
Dec 10 22:26:35 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.59.25.2:52961 -> 97.120.154.75:1433
Dec 10 22:26:35 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.59.25.2:52961 -> 97.120.154.75:1433
Dec 10 22:26:35 snort[29511]: [1:2403386:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 [Classification: Misc Attack] [Priority: 2] {TCP} 58.59.25.2:52961 -> 97.120.154.75:1433
Dec 10 22:26:35 snort[29511]: [1:2403386:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 [Classification: Misc Attack] [Priority: 2] {TCP} 58.59.25.2:52961 -> 97.120.154.75:1433
Dec 10 22:24:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8144
Dec 10 22:24:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8144
Dec 10 22:23:23 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5904
Dec 10 22:23:23 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5904
Dec 10 22:23:09 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:47403
Dec 10 22:23:09 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:47403
Dec 10 22:22:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.249.224.40:50839 -> 97.120.154.75:1433
Dec 10 22:22:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.249.224.40:50839 -> 97.120.154.75:1433
Dec 10 22:22:35 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:28954 -> 97.120.154.75:8089
Dec 10 22:22:35 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:28954 -> 97.120.154.75:8089
Dec 10 22:17:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.136:50115 -> 97.120.154.75:8983
Dec 10 22:17:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.136:50115 -> 97.120.154.75:8983
Dec 10 22:15:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:55565 -> 97.120.154.75:8000
Dec 10 22:15:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:55565 -> 97.120.154.75:8000
Dec 10 22:14:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:58460 -> 97.120.154.75:6061
Dec 10 22:14:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:58460 -> 97.120.154.75:6061
Dec 10 22:13:57 snort[29511]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.231.121:60532 -> 97.120.154.75:6881
Dec 10 22:13:57 snort[29511]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.231.121:60532 -> 97.120.154.75:6881
Dec 10 22:11:57 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3388
Dec 10 22:11:57 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3388
Dec 10 22:10:28 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:9966
Dec 10 22:10:28 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:9966
Dec 10 22:09:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.154.75:2007
Dec 10 22:09:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.154.75:2007
Dec 10 22:09:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.6:55111 -> 97.120.154.75:9001
Dec 10 22:09:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.6:55111 -> 97.120.154.75:9001
Dec 10 22:08:55 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:4338
Dec 10 22:08:55 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:4338
Dec 10 22:08:18 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:43231 -> 97.120.154.75:445
Dec 10 22:08:18 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:43231 -> 97.120.154.75:445
Dec 10 22:06:35 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:48408 -> 97.120.154.75:1064
Dec 10 22:06:35 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:48408 -> 97.120.154.75:1064
Dec 10 22:06:35 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:48408 -> 97.120.154.75:1064
Dec 10 22:06:35 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:48408 -> 97.120.154.75:1064
Dec 10 22:03:45 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42897 -> 97.120.154.75:1025
Dec 10 22:03:45 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42897 -> 97.120.154.75:1025
Dec 10 22:03:45 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42897 -> 97.120.154.75:1025
Dec 10 22:03:45 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42897 -> 97.120.154.75:1025
Dec 10 22:03:37 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5092 -> 97.120.154.75:5060
Dec 10 22:03:37 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5092 -> 97.120.154.75:5060
Dec 10 22:03:37 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5092 -> 97.120.154.75:5060
Dec 10 22:03:37 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5092 -> 97.120.154.75:5060
Dec 10 22:02:52 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.99.125.184:45565 -> 97.120.154.75:1433
Dec 10 22:02:52 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.99.125.184:45565 -> 97.120.154.75:1433
Dec 10 22:02:44 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.154.75:5187
Dec 10 22:02:44 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.154.75:5187
Dec 10 22:02:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:384
Dec 10 22:02:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:384
Dec 10 22:01:32 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.146:55635 -> 97.120.154.75:3389
Dec 10 22:01:32 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.146:55635 -> 97.120.154.75:3389
Dec 10 21:59:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:6565
Dec 10 21:59:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:6565
Dec 10 21:56:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:9963
Dec 10 21:56:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:9963
Dec 10 21:56:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:10920
Dec 10 21:56:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:10920
Dec 10 21:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1930
Dec 10 21:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1930
Dec 10 21:54:02 snort[29511]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.154.75:8545
Dec 10 21:54:02 snort[29511]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.154.75:8545
Dec 10 21:52:46 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5066 -> 97.120.154.75:5060
Dec 10 21:52:46 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5066 -> 97.120.154.75:5060
Dec 10 21:52:46 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5066 -> 97.120.154.75:5060
Dec 10 21:52:46 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5066 -> 97.120.154.75:5060
Dec 10 21:51:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3353
Dec 10 21:51:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3353
Dec 10 21:51:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.201:40140 -> 97.120.154.75:22
Dec 10 21:51:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.201:40140 -> 97.120.154.75:22
Dec 10 21:51:24 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.88.33.78:1248 -> 97.120.154.75:1433
Dec 10 21:51:24 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.88.33.78:1248 -> 97.120.154.75:1433
Dec 10 21:49:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.185:44538 -> 97.120.154.75:8140
Dec 10 21:49:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.185:44538 -> 97.120.154.75:8140
Dec 10 21:49:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.71:55631 -> 97.120.154.75:3389
Dec 10 21:49:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.71:55631 -> 97.120.154.75:3389
Dec 10 21:49:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:43364 -> 97.120.154.75:29690
Dec 10 21:49:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:43364 -> 97.120.154.75:29690
Dec 10 21:49:22 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:15551
Dec 10 21:49:22 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:15551
Dec 10 21:49:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.142.236.35:24858 -> 97.120.154.75:13
Dec 10 21:49:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.142.236.35:24858 -> 97.120.154.75:13
Dec 10 21:48:03 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.64.209.254:44584 -> 97.120.154.75:1433
Dec 10 21:48:03 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.64.209.254:44584 -> 97.120.154.75:1433
Dec 10 21:48:03 snort[29511]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.64.209.254:44584 -> 97.120.154.75:1433
Dec 10 21:48:03 snort[29511]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.64.209.254:44584 -> 97.120.154.75:1433
Dec 10 21:47:56 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9009
Dec 10 21:47:56 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9009
Dec 10 21:47:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:40943 -> 97.120.154.75:3380
Dec 10 21:47:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:40943 -> 97.120.154.75:3380
Dec 10 21:44:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1887
Dec 10 21:44:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1887
Dec 10 21:44:41 snort[29511]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.230.144.10:51107 -> 97.120.154.75:445
Dec 10 21:44:41 snort[29511]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.230.144.10:51107 -> 97.120.154.75:445
Dec 10 21:44:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:47372 -> 97.120.154.75:33389
Dec 10 21:44:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:47372 -> 97.120.154.75:33389
Dec 10 21:44:18 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:13653
Dec 10 21:44:18 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:13653
Dec 10 21:42:58 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9071
Dec 10 21:42:58 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9071
Dec 10 21:42:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.154.75:167
Dec 10 21:42:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.154.75:167
Dec 10 21:41:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:40729 -> 97.120.154.75:3927
Dec 10 21:41:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:40729 -> 97.120.154.75:3927
Dec 10 21:40:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33897
Dec 10 21:40:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33897
Dec 10 21:40:12 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33897
Dec 10 21:40:12 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33897
Dec 10 21:40:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39194 -> 97.120.154.75:135
Dec 10 21:40:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39194 -> 97.120.154.75:135
Dec 10 21:40:04 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39194 -> 97.120.154.75:135
Dec 10 21:40:04 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39194 -> 97.120.154.75:135
Dec 10 21:39:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:57774 -> 97.120.154.75:9840
Dec 10 21:39:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:57774 -> 97.120.154.75:9840
Dec 10 21:39:19 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.7.118.149:45691 -> 97.120.154.75:1433
Dec 10 21:39:19 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.7.118.149:45691 -> 97.120.154.75:1433
Dec 10 21:36:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:37407 -> 97.120.154.75:8089
Dec 10 21:36:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:37407 -> 97.120.154.75:8089
Dec 10 21:36:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:37407 -> 97.120.154.75:8089
Dec 10 21:36:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:37407 -> 97.120.154.75:8089
Dec 10 21:36:25 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2535
Dec 10 21:36:25 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2535
Dec 10 21:35:57 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:55897 -> 97.120.154.75:5038
Dec 10 21:35:57 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:55897 -> 97.120.154.75:5038
Dec 10 21:34:08 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:6036
Dec 10 21:34:08 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:6036
Dec 10 21:33:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25156
Dec 10 21:33:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25156
Dec 10 21:32:21 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5934
Dec 10 21:32:21 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5934
Dec 10 21:31:43 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:2800
Dec 10 21:31:43 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:2800
Dec 10 21:31:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.104:55638 -> 97.120.154.75:3389
Dec 10 21:31:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.104:55638 -> 97.120.154.75:3389
Dec 10 21:31:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:44
Dec 10 21:31:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:44
Dec 10 21:30:25 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 21:30:25 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 21:29:56 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.244.243.90:65490 -> 97.120.154.75:1433
Dec 10 21:29:56 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.244.243.90:65490 -> 97.120.154.75:1433
Dec 10 21:28:15 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5145
Dec 10 21:28:15 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5145
Dec 10 21:27:49 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 101.36.138.132:48285 -> 97.120.154.75:1433
Dec 10 21:27:49 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 101.36.138.132:48285 -> 97.120.154.75:1433
Dec 10 21:27:49 snort[29511]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 101.36.138.132:48285 -> 97.120.154.75:1433
Dec 10 21:27:49 snort[29511]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 101.36.138.132:48285 -> 97.120.154.75:1433
Dec 10 21:26:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:538
Dec 10 21:26:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:538
Dec 10 21:22:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:40524 -> 97.120.154.75:8089
Dec 10 21:22:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:40524 -> 97.120.154.75:8089
Dec 10 21:22:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:40524 -> 97.120.154.75:8089
Dec 10 21:22:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:40524 -> 97.120.154.75:8089
Dec 10 21:22:29 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1576
Dec 10 21:22:29 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1576
Dec 10 21:21:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3062
Dec 10 21:21:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3062
Dec 10 21:18:04 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:11064 -> 97.120.154.75:5060
Dec 10 21:18:04 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:11064 -> 97.120.154.75:5060
Dec 10 21:18:04 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:11064 -> 97.120.154.75:5060
Dec 10 21:18:04 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:11064 -> 97.120.154.75:5060
Dec 10 21:16:59 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.245.84.220:54235 -> 97.120.154.75:1433
Dec 10 21:16:59 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.245.84.220:54235 -> 97.120.154.75:1433
Dec 10 21:15:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:418
Dec 10 21:15:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:418
Dec 10 21:15:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:2268
Dec 10 21:15:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:2268
Dec 10 21:15:43 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:2268
Dec 10 21:15:43 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:2268
Dec 10 21:14:57 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.154.75:41185
Dec 10 21:14:57 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.154.75:41185
Dec 10 21:14:21 snort[29511]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 67.207.88.180:50434 -> 97.120.154.75:2274
Dec 10 21:14:21 snort[29511]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 67.207.88.180:50434 -> 97.120.154.75:2274
Dec 10 21:14:09 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.182:61000 -> 97.120.154.75:26646
Dec 10 21:14:09 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.182:61000 -> 97.120.154.75:26646
Dec 10 21:13:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.154.75:3436
Dec 10 21:13:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.154.75:3436
Dec 10 21:12:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:42325 -> 97.120.154.75:20471
Dec 10 21:12:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:42325 -> 97.120.154.75:20471
Dec 10 21:09:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:44384 -> 97.120.154.75:49714
Dec 10 21:09:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:44384 -> 97.120.154.75:49714
Dec 10 21:09:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8856
Dec 10 21:09:14 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8856
Dec 10 21:09:12 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:48819
Dec 10 21:09:12 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:48819
Dec 10 21:08:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:48356 -> 97.120.154.75:3396
Dec 10 21:08:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:48356 -> 97.120.154.75:3396
Dec 10 21:08:10 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:08:10 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:08:10 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:08:10 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:08:10 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:08:10 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5090 -> 97.120.154.75:5060
Dec 10 21:07:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.34:31491 -> 97.120.154.75:4402
Dec 10 21:07:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.34:31491 -> 97.120.154.75:4402
Dec 10 21:06:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:58782 -> 97.120.154.75:10008
Dec 10 21:06:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:58782 -> 97.120.154.75:10008
Dec 10 21:06:17 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 82.193.140.44:54916 -> 97.120.154.75:1433
Dec 10 21:06:17 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 82.193.140.44:54916 -> 97.120.154.75:1433
Dec 10 21:06:17 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.193.140.44:54916 -> 97.120.154.75:1433
Dec 10 21:06:17 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.193.140.44:54916 -> 97.120.154.75:1433
Dec 10 21:05:44 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.185:29011 -> 97.120.154.75:1741
Dec 10 21:05:44 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.185:29011 -> 97.120.154.75:1741
Dec 10 21:05:29 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.185.28.125:27943 -> 97.120.154.75:1433
Dec 10 21:05:29 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.185.28.125:27943 -> 97.120.154.75:1433
Dec 10 21:05:29 snort[29511]: [1:2403404:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 [Classification: Misc Attack] [Priority: 2] {TCP} 61.185.28.125:27943 -> 97.120.154.75:1433
Dec 10 21:05:29 snort[29511]: [1:2403404:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 [Classification: Misc Attack] [Priority: 2] {TCP} 61.185.28.125:27943 -> 97.120.154.75:1433
Dec 10 21:04:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5205
Dec 10 21:04:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5205
Dec 10 21:04:10 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:48134
Dec 10 21:04:10 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:48134
Dec 10 21:03:57 snort[29511]: [1:2403370:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 36 [Classification: Misc Attack] [Priority: 2] {TCP} 49.204.220.145:18020 -> 97.120.154.75:554
Dec 10 21:03:57 snort[29511]: [1:2403370:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 36 [Classification: Misc Attack] [Priority: 2] {TCP} 49.204.220.145:18020 -> 97.120.154.75:554
Dec 10 20:58:56 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5907
Dec 10 20:58:56 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5907
Dec 10 20:57:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.154.75:2015
Dec 10 20:57:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.154.75:2015
Dec 10 20:56:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:244
Dec 10 20:56:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:244
Dec 10 20:55:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61553
Dec 10 20:55:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61553
Dec 10 20:54:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:371
Dec 10 20:54:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:371
Dec 10 20:53:08 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.225.100.74:56729 -> 97.120.154.75:1433
Dec 10 20:53:08 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.225.100.74:56729 -> 97.120.154.75:1433
Dec 10 20:52:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18093
Dec 10 20:52:43 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18093
Dec 10 20:50:19 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:34833 -> 97.120.154.75:8089
Dec 10 20:50:19 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:34833 -> 97.120.154.75:8089
Dec 10 20:49:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10773
Dec 10 20:49:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10773
Dec 10 20:48:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3214
Dec 10 20:48:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3214
Dec 10 20:47:55 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:55441 -> 97.120.154.75:2181
Dec 10 20:47:55 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:55441 -> 97.120.154.75:2181
Dec 10 20:46:30 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:45487
Dec 10 20:46:30 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:45487
Dec 10 20:45:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.154.75:21938
Dec 10 20:45:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.154.75:21938
Dec 10 20:45:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1715
Dec 10 20:45:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1715
Dec 10 20:44:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.154.75:5115
Dec 10 20:44:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.154.75:5115
Dec 10 20:43:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:33389
Dec 10 20:43:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:33389
Dec 10 20:42:32 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:58645 -> 97.120.154.75:80
Dec 10 20:42:32 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:58645 -> 97.120.154.75:80
Dec 10 20:41:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:43155 -> 97.120.154.75:8284
Dec 10 20:41:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:43155 -> 97.120.154.75:8284
Dec 10 20:39:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.154.75:9205
Dec 10 20:39:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.154.75:9205
Dec 10 20:37:38 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23397
Dec 10 20:37:38 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23397
Dec 10 20:37:38 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23397
Dec 10 20:37:38 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23397
Dec 10 20:35:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.154.75:47314
Dec 10 20:35:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.154.75:47314
Dec 10 20:34:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.154.75:7810
Dec 10 20:34:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.154.75:7810
Dec 10 20:33:45 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:1389
Dec 10 20:33:45 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:1389
Dec 10 20:33:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:48225 -> 97.120.154.75:58926
Dec 10 20:33:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:48225 -> 97.120.154.75:58926
Dec 10 20:33:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.70:55633 -> 97.120.154.75:3389
Dec 10 20:33:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.70:55633 -> 97.120.154.75:3389
Dec 10 20:32:38 snort[29511]: [1:2403396:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 49 [Classification: Misc Attack] [Priority: 2] {TCP} 60.175.90.214:50164 -> 97.120.154.75:23
Dec 10 20:32:38 snort[29511]: [1:2403396:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 49 [Classification: Misc Attack] [Priority: 2] {TCP} 60.175.90.214:50164 -> 97.120.154.75:23
Dec 10 20:31:48 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:12445
Dec 10 20:31:48 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:12445
Dec 10 20:30:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:7676
Dec 10 20:30:50 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:52114 -> 97.120.154.75:7676
Dec 10 20:30:44 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:1111
Dec 10 20:30:44 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:1111
Dec 10 20:30:42 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:1907
Dec 10 20:30:42 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:1907
Dec 10 20:30:35 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5995
Dec 10 20:30:35 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5995
Dec 10 20:28:55 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:19529 -> 97.120.154.75:8089
Dec 10 20:28:55 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:19529 -> 97.120.154.75:8089
Dec 10 20:28:55 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:19529 -> 97.120.154.75:8089
Dec 10 20:28:55 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:19529 -> 97.120.154.75:8089
Dec 10 20:27:19 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40217 -> 97.120.154.75:1059
Dec 10 20:27:19 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40217 -> 97.120.154.75:1059
Dec 10 20:27:19 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40217 -> 97.120.154.75:1059
Dec 10 20:27:19 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40217 -> 97.120.154.75:1059
Dec 10 20:27:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33898
Dec 10 20:27:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33898
Dec 10 20:27:12 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33898
Dec 10 20:27:12 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33898
Dec 10 20:25:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:56451 -> 97.120.154.75:55004
Dec 10 20:25:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:56451 -> 97.120.154.75:55004
Dec 10 20:24:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:577
Dec 10 20:24:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:577
Dec 10 20:23:40 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.118:60000 -> 97.120.154.75:2087
Dec 10 20:23:40 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.118:60000 -> 97.120.154.75:2087
Dec 10 20:22:48 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.100.180.23:56712 -> 97.120.154.75:445
Dec 10 20:22:48 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.100.180.23:56712 -> 97.120.154.75:445
Dec 10 20:22:09 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9011
Dec 10 20:22:09 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9011
Dec 10 20:21:24 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:5023
Dec 10 20:21:24 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:5023
Dec 10 20:21:19 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:25936 -> 97.120.154.75:8089
Dec 10 20:21:19 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:25936 -> 97.120.154.75:8089
Dec 10 20:20:32 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.154.75:280
Dec 10 20:20:32 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.154.75:280
Dec 10 20:20:15 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 20:20:15 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 20:19:50 snort[29511]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.154.75:3366
Dec 10 20:19:50 snort[29511]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.154.75:3366
Dec 10 20:19:29 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:4295
Dec 10 20:19:29 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:4295
Dec 10 20:19:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.79:53041 -> 97.120.154.75:5906
Dec 10 20:19:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.79:53041 -> 97.120.154.75:5906
Dec 10 20:19:02 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43785 -> 97.120.154.75:999
Dec 10 20:19:02 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43785 -> 97.120.154.75:999
Dec 10 20:19:02 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43785 -> 97.120.154.75:999
Dec 10 20:19:02 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43785 -> 97.120.154.75:999
Dec 10 20:17:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3382
Dec 10 20:17:58 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3382
Dec 10 20:17:58 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3382
Dec 10 20:17:58 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3382
Dec 10 20:16:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.154.75:4321
Dec 10 20:16:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.154.75:4321
Dec 10 20:16:04 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.130:10163 -> 97.120.154.75:515
Dec 10 20:16:04 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.130:10163 -> 97.120.154.75:515
Dec 10 20:16:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:4515
Dec 10 20:16:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:4515
Dec 10 20:16:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9222
Dec 10 20:16:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9222
Dec 10 20:15:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.154.75:19000
Dec 10 20:15:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.154.75:19000
Dec 10 20:14:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 59.63.204.121:43570 -> 97.120.154.75:1433
Dec 10 20:14:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 59.63.204.121:43570 -> 97.120.154.75:1433
Dec 10 20:12:55 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5086 -> 97.120.154.75:5060
Dec 10 20:12:55 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5086 -> 97.120.154.75:5060
Dec 10 20:12:55 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5086 -> 97.120.154.75:5060
Dec 10 20:12:55 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5086 -> 97.120.154.75:5060
Dec 10 20:11:36 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.70:54121 -> 97.120.154.75:3389
Dec 10 20:11:36 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.70:54121 -> 97.120.154.75:3389
Dec 10 20:11:17 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3018
Dec 10 20:11:17 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3018
Dec 10 20:10:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.16:57153 -> 97.120.154.75:445
Dec 10 20:10:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.16:57153 -> 97.120.154.75:445
Dec 10 20:10:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9210
Dec 10 20:10:27 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9210
Dec 10 20:10:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1881
Dec 10 20:10:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1881
Dec 10 20:06:33 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.34.25.155:52628 -> 97.120.154.75:1433
Dec 10 20:06:33 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.34.25.155:52628 -> 97.120.154.75:1433
Dec 10 20:06:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:55912 -> 97.120.154.75:9600
Dec 10 20:06:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:55912 -> 97.120.154.75:9600
Dec 10 20:06:18 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:55912 -> 97.120.154.75:9600
Dec 10 20:06:18 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:55912 -> 97.120.154.75:9600
Dec 10 20:05:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:42885 -> 97.120.154.75:54611
Dec 10 20:05:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:42885 -> 97.120.154.75:54611
Dec 10 20:03:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:48855 -> 97.120.154.75:8297
Dec 10 20:03:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:48855 -> 97.120.154.75:8297
Dec 10 20:03:55 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.60:6535 -> 97.120.154.75:10015
Dec 10 20:03:55 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.60:6535 -> 97.120.154.75:10015
Dec 10 20:03:26 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3393
Dec 10 20:03:26 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3393
Dec 10 20:03:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:52312 -> 97.120.154.75:8009
Dec 10 20:03:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:52312 -> 97.120.154.75:8009
Dec 10 20:01:01 snort[29511]: [1:2403406:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 54 [Classification: Misc Attack] [Priority: 2] {TCP} 61.219.11.153:61437 -> 97.120.154.75:443
Dec 10 20:01:01 snort[29511]: [1:2403406:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 54 [Classification: Misc Attack] [Priority: 2] {TCP} 61.219.11.153:61437 -> 97.120.154.75:443
Dec 10 20:00:55 snort[29511]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.30:34584 -> 97.120.154.75:8080
Dec 10 20:00:55 snort[29511]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.30:34584 -> 97.120.154.75:8080
Dec 10 20:00:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:50112 -> 97.120.154.75:63397
Dec 10 20:00:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:50112 -> 97.120.154.75:63397
Dec 10 19:59:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.84:60108 -> 97.120.154.75:999
Dec 10 19:59:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.84:60108 -> 97.120.154.75:999
Dec 10 19:59:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1936
Dec 10 19:59:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1936
Dec 10 19:59:01 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:41805 -> 97.120.154.75:45433
Dec 10 19:59:01 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:41805 -> 97.120.154.75:45433
Dec 10 19:58:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9235
Dec 10 19:58:53 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9235
Dec 10 19:57:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55056 -> 97.120.154.75:8089
Dec 10 19:57:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55056 -> 97.120.154.75:8089
Dec 10 19:57:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55056 -> 97.120.154.75:8089
Dec 10 19:57:40 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55056 -> 97.120.154.75:8089
Dec 10 19:56:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5217
Dec 10 19:56:48 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5217
Dec 10 19:56:22 snort[29511]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 103.115.129.201:13879 -> 97.120.154.75:26
Dec 10 19:56:22 snort[29511]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 103.115.129.201:13879 -> 97.120.154.75:26
Dec 10 19:54:40 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.154.75:5167
Dec 10 19:54:40 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.154.75:5167
Dec 10 19:52:13 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5975
Dec 10 19:52:13 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5975
Dec 10 19:50:17 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:6044
Dec 10 19:50:17 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:6044
Dec 10 19:49:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.87:56149 -> 97.120.154.75:3395
Dec 10 19:49:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.87:56149 -> 97.120.154.75:3395
Dec 10 19:48:25 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 118.70.10.47:61011 -> 97.120.154.75:1433
Dec 10 19:48:25 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 118.70.10.47:61011 -> 97.120.154.75:1433
Dec 10 19:47:31 snort[29511]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.217.135.27:42721 -> 97.120.154.75:9001
Dec 10 19:47:31 snort[29511]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.217.135.27:42721 -> 97.120.154.75:9001
Dec 10 19:47:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25157
Dec 10 19:47:03 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25157
Dec 10 19:46:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.109:39712 -> 97.120.154.75:45666
Dec 10 19:46:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.109:39712 -> 97.120.154.75:45666
Dec 10 19:45:28 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:3391
Dec 10 19:45:28 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:3391
Dec 10 19:45:24 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.45:60576 -> 97.120.154.75:8530
Dec 10 19:45:24 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.45:60576 -> 97.120.154.75:8530
Dec 10 19:44:26 snort[29511]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.253.65.170:49557 -> 97.120.154.75:33892
Dec 10 19:44:26 snort[29511]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.253.65.170:49557 -> 97.120.154.75:33892
Dec 10 19:43:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:11407
Dec 10 19:43:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:11407
Dec 10 19:42:19 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:44756
Dec 10 19:42:19 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:44756
Dec 10 19:41:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9714
Dec 10 19:41:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9714
Dec 10 19:41:30 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9714
Dec 10 19:41:30 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9714
Dec 10 19:38:43 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.173:61000 -> 97.120.154.75:10671
Dec 10 19:38:43 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.173:61000 -> 97.120.154.75:10671
Dec 10 19:38:11 snort[29511]: [1:2400001:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 2 [Classification: Misc Attack] [Priority: 2] {TCP} 45.67.14.179:43590 -> 97.120.154.75:2375
Dec 10 19:38:11 snort[29511]: [1:2400001:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 2 [Classification: Misc Attack] [Priority: 2] {TCP} 45.67.14.179:43590 -> 97.120.154.75:2375
Dec 10 19:34:25 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5139
Dec 10 19:34:25 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5139
Dec 10 19:32:26 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.106.64:5061 -> 97.120.154.75:5060
Dec 10 19:32:26 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.106.64:5061 -> 97.120.154.75:5060
Dec 10 19:32:26 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.106.64:5061 -> 97.120.154.75:5060
Dec 10 19:32:26 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.106.64:5061 -> 97.120.154.75:5060
Dec 10 19:32:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.154.75:33394
Dec 10 19:32:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.154.75:33394
Dec 10 19:31:34 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.68.232.158:50604 -> 97.120.154.75:9000
Dec 10 19:31:34 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.68.232.158:50604 -> 97.120.154.75:9000
Dec 10 19:30:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:22000
Dec 10 19:30:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:22000
Dec 10 19:29:01 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:407
Dec 10 19:29:01 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:407
Dec 10 19:28:20 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.167.142:22367 -> 97.120.154.75:14265
Dec 10 19:28:20 snort[29511]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.167.142:22367 -> 97.120.154.75:14265
Dec 10 19:26:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.105:12822 -> 97.120.154.75:3337
Dec 10 19:26:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.105:12822 -> 97.120.154.75:3337
Dec 10 19:24:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9226
Dec 10 19:24:31 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9226
Dec 10 19:24:03 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:56652
Dec 10 19:24:03 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.154.75:56652
Dec 10 19:22:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:50494 -> 97.120.154.75:5549
Dec 10 19:22:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:50494 -> 97.120.154.75:5549
Dec 10 19:22:05 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.102.209.57:64372 -> 97.120.154.75:1433
Dec 10 19:22:05 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.102.209.57:64372 -> 97.120.154.75:1433
Dec 10 19:21:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:52
Dec 10 19:21:46 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:52
Dec 10 19:21:17 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3038
Dec 10 19:21:17 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3038
Dec 10 19:21:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:11880 -> 97.120.154.75:8089
Dec 10 19:21:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:11880 -> 97.120.154.75:8089
Dec 10 19:21:02 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:11880 -> 97.120.154.75:8089
Dec 10 19:21:02 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:11880 -> 97.120.154.75:8089
Dec 10 19:20:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:263
Dec 10 19:20:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:263
Dec 10 19:19:50 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.208.53.194:63152 -> 97.120.154.75:1433
Dec 10 19:19:50 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.208.53.194:63152 -> 97.120.154.75:1433
Dec 10 19:19:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:59878 -> 97.120.154.75:636
Dec 10 19:19:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:59878 -> 97.120.154.75:636
Dec 10 19:19:25 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:59878 -> 97.120.154.75:636
Dec 10 19:19:25 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:59878 -> 97.120.154.75:636
Dec 10 19:19:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:55620 -> 97.120.154.75:80
Dec 10 19:19:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:55620 -> 97.120.154.75:80
Dec 10 19:18:57 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:555
Dec 10 19:18:57 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:555
Dec 10 19:18:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 2.45.131.197:55326 -> 97.120.154.75:1433
Dec 10 19:18:47 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 2.45.131.197:55326 -> 97.120.154.75:1433
Dec 10 19:18:47 snort[29511]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 2.45.131.197:55326 -> 97.120.154.75:1433
Dec 10 19:18:47 snort[29511]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 2.45.131.197:55326 -> 97.120.154.75:1433
Dec 10 19:18:29 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33092 -> 97.120.154.75:8089
Dec 10 19:18:29 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33092 -> 97.120.154.75:8089
Dec 10 19:17:19 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:17:19 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:17:19 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:17:19 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:17:19 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:17:19 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5063 -> 97.120.154.75:5060
Dec 10 19:16:08 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.228.158.228:25143 -> 97.120.154.75:1433
Dec 10 19:16:08 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.228.158.228:25143 -> 97.120.154.75:1433
Dec 10 19:15:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:47924 -> 97.120.154.75:42776
Dec 10 19:15:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:47924 -> 97.120.154.75:42776
Dec 10 19:14:59 snort[29511]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 65.49.20.90:53062 -> 97.120.154.75:22
Dec 10 19:14:59 snort[29511]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 65.49.20.90:53062 -> 97.120.154.75:22
Dec 10 19:13:38 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:8889
Dec 10 19:13:38 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.154.75:8889
Dec 10 19:13:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:7382
Dec 10 19:13:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:7382
Dec 10 19:12:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.154.75:38457
Dec 10 19:12:12 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.154.75:38457
Dec 10 19:11:47 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2758
Dec 10 19:11:47 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:2758
Dec 10 19:11:38 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.154.75:8005
Dec 10 19:11:38 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.154.75:8005
Dec 10 19:11:34 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.118.20.168:45947 -> 97.120.154.75:1433
Dec 10 19:11:34 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.118.20.168:45947 -> 97.120.154.75:1433
Dec 10 19:10:41 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.154.75:3304
Dec 10 19:10:41 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.154.75:3304
Dec 10 19:10:39 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 14.190.102.174:51156 -> 97.120.154.75:1433
Dec 10 19:10:39 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 14.190.102.174:51156 -> 97.120.154.75:1433
Dec 10 19:10:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.154.75:21939
Dec 10 19:10:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.154.75:21939
Dec 10 19:10:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.56:44495 -> 97.120.154.75:27018
Dec 10 19:10:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.56:44495 -> 97.120.154.75:27018
Dec 10 19:09:38 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:33880
Dec 10 19:09:38 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:33880
Dec 10 19:08:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4399
Dec 10 19:08:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4399
Dec 10 19:08:39 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4399
Dec 10 19:08:39 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:4399
Dec 10 19:08:32 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.29:59830 -> 97.120.154.75:4443
Dec 10 19:08:32 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.29:59830 -> 97.120.154.75:4443
Dec 10 19:05:26 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.154.75:3373
Dec 10 19:05:26 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.154.75:3373
Dec 10 19:04:25 snort[29511]: [1:2403418:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 [Classification: Misc Attack] [Priority: 2] {TCP} 70.33.206.130:47962 -> 97.120.154.75:445
Dec 10 19:04:25 snort[29511]: [1:2403418:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 [Classification: Misc Attack] [Priority: 2] {TCP} 70.33.206.130:47962 -> 97.120.154.75:445
Dec 10 19:03:09 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:37574
Dec 10 19:03:09 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:37574
Dec 10 19:02:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:48356 -> 97.120.154.75:3380
Dec 10 19:02:39 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:48356 -> 97.120.154.75:3380
Dec 10 19:02:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18091
Dec 10 19:02:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18091
Dec 10 19:02:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.154.75:7811
Dec 10 19:02:20 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.154.75:7811
Dec 10 19:01:54 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:3865
Dec 10 19:01:54 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:3865
Dec 10 18:55:14 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:59905 -> 97.120.154.75:49
Dec 10 18:55:14 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:59905 -> 97.120.154.75:49
Dec 10 18:55:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.52:41665 -> 97.120.154.75:27019
Dec 10 18:55:02 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.52:41665 -> 97.120.154.75:27019
Dec 10 18:54:58 snort[29511]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:58 snort[29511]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:58 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:58 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:58 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:58 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.20:5081 -> 97.120.154.75:5060
Dec 10 18:54:55 snort[29511]: [1:2403488:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 95 [Classification: Misc Attack] [Priority: 2] {TCP} 101.205.158.189:34255 -> 97.120.154.75:23
Dec 10 18:54:55 snort[29511]: [1:2403488:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 95 [Classification: Misc Attack] [Priority: 2] {TCP} 101.205.158.189:34255 -> 97.120.154.75:23
Dec 10 18:54:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:41595 -> 97.120.154.75:3790
Dec 10 18:54:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:41595 -> 97.120.154.75:3790
Dec 10 18:54:45 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:41595 -> 97.120.154.75:3790
Dec 10 18:54:45 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:41595 -> 97.120.154.75:3790
Dec 10 18:54:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:43155 -> 97.120.154.75:8283
Dec 10 18:54:44 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:43155 -> 97.120.154.75:8283
Dec 10 18:52:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.154.75:24
Dec 10 18:52:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.154.75:24
Dec 10 18:52:28 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.154.75:24
Dec 10 18:52:28 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.154.75:24
Dec 10 18:51:32 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.83:40611 -> 97.120.154.75:22
Dec 10 18:51:32 snort[29511]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.83:40611 -> 97.120.154.75:22
Dec 10 18:51:30 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 218.249.200.167:54790 -> 97.120.154.75:1433
Dec 10 18:51:30 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 218.249.200.167:54790 -> 97.120.154.75:1433
Dec 10 18:51:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:37913 -> 97.120.154.75:9071
Dec 10 18:51:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:37913 -> 97.120.154.75:9071
Dec 10 18:51:11 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:37913 -> 97.120.154.75:9071
Dec 10 18:51:11 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:37913 -> 97.120.154.75:9071
Dec 10 18:51:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:40996 -> 97.120.154.75:9243
Dec 10 18:51:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:40996 -> 97.120.154.75:9243
Dec 10 18:50:00 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:12419
Dec 10 18:50:00 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:12419
Dec 10 18:49:38 snort[29511]: [1:2403332:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 17 [Classification: Misc Attack] [Priority: 2] {TCP} 37.202.20.89:59254 -> 97.120.154.75:445
Dec 10 18:49:38 snort[29511]: [1:2403332:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 17 [Classification: Misc Attack] [Priority: 2] {TCP} 37.202.20.89:59254 -> 97.120.154.75:445
Dec 10 18:48:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.154.75:48018
Dec 10 18:48:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.154.75:48018
Dec 10 18:47:51 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 18:47:51 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 18:47:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9215
Dec 10 18:47:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9215
Dec 10 18:47:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.154.75:64603
Dec 10 18:47:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.154.75:64603
Dec 10 18:47:29 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.154.75:64603
Dec 10 18:47:29 snort[29511]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.154.75:64603
Dec 10 18:46:52 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:29103 -> 97.120.154.75:8089
Dec 10 18:46:52 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:29103 -> 97.120.154.75:8089
Dec 10 18:45:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1884
Dec 10 18:45:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1884
Dec 10 18:44:44 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.56.220:5068 -> 97.120.154.75:5060
Dec 10 18:44:44 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.56.220:5068 -> 97.120.154.75:5060
Dec 10 18:44:44 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.56.220:5068 -> 97.120.154.75:5060
Dec 10 18:44:44 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.56.220:5068 -> 97.120.154.75:5060
Dec 10 18:44:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3087
Dec 10 18:44:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3087
Dec 10 18:43:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61554
Dec 10 18:43:04 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61554
Dec 10 18:42:57 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 77.252.68.106:57303 -> 97.120.154.75:1433
Dec 10 18:42:57 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 77.252.68.106:57303 -> 97.120.154.75:1433
Dec 10 18:42:57 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.252.68.106:57303 -> 97.120.154.75:1433
Dec 10 18:42:57 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.252.68.106:57303 -> 97.120.154.75:1433
Dec 10 18:42:05 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3380
Dec 10 18:42:05 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3380
Dec 10 18:42:00 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:44388 -> 97.120.154.75:5038
Dec 10 18:42:00 snort[29511]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:44388 -> 97.120.154.75:5038
Dec 10 18:41:30 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.205.66.58:9520 -> 97.120.154.75:23
Dec 10 18:41:30 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.205.66.58:9520 -> 97.120.154.75:23
Dec 10 18:41:17 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:58012 -> 97.120.154.75:1054
Dec 10 18:41:17 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:58012 -> 97.120.154.75:1054
Dec 10 18:41:17 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:58012 -> 97.120.154.75:1054
Dec 10 18:41:17 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:58012 -> 97.120.154.75:1054
Dec 10 18:40:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:43906 -> 97.120.154.75:4802
Dec 10 18:40:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:43906 -> 97.120.154.75:4802
Dec 10 18:40:04 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:17313 -> 97.120.154.75:465
Dec 10 18:40:04 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:17313 -> 97.120.154.75:465
Dec 10 18:39:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9221
Dec 10 18:39:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9221
Dec 10 18:38:25 snort[29511]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.154.75:9251
Dec 10 18:38:25 snort[29511]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.154.75:9251
Dec 10 18:37:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9239
Dec 10 18:37:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9239
Dec 10 18:37:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:48255 -> 97.120.154.75:8294
Dec 10 18:37:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:48255 -> 97.120.154.75:8294
Dec 10 18:37:12 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5219
Dec 10 18:37:12 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5219
Dec 10 18:36:41 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:33845 -> 97.120.154.75:996
Dec 10 18:36:41 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:33845 -> 97.120.154.75:996
Dec 10 18:36:41 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:33845 -> 97.120.154.75:996
Dec 10 18:36:41 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:33845 -> 97.120.154.75:996
Dec 10 18:35:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1939
Dec 10 18:35:48 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.154.75:1939
Dec 10 18:35:41 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.225.220.178:53960 -> 97.120.154.75:1433
Dec 10 18:35:41 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.225.220.178:53960 -> 97.120.154.75:1433
Dec 10 18:34:21 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:6013
Dec 10 18:34:21 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:6013
Dec 10 18:32:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.227:56166 -> 97.120.154.75:465
Dec 10 18:32:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.227:56166 -> 97.120.154.75:465
Dec 10 18:31:29 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.60:59235 -> 97.120.154.75:5000
Dec 10 18:31:29 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.60:59235 -> 97.120.154.75:5000
Dec 10 18:27:29 snort[29511]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:53909 -> 97.120.154.75:3384
Dec 10 18:27:29 snort[29511]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:53909 -> 97.120.154.75:3384
Dec 10 18:27:06 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:2303
Dec 10 18:27:06 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.154.75:2303
Dec 10 18:26:31 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1221
Dec 10 18:26:31 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1221
Dec 10 18:25:21 snort[29511]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.154.75:3392
Dec 10 18:25:21 snort[29511]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.154.75:3392
Dec 10 18:24:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:40490 -> 97.120.154.75:13112
Dec 10 18:24:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:40490 -> 97.120.154.75:13112
Dec 10 18:24:00 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5972
Dec 10 18:24:00 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5972
Dec 10 18:23:23 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.124.73.163:60980 -> 97.120.154.75:1433
Dec 10 18:23:23 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.124.73.163:60980 -> 97.120.154.75:1433
Dec 10 18:23:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:47192 -> 97.120.154.75:22000
Dec 10 18:23:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:47192 -> 97.120.154.75:22000
Dec 10 18:22:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:46095 -> 97.120.154.75:8291
Dec 10 18:22:56 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:46095 -> 97.120.154.75:8291
Dec 10 18:22:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:9684
Dec 10 18:22:33 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:9684
Dec 10 18:21:52 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5072 -> 97.120.154.75:5060
Dec 10 18:21:52 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5072 -> 97.120.154.75:5060
Dec 10 18:21:52 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5072 -> 97.120.154.75:5060
Dec 10 18:21:52 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5072 -> 97.120.154.75:5060
Dec 10 18:20:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:3000
Dec 10 18:20:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:3000
Dec 10 18:20:03 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 183.239.210.114:51233 -> 97.120.154.75:1433
Dec 10 18:20:03 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 183.239.210.114:51233 -> 97.120.154.75:1433
Dec 10 18:19:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:221
Dec 10 18:19:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:221
Dec 10 18:19:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9712
Dec 10 18:19:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9712
Dec 10 18:19:37 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9712
Dec 10 18:19:37 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9712
Dec 10 18:19:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:41263 -> 97.120.154.75:9249
Dec 10 18:19:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:41263 -> 97.120.154.75:9249
Dec 10 18:18:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:43544 -> 97.120.154.75:31393
Dec 10 18:18:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:43544 -> 97.120.154.75:31393
Dec 10 18:18:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:48184 -> 97.120.154.75:22668
Dec 10 18:18:09 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:48184 -> 97.120.154.75:22668
Dec 10 18:17:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3024
Dec 10 18:17:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3024
Dec 10 18:15:25 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.17:50721 -> 97.120.154.75:987
Dec 10 18:15:25 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.17:50721 -> 97.120.154.75:987
Dec 10 18:13:32 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:26602
Dec 10 18:13:32 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:26602
Dec 10 18:13:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1743
Dec 10 18:13:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1743
Dec 10 18:13:15 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:16732 -> 97.120.154.75:8089
Dec 10 18:13:15 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:16732 -> 97.120.154.75:8089
Dec 10 18:13:15 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:16732 -> 97.120.154.75:8089
Dec 10 18:13:15 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:16732 -> 97.120.154.75:8089
Dec 10 18:12:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8664
Dec 10 18:12:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8664
Dec 10 18:12:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:43575 -> 97.120.154.75:8287
Dec 10 18:12:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:43575 -> 97.120.154.75:8287
Dec 10 18:11:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.154.75:47315
Dec 10 18:11:34 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.154.75:47315
Dec 10 18:10:28 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:3772
Dec 10 18:10:28 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:3772
Dec 10 18:10:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.41:41807 -> 97.120.154.75:3030
Dec 10 18:10:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.41:41807 -> 97.120.154.75:3030
Dec 10 18:10:02 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:1910
Dec 10 18:10:02 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.154.75:1910
Dec 10 18:09:43 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.154.75:3245
Dec 10 18:09:43 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.154.75:3245
Dec 10 18:06:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:589
Dec 10 18:06:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.154.75:589
Dec 10 18:03:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9228
Dec 10 18:03:18 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9228
Dec 10 18:00:19 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:61000
Dec 10 18:00:19 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.154.75:61000
Dec 10 17:59:50 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.84:5117 -> 97.120.154.75:5060
Dec 10 17:59:50 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.84:5117 -> 97.120.154.75:5060
Dec 10 17:59:50 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.84:5117 -> 97.120.154.75:5060
Dec 10 17:59:50 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.84:5117 -> 97.120.154.75:5060
Dec 10 17:58:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:49490 -> 97.120.154.75:5019
Dec 10 17:58:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:49490 -> 97.120.154.75:5019
Dec 10 17:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.172:51937 -> 97.120.154.75:27017
Dec 10 17:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.172:51937 -> 97.120.154.75:27017
Dec 10 17:55:19 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.103.129:55601 -> 97.120.154.75:445
Dec 10 17:55:19 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.103.129:55601 -> 97.120.154.75:445
Dec 10 17:53:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:41763 -> 97.120.154.75:9995
Dec 10 17:53:59 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:41763 -> 97.120.154.75:9995
Dec 10 17:53:51 snort[29511]: [1:2403313:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 [Classification: Misc Attack] [Priority: 2] {UDP} 14.0.67.44:60979 -> 97.120.154.75:33434
Dec 10 17:53:51 snort[29511]: [1:2403313:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 [Classification: Misc Attack] [Priority: 2] {UDP} 14.0.67.44:60979 -> 97.120.154.75:33434
Dec 10 17:52:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.158:53132 -> 97.120.154.75:22
Dec 10 17:52:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.158:53132 -> 97.120.154.75:22
Dec 10 17:52:51 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.158:53132 -> 97.120.154.75:22
Dec 10 17:52:51 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.158:53132 -> 97.120.154.75:22
Dec 10 17:50:34 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 118.71.96.95:36109 -> 97.120.154.75:1433
Dec 10 17:50:34 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 118.71.96.95:36109 -> 97.120.154.75:1433
Dec 10 17:49:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:60832 -> 97.120.154.75:34567
Dec 10 17:49:35 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.104:60832 -> 97.120.154.75:34567
Dec 10 17:48:38 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5134
Dec 10 17:48:38 snort[29511]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.154.75:5134
Dec 10 17:48:35 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:29009 -> 97.120.154.75:8089
Dec 10 17:48:35 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:29009 -> 97.120.154.75:8089
Dec 10 17:47:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.225:52401 -> 97.120.154.75:465
Dec 10 17:47:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.225:52401 -> 97.120.154.75:465
Dec 10 17:47:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:65011
Dec 10 17:47:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:65011
Dec 10 17:47:11 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:65011
Dec 10 17:47:11 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.154.75:65011
Dec 10 17:42:53 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9018
Dec 10 17:42:53 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.154.75:9018
Dec 10 17:41:27 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:26613
Dec 10 17:41:27 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.154.75:26613
Dec 10 17:41:15 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:1414
Dec 10 17:41:15 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.154.75:1414
Dec 10 17:40:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33893
Dec 10 17:40:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33893
Dec 10 17:40:52 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33893
Dec 10 17:40:52 snort[29511]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.154.75:33893
Dec 10 17:40:01 snort[29511]: [1:2403446:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 [Classification: Misc Attack] [Priority: 2] {TCP} 83.235.176.144:44048 -> 97.120.154.75:445
Dec 10 17:40:01 snort[29511]: [1:2403446:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 [Classification: Misc Attack] [Priority: 2] {TCP} 83.235.176.144:44048 -> 97.120.154.75:445
Dec 10 17:37:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.106:29234 -> 97.120.154.75:8100
Dec 10 17:37:07 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.106:29234 -> 97.120.154.75:8100
Dec 10 17:36:56 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 219.140.68.33:42606 -> 97.120.154.75:1433
Dec 10 17:36:56 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 219.140.68.33:42606 -> 97.120.154.75:1433
Dec 10 17:35:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25158
Dec 10 17:35:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:50985 -> 97.120.154.75:25158
Dec 10 17:34:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.154.75:1835
Dec 10 17:34:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.154.75:1835
Dec 10 17:34:18 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.175:61000 -> 97.120.154.75:64956
Dec 10 17:34:18 snort[29511]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.175:61000 -> 97.120.154.75:64956
Dec 10 17:34:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9232
Dec 10 17:34:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.154.75:9232
Dec 10 17:33:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23396
Dec 10 17:33:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23396
Dec 10 17:33:45 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23396
Dec 10 17:33:45 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.154.75:23396
Dec 10 17:33:22 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.178.224.81:9811 -> 97.120.154.75:1433
Dec 10 17:33:22 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.178.224.81:9811 -> 97.120.154.75:1433
Dec 10 17:33:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:42885 -> 97.120.154.75:54610
Dec 10 17:33:00 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:42885 -> 97.120.154.75:54610
Dec 10 17:32:32 snort[29511]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.176:29011 -> 97.120.154.75:8098
Dec 10 17:32:32 snort[29511]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.176:29011 -> 97.120.154.75:8098
Dec 10 17:31:54 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:14447
Dec 10 17:31:54 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.154.75:14447
Dec 10 17:29:20 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5116 -> 97.120.154.75:5060
Dec 10 17:29:20 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5116 -> 97.120.154.75:5060
Dec 10 17:29:20 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5116 -> 97.120.154.75:5060
Dec 10 17:29:20 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5116 -> 97.120.154.75:5060
Dec 10 17:28:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.154.75:9678
Dec 10 17:28:49 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.154.75:9678
Dec 10 17:28:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18092
Dec 10 17:28:16 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:46306 -> 97.120.154.75:18092
Dec 10 17:26:31 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:31 snort[29511]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:31 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:31 snort[29511]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:31 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:31 snort[29511]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5067 -> 97.120.154.75:5060
Dec 10 17:26:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3304
Dec 10 17:26:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3304
Dec 10 17:26:28 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3304
Dec 10 17:26:28 snort[29511]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.154.75:3304
Dec 10 17:26:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.104:3821 -> 97.120.154.75:9026
Dec 10 17:26:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.104:3821 -> 97.120.154.75:9026
Dec 10 17:26:07 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5713
Dec 10 17:26:07 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.154.75:5713
Dec 10 17:26:06 snort[29511]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.5.97.45:41608 -> 97.120.154.75:9000
Dec 10 17:26:06 snort[29511]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.5.97.45:41608 -> 97.120.154.75:9000
Dec 10 17:24:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:42205 -> 97.120.154.75:87
Dec 10 17:24:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:42205 -> 97.120.154.75:87
Dec 10 17:23:38 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:45918 -> 97.120.154.75:3026
Dec 10 17:23:38 snort[29511]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:45918 -> 97.120.154.75:3026
Dec 10 17:22:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.154.75:9200
Dec 10 17:22:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.154.75:9200
Dec 10 17:21:14 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:48196
Dec 10 17:21:14 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.154.75:48196
Dec 10 17:20:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39659 -> 97.120.154.75:123
Dec 10 17:20:41 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39659 -> 97.120.154.75:123
Dec 10 17:20:41 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39659 -> 97.120.154.75:123
Dec 10 17:20:41 snort[29511]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39659 -> 97.120.154.75:123
Dec 10 17:20:00 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.4.153.253:44214 -> 97.120.154.75:1433
Dec 10 17:20:00 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 186.4.153.253:44214 -> 97.120.154.75:1433
Dec 10 17:19:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.110:38576 -> 97.120.154.75:26
Dec 10 17:19:29 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.110:38576 -> 97.120.154.75:26
Dec 10 17:19:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.32:37362 -> 97.120.154.75:3270
Dec 10 17:19:25 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.32:37362 -> 97.120.154.75:3270
Dec 10 17:19:14 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1059
Dec 10 17:19:14 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.154.75:1059
Dec 10 17:19:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1900
Dec 10 17:19:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.154.75:1900
Dec 10 17:19:00 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.52:35373 -> 97.120.154.75:8080
Dec 10 17:19:00 snort[29511]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.52:35373 -> 97.120.154.75:8080
Dec 10 17:18:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:30002
Dec 10 17:18:36 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.154.75:30002
Dec 10 17:18:27 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 17:18:27 snort[29511]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.154.75:8545
Dec 10 17:16:42 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61552
Dec 10 17:16:42 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:40311 -> 97.120.154.75:61552
Dec 10 17:14:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:405
Dec 10 17:14:22 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.154.75:405
Dec 10 17:14:07 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5212
Dec 10 17:14:07 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.154.75:5212
Dec 10 17:13:38 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:38557 -> 97.120.154.75:8089
Dec 10 17:13:38 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:38557 -> 97.120.154.75:8089
Dec 10 17:13:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:365
Dec 10 17:13:24 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.154.75:365
Dec 10 17:13:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9725
Dec 10 17:13:21 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9725
Dec 10 17:13:21 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9725
Dec 10 17:13:21 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.154.75:9725
Dec 10 17:09:44 snort[29511]: [1:2403432:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 67 [Classification: Misc Attack] [Priority: 2] {TCP} 78.26.172.117:15346 -> 97.120.154.75:23
Dec 10 17:09:44 snort[29511]: [1:2403432:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 67 [Classification: Misc Attack] [Priority: 2] {TCP} 78.26.172.117:15346 -> 97.120.154.75:23
Dec 10 17:09:39 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9083
Dec 10 17:09:39 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.154.75:9083
Dec 10 17:09:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3082
Dec 10 17:09:23 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.154.75:3082
Dec 10 17:09:12 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:29669
Dec 10 17:09:12 snort[29511]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.154.75:29669
Dec 10 17:08:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3189
Dec 10 17:08:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.154.75:3189
Dec 10 17:07:47 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:51430 -> 97.120.154.75:6881
Dec 10 17:07:47 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:51430 -> 97.120.154.75:6881
Dec 10 17:06:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:44384 -> 97.120.154.75:49716
Dec 10 17:06:52 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:44384 -> 97.120.154.75:49716
Dec 10 17:06:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1739
Dec 10 17:06:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.154.75:1739
Dec 10 17:06:06 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:24880 -> 97.120.154.75:1723
Dec 10 17:06:06 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:24880 -> 97.120.154.75:1723
Dec 10 17:06:06 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:24880 -> 97.120.154.75:1723
Dec 10 17:06:06 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:24880 -> 97.120.154.75:1723
Dec 10 17:05:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9223
Dec 10 17:05:51 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.154.75:9223
Dec 10 17:05:51 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:3556
Dec 10 17:05:51 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.154.75:3556
Dec 10 17:05:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:21610 -> 97.120.154.75:8089
Dec 10 17:05:28 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:21610 -> 97.120.154.75:8089
Dec 10 17:05:28 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:21610 -> 97.120.154.75:8089
Dec 10 17:05:28 snort[29511]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:21610 -> 97.120.154.75:8089
Dec 10 17:05:05 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 83.110.212.239:53917 -> 97.120.154.75:1433
Dec 10 17:05:05 snort[29511]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 83.110.212.239:53917 -> 97.120.154.75:1433
Dec 10 17:04:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3385
Dec 10 17:04:07 snort[29511]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.154.75:3385
Dec 10 17:03:46 snort[29511]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.154.75:3391
Dec 10 17:03:46 snort[29511]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.154.75:3391
Dec 10 17:03:01 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5973
Dec 10 17:03:01 snort[29511]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.154.75:5973
Dec 10 17:02:09 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:57877 -> 97.120.154.75:1047
Dec 10 17:02:09 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:57877 -> 97.120.154.75:1047
Dec 10 17:02:09 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:57877 -> 97.120.154.75:1047
Dec 10 17:02:09 snort[29511]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:57877 -> 97.120.154.75:1047
Dec 10 17:00:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.154.75:3384
Dec 10 17:00:54 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.154.75:3384
Dec 10 17:00:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10696
Dec 10 17:00:45 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.154.75:10696
Dec 10 17:00:43 snort[29511]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.154.75:44222
Dec 10 17:00:43 snort[29511]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.154.75:44222
Dec 10 17:00:43 snort[29511]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.154.75:44222
Dec 10 17:00:43 snort[29511]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.154.75:44222
Dec 10 17:00:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9208
Dec 10 17:00:08 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.154.75:9208
Dec 10 16:59:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:202
Dec 10 16:59:37 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.154.75:202
Dec 10 16:59:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.227:46589 -> 97.120.154.75:2525
Dec 10 16:59:10 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.227:46589 -> 97.120.154.75:2525
Dec 10 16:58:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.114:58951 -> 97.120.154.75:21
Dec 10 16:58:30 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.114:58951 -> 97.120.154.75:21
Dec 10 16:58:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:63
Dec 10 16:58:11 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.154.75:63
Dec 10 16:58:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:48285 -> 97.120.154.75:3905
Dec 10 16:58:05 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:48285 -> 97.120.154.75:3905
Dec 10 16:57:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:40635 -> 97.120.154.75:8888
Dec 10 16:57:40 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:40635 -> 97.120.154.75:8888
Dec 10 16:57:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8301
Dec 10 16:57:13 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.154.75:8301
Dec 10 16:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9231
Dec 10 16:55:26 snort[29511]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.154.75:9231
Dec 10 16:54:53 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:7008
Dec 10 16:54:53 snort[29511]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.154.75:7008
Dec 10 16:54:27 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:38434 -> 97.120.154.75:593
Dec 10 16:54:27 snort[29511]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:38434 -> 97.120.154.75:593
Dec 10 16:54:27 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:38434 -> 97.120.154.75:593
Dec 10 16:54:27 snort[29511]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:38434 -> 97.120.154.75:593
Dec 10 16:51:06 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:42338 -> 97.120.245.83:2180
Dec 10 16:51:06 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:42338 -> 97.120.245.83:2180
Dec 10 16:50:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.172:38701 -> 97.120.245.83:143
Dec 10 16:50:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.172:38701 -> 97.120.245.83:143
Dec 10 16:49:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.245.83:41185
Dec 10 16:49:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.245.83:41185
Dec 10 16:49:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.108:8357 -> 97.120.245.83:9049
Dec 10 16:49:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.108:8357 -> 97.120.245.83:9049
Dec 10 16:48:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1851
Dec 10 16:48:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1851
Dec 10 16:48:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3398
Dec 10 16:48:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3398
Dec 10 16:48:16 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:41206 -> 97.120.245.83:5663
Dec 10 16:48:16 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:41206 -> 97.120.245.83:5663
Dec 10 16:48:01 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7998
Dec 10 16:48:01 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7998
Dec 10 16:47:10 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.245.83:21937
Dec 10 16:47:10 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.245.83:21937
Dec 10 16:47:03 snort[49195]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.245.83:33881
Dec 10 16:47:03 snort[49195]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.245.83:33881
Dec 10 16:44:53 snort[49195]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 103.112.9.214:22942 -> 97.120.245.83:23
Dec 10 16:44:53 snort[49195]: [1:2403490:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 96 [Classification: Misc Attack] [Priority: 2] {TCP} 103.112.9.214:22942 -> 97.120.245.83:23
Dec 10 16:43:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.93:65492 -> 97.120.245.83:2006
Dec 10 16:43:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.93:65492 -> 97.120.245.83:2006
Dec 10 16:43:46 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:46 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:46 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:46 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:46 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:46 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.112:5877 -> 97.120.245.83:5060
Dec 10 16:43:01 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.118.20.168:45947 -> 97.120.245.83:1433
Dec 10 16:43:01 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.118.20.168:45947 -> 97.120.245.83:1433
Dec 10 16:41:39 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:58300 -> 97.120.245.83:1025
Dec 10 16:41:39 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:58300 -> 97.120.245.83:1025
Dec 10 16:41:16 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4588
Dec 10 16:41:16 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4588
Dec 10 16:41:16 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:2020
Dec 10 16:41:16 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:2020
Dec 10 16:39:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3436
Dec 10 16:39:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3436
Dec 10 16:39:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.245.83:9204
Dec 10 16:39:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:41086 -> 97.120.245.83:9204
Dec 10 16:39:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1833
Dec 10 16:39:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1833
Dec 10 16:38:00 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.252.79.192:4548 -> 97.120.245.83:5555
Dec 10 16:38:00 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.252.79.192:4548 -> 97.120.245.83:5555
Dec 10 16:37:57 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 189.189.202.67:53729 -> 97.120.245.83:1433
Dec 10 16:37:57 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 189.189.202.67:53729 -> 97.120.245.83:1433
Dec 10 16:37:55 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:44388 -> 97.120.245.83:5038
Dec 10 16:37:55 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:44388 -> 97.120.245.83:5038
Dec 10 16:35:58 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:35591
Dec 10 16:35:58 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:35591
Dec 10 16:35:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:58475 -> 97.120.245.83:7777
Dec 10 16:35:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:58475 -> 97.120.245.83:7777
Dec 10 16:35:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.245.83:33390
Dec 10 16:35:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.245.83:33390
Dec 10 16:34:43 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.147:44839 -> 97.120.245.83:587
Dec 10 16:34:43 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.147:44839 -> 97.120.245.83:587
Dec 10 16:32:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.245.83:9208
Dec 10 16:32:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:40953 -> 97.120.245.83:9208
Dec 10 16:31:58 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:33899
Dec 10 16:31:58 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:33899
Dec 10 16:31:07 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.57:34247 -> 97.120.245.83:554
Dec 10 16:31:07 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.57:34247 -> 97.120.245.83:554
Dec 10 16:30:58 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:30:58 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:30:58 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:30:58 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:30:58 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:30:58 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5070 -> 97.120.245.83:5060
Dec 10 16:29:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5104
Dec 10 16:29:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5104
Dec 10 16:28:28 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5224
Dec 10 16:28:28 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5224
Dec 10 16:28:24 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7221
Dec 10 16:28:24 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7221
Dec 10 16:28:19 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:56650
Dec 10 16:28:19 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:56650
Dec 10 16:27:48 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:43906 -> 97.120.245.83:4802
Dec 10 16:27:48 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:43906 -> 97.120.245.83:4802
Dec 10 16:27:00 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 86.98.80.248:26153 -> 97.120.245.83:1433
Dec 10 16:27:00 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 86.98.80.248:26153 -> 97.120.245.83:1433
Dec 10 16:27:00 snort[49195]: [1:2403456:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 [Classification: Misc Attack] [Priority: 2] {TCP} 86.98.80.248:26153 -> 97.120.245.83:1433
Dec 10 16:27:00 snort[49195]: [1:2403456:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 [Classification: Misc Attack] [Priority: 2] {TCP} 86.98.80.248:26153 -> 97.120.245.83:1433
Dec 10 16:26:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.245.83:48017
Dec 10 16:26:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.245.83:48017
Dec 10 16:26:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2010
Dec 10 16:26:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2010
Dec 10 16:20:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35336 -> 97.120.245.83:4730
Dec 10 16:20:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35336 -> 97.120.245.83:4730
Dec 10 16:20:52 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35336 -> 97.120.245.83:4730
Dec 10 16:20:52 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35336 -> 97.120.245.83:4730
Dec 10 16:18:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:60101
Dec 10 16:18:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:60101
Dec 10 16:17:22 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.31:34584 -> 97.120.245.83:8080
Dec 10 16:17:22 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.31:34584 -> 97.120.245.83:8080
Dec 10 16:16:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10023
Dec 10 16:16:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10023
Dec 10 16:16:07 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:18813 -> 97.120.245.83:8089
Dec 10 16:16:07 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:18813 -> 97.120.245.83:8089
Dec 10 16:15:30 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9089
Dec 10 16:15:30 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9089
Dec 10 16:12:54 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5668
Dec 10 16:12:54 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5668
Dec 10 16:11:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:4406
Dec 10 16:11:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:4406
Dec 10 16:11:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:4406
Dec 10 16:11:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:4406
Dec 10 16:10:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:41235 -> 97.120.245.83:9999
Dec 10 16:10:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:41235 -> 97.120.245.83:9999
Dec 10 16:10:03 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.217.248.4:30468 -> 97.120.245.83:23
Dec 10 16:10:03 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.217.248.4:30468 -> 97.120.245.83:23
Dec 10 16:09:06 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.202:40736 -> 97.120.245.83:177
Dec 10 16:09:06 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.202:40736 -> 97.120.245.83:177
Dec 10 16:08:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3015
Dec 10 16:08:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3015
Dec 10 16:08:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.245.83:9221
Dec 10 16:08:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:40963 -> 97.120.245.83:9221
Dec 10 16:07:58 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 171.124.240.132:59167 -> 97.120.245.83:1433
Dec 10 16:07:58 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 171.124.240.132:59167 -> 97.120.245.83:1433
Dec 10 16:07:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3122
Dec 10 16:07:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3122
Dec 10 16:06:38 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.37.174.24:5090 -> 97.120.245.83:5060
Dec 10 16:06:38 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.37.174.24:5090 -> 97.120.245.83:5060
Dec 10 16:06:38 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.37.174.24:5090 -> 97.120.245.83:5060
Dec 10 16:06:38 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 104.37.174.24:5090 -> 97.120.245.83:5060
Dec 10 16:05:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:215
Dec 10 16:05:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:215
Dec 10 16:04:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.245.83:7811
Dec 10 16:04:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:41204 -> 97.120.245.83:7811
Dec 10 16:03:13 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:55536 -> 97.120.245.83:9999
Dec 10 16:03:13 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:55536 -> 97.120.245.83:9999
Dec 10 16:03:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:40996 -> 97.120.245.83:9243
Dec 10 16:03:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:40996 -> 97.120.245.83:9243
Dec 10 16:02:07 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 16:02:07 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 16:02:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:360
Dec 10 16:02:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:360
Dec 10 16:02:02 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:46202 -> 97.120.245.83:5091
Dec 10 16:02:02 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:46202 -> 97.120.245.83:5091
Dec 10 15:59:49 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:48725 -> 97.120.245.83:14783
Dec 10 15:59:49 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:48725 -> 97.120.245.83:14783
Dec 10 15:59:24 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:21071
Dec 10 15:59:24 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:21071
Dec 10 15:59:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.113:43295 -> 97.120.245.83:59071
Dec 10 15:59:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.113:43295 -> 97.120.245.83:59071
Dec 10 15:57:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.245.83:47314
Dec 10 15:57:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:42765 -> 97.120.245.83:47314
Dec 10 15:56:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:28998 -> 97.120.245.83:8089
Dec 10 15:56:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:28998 -> 97.120.245.83:8089
Dec 10 15:56:52 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:28998 -> 97.120.245.83:8089
Dec 10 15:56:52 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:28998 -> 97.120.245.83:8089
Dec 10 15:56:25 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:4000
Dec 10 15:56:25 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:4000
Dec 10 15:52:58 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.59.133.198:56653 -> 97.120.245.83:1433
Dec 10 15:52:58 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.59.133.198:56653 -> 97.120.245.83:1433
Dec 10 15:52:58 snort[49195]: [1:2403386:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 [Classification: Misc Attack] [Priority: 2] {TCP} 58.59.133.198:56653 -> 97.120.245.83:1433
Dec 10 15:52:58 snort[49195]: [1:2403386:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 44 [Classification: Misc Attack] [Priority: 2] {TCP} 58.59.133.198:56653 -> 97.120.245.83:1433
Dec 10 15:51:41 snort[49195]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.247.40.254:41323 -> 97.120.245.83:9000
Dec 10 15:51:41 snort[49195]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.247.40.254:41323 -> 97.120.245.83:9000
Dec 10 15:51:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1748
Dec 10 15:51:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1748
Dec 10 15:49:24 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.245.83:9232
Dec 10 15:49:24 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:40985 -> 97.120.245.83:9232
Dec 10 15:47:58 snort[49195]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 68.171.157.231:54807 -> 97.120.245.83:445
Dec 10 15:47:58 snort[49195]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 68.171.157.231:54807 -> 97.120.245.83:445
Dec 10 15:47:43 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:17313 -> 97.120.245.83:465
Dec 10 15:47:43 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:17313 -> 97.120.245.83:465
Dec 10 15:47:40 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3380
Dec 10 15:47:40 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3380
Dec 10 15:47:04 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:522
Dec 10 15:47:04 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:522
Dec 10 15:46:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9725
Dec 10 15:46:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9725
Dec 10 15:46:27 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9725
Dec 10 15:46:27 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9725
Dec 10 15:43:56 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:5357
Dec 10 15:43:56 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:5357
Dec 10 15:43:44 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.40:29662 -> 97.120.245.83:3065
Dec 10 15:43:44 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.40:29662 -> 97.120.245.83:3065
Dec 10 15:42:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:41263 -> 97.120.245.83:9249
Dec 10 15:42:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.83:41263 -> 97.120.245.83:9249
Dec 10 15:42:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:434
Dec 10 15:42:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:434
Dec 10 15:41:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:6290
Dec 10 15:41:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:6290
Dec 10 15:41:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.245.83:9224
Dec 10 15:41:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:40971 -> 97.120.245.83:9224
Dec 10 15:41:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:47924 -> 97.120.245.83:42777
Dec 10 15:41:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:47924 -> 97.120.245.83:42777
Dec 10 15:40:51 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:30
Dec 10 15:40:51 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:30
Dec 10 15:40:22 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:15380 -> 97.120.245.83:8089
Dec 10 15:40:22 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:15380 -> 97.120.245.83:8089
Dec 10 15:38:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.245.83:41186
Dec 10 15:38:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:40731 -> 97.120.245.83:41186
Dec 10 15:37:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8239
Dec 10 15:37:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8239
Dec 10 15:36:59 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.13:51571 -> 97.120.245.83:2161
Dec 10 15:36:59 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.13:51571 -> 97.120.245.83:2161
Dec 10 15:36:01 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:191
Dec 10 15:36:01 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:191
Dec 10 15:35:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.110:46527 -> 97.120.245.83:49272
Dec 10 15:35:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.110:46527 -> 97.120.245.83:49272
Dec 10 15:35:43 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5065 -> 97.120.245.83:5060
Dec 10 15:35:43 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5065 -> 97.120.245.83:5060
Dec 10 15:35:43 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5065 -> 97.120.245.83:5060
Dec 10 15:35:43 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5065 -> 97.120.245.83:5060
Dec 10 15:35:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:44044 -> 97.120.245.83:39519
Dec 10 15:35:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:44044 -> 97.120.245.83:39519
Dec 10 15:34:49 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:60785
Dec 10 15:34:49 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:60785
Dec 10 15:34:48 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 109.248.200.163:5062 -> 97.120.245.83:5060
Dec 10 15:34:48 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 109.248.200.163:5062 -> 97.120.245.83:5060
Dec 10 15:34:48 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 109.248.200.163:5062 -> 97.120.245.83:5060
Dec 10 15:34:48 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 109.248.200.163:5062 -> 97.120.245.83:5060
Dec 10 15:33:33 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.16.31.249:28437 -> 97.120.245.83:26
Dec 10 15:33:33 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.16.31.249:28437 -> 97.120.245.83:26
Dec 10 15:32:44 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 1.56.207.135:47453 -> 97.120.245.83:1433
Dec 10 15:32:44 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 1.56.207.135:47453 -> 97.120.245.83:1433
Dec 10 15:32:44 snort[49195]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 1.56.207.135:47453 -> 97.120.245.83:1433
Dec 10 15:32:44 snort[49195]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 1.56.207.135:47453 -> 97.120.245.83:1433
Dec 10 15:32:30 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:57612 -> 97.120.245.83:1025
Dec 10 15:32:30 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:57612 -> 97.120.245.83:1025
Dec 10 15:32:21 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:1111
Dec 10 15:32:21 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:1111
Dec 10 15:30:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.101:52995 -> 97.120.245.83:602
Dec 10 15:30:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.101:52995 -> 97.120.245.83:602
Dec 10 15:30:05 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9028
Dec 10 15:30:05 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9028
Dec 10 15:29:55 snort[49195]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.205.34:28693 -> 97.120.245.83:4664
Dec 10 15:29:55 snort[49195]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.205.34:28693 -> 97.120.245.83:4664
Dec 10 15:28:49 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14030
Dec 10 15:28:49 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14030
Dec 10 15:28:23 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1017
Dec 10 15:28:23 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1017
Dec 10 15:28:21 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:53016 -> 97.120.245.83:7777
Dec 10 15:28:21 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:53016 -> 97.120.245.83:7777
Dec 10 15:28:08 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.245.83:5915
Dec 10 15:28:08 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40142 -> 97.120.245.83:5915
Dec 10 15:24:22 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4412
Dec 10 15:24:22 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4412
Dec 10 15:24:14 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 37.104.100.75:57382 -> 97.120.245.83:1433
Dec 10 15:24:14 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 37.104.100.75:57382 -> 97.120.245.83:1433
Dec 10 15:23:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:53914 -> 97.120.245.83:53850
Dec 10 15:23:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:53914 -> 97.120.245.83:53850
Dec 10 15:23:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5129
Dec 10 15:23:15 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5129
Dec 10 15:22:51 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 42.236.82.21:55238 -> 97.120.245.83:1433
Dec 10 15:22:51 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 42.236.82.21:55238 -> 97.120.245.83:1433
Dec 10 15:22:51 snort[49195]: [1:2403344:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 [Classification: Misc Attack] [Priority: 2] {TCP} 42.236.82.21:55238 -> 97.120.245.83:1433
Dec 10 15:22:51 snort[49195]: [1:2403344:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 23 [Classification: Misc Attack] [Priority: 2] {TCP} 42.236.82.21:55238 -> 97.120.245.83:1433
Dec 10 15:21:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23391
Dec 10 15:21:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23391
Dec 10 15:21:56 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23391
Dec 10 15:21:56 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23391
Dec 10 15:20:13 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:39503 -> 97.120.245.83:1541
Dec 10 15:20:13 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:39503 -> 97.120.245.83:1541
Dec 10 15:18:49 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55347 -> 97.120.245.83:8089
Dec 10 15:18:49 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55347 -> 97.120.245.83:8089
Dec 10 15:18:49 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55347 -> 97.120.245.83:8089
Dec 10 15:18:49 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55347 -> 97.120.245.83:8089
Dec 10 15:18:46 snort[49195]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.245.83:5135
Dec 10 15:18:46 snort[49195]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.245.83:5135
Dec 10 15:16:35 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41870 -> 97.120.245.83:1041
Dec 10 15:16:35 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41870 -> 97.120.245.83:1041
Dec 10 15:16:35 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41870 -> 97.120.245.83:1041
Dec 10 15:16:35 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:41870 -> 97.120.245.83:1041
Dec 10 15:16:06 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 70.56.138.41:6530 -> 97.120.245.83:9090
Dec 10 15:16:06 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 70.56.138.41:6530 -> 97.120.245.83:9090
Dec 10 15:15:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3399
Dec 10 15:15:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3399
Dec 10 15:13:10 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:47724 -> 97.120.245.83:50802
Dec 10 15:13:10 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:47724 -> 97.120.245.83:50802
Dec 10 15:12:43 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 173.249.45.206:48030 -> 97.120.245.83:1433
Dec 10 15:12:43 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 173.249.45.206:48030 -> 97.120.245.83:1433
Dec 10 15:12:08 snort[49195]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.245.83:3390
Dec 10 15:12:08 snort[49195]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:56394 -> 97.120.245.83:3390
Dec 10 15:11:54 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55104 -> 97.120.245.83:514
Dec 10 15:11:54 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55104 -> 97.120.245.83:514
Dec 10 15:11:54 snort[49195]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55104 -> 97.120.245.83:514
Dec 10 15:11:54 snort[49195]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55104 -> 97.120.245.83:514
Dec 10 15:11:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.245.83:21939
Dec 10 15:11:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:59525 -> 97.120.245.83:21939
Dec 10 15:09:57 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:20389
Dec 10 15:09:57 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:20389
Dec 10 15:08:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3390
Dec 10 15:08:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3390
Dec 10 15:08:35 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3390
Dec 10 15:08:35 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3390
Dec 10 15:07:17 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.125.129.14:57346 -> 97.120.245.83:23
Dec 10 15:07:17 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.125.129.14:57346 -> 97.120.245.83:23
Dec 10 15:07:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.169:44846 -> 97.120.245.83:46159
Dec 10 15:07:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.169:44846 -> 97.120.245.83:46159
Dec 10 15:07:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.245.83:48018
Dec 10 15:07:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:40125 -> 97.120.245.83:48018
Dec 10 15:04:54 snort[49195]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3358
Dec 10 15:04:54 snort[49195]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3358
Dec 10 15:03:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3283
Dec 10 15:03:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3283
Dec 10 15:02:10 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5689
Dec 10 15:02:10 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5689
Dec 10 15:01:38 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:34353
Dec 10 15:01:38 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:34353
Dec 10 15:01:06 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 93.157.152.247:24539 -> 97.120.245.83:9000
Dec 10 15:01:06 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 93.157.152.247:24539 -> 97.120.245.83:9000
Dec 10 15:01:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1897
Dec 10 15:01:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1897
Dec 10 14:58:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33893
Dec 10 14:58:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33893
Dec 10 14:58:18 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33893
Dec 10 14:58:18 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33893
Dec 10 14:56:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.245.83:64603
Dec 10 14:56:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.245.83:64603
Dec 10 14:56:53 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.245.83:64603
Dec 10 14:56:53 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:42395 -> 97.120.245.83:64603
Dec 10 14:55:40 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 94.102.56.151:6551 -> 97.120.245.83:5060
Dec 10 14:55:40 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 94.102.56.151:6551 -> 97.120.245.83:5060
Dec 10 14:54:18 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.159.19.27:53236 -> 97.120.245.83:23
Dec 10 14:54:18 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.159.19.27:53236 -> 97.120.245.83:23
Dec 10 14:53:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:51647 -> 97.120.245.83:9869
Dec 10 14:53:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:51647 -> 97.120.245.83:9869
Dec 10 14:53:02 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:52926 -> 97.120.245.83:1254
Dec 10 14:53:02 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:52926 -> 97.120.245.83:1254
Dec 10 14:50:45 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3449
Dec 10 14:50:45 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3449
Dec 10 14:49:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:41328 -> 97.120.245.83:8089
Dec 10 14:49:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:41328 -> 97.120.245.83:8089
Dec 10 14:49:04 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:41328 -> 97.120.245.83:8089
Dec 10 14:49:04 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:41328 -> 97.120.245.83:8089
Dec 10 14:48:54 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.54.87.36:44593 -> 97.120.245.83:1433
Dec 10 14:48:54 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.54.87.36:44593 -> 97.120.245.83:1433
Dec 10 14:48:54 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.54.87.36:44593 -> 97.120.245.83:1433
Dec 10 14:48:54 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.54.87.36:44593 -> 97.120.245.83:1433
Dec 10 14:48:19 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.193.163.131:62225 -> 97.120.245.83:1433
Dec 10 14:48:19 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.193.163.131:62225 -> 97.120.245.83:1433
Dec 10 14:47:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:310
Dec 10 14:47:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:310
Dec 10 14:46:54 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:46202 -> 97.120.245.83:5063
Dec 10 14:46:54 snort[49195]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:46202 -> 97.120.245.83:5063
Dec 10 14:46:43 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2613
Dec 10 14:46:43 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2613
Dec 10 14:46:17 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 14:46:17 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 14:46:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21904
Dec 10 14:46:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21904
Dec 10 14:45:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11697
Dec 10 14:45:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11697
Dec 10 14:45:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:55956 -> 97.120.245.83:6666
Dec 10 14:45:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:55956 -> 97.120.245.83:6666
Dec 10 14:43:41 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.185.18.34:1840 -> 97.120.245.83:1433
Dec 10 14:43:41 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.185.18.34:1840 -> 97.120.245.83:1433
Dec 10 14:43:41 snort[49195]: [1:2403404:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 [Classification: Misc Attack] [Priority: 2] {TCP} 61.185.18.34:1840 -> 97.120.245.83:1433
Dec 10 14:43:41 snort[49195]: [1:2403404:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 53 [Classification: Misc Attack] [Priority: 2] {TCP} 61.185.18.34:1840 -> 97.120.245.83:1433
Dec 10 14:43:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:262
Dec 10 14:43:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:262
Dec 10 14:43:25 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.61.246:5061 -> 97.120.245.83:5060
Dec 10 14:43:25 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.61.246:5061 -> 97.120.245.83:5060
Dec 10 14:43:25 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.61.246:5061 -> 97.120.245.83:5060
Dec 10 14:43:25 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 217.61.61.246:5061 -> 97.120.245.83:5060
Dec 10 14:43:22 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.142.236.35:17340 -> 97.120.245.83:9595
Dec 10 14:43:22 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.142.236.35:17340 -> 97.120.245.83:9595
Dec 10 14:43:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:19868 -> 97.120.245.83:8089
Dec 10 14:43:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:19868 -> 97.120.245.83:8089
Dec 10 14:43:12 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3395
Dec 10 14:43:12 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3395
Dec 10 14:43:07 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.131.73.67:45844 -> 97.120.245.83:1433
Dec 10 14:43:07 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.131.73.67:45844 -> 97.120.245.83:1433
Dec 10 14:41:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1822
Dec 10 14:41:27 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1822
Dec 10 14:41:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.47:40023 -> 97.120.245.83:39829
Dec 10 14:41:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.47:40023 -> 97.120.245.83:39829
Dec 10 14:40:03 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:40:03 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:40:03 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:40:03 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:40:03 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:40:03 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5106 -> 97.120.245.83:5060
Dec 10 14:39:14 snort[49195]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.253.158:59054 -> 97.120.245.83:8529
Dec 10 14:39:14 snort[49195]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.253.158:59054 -> 97.120.245.83:8529
Dec 10 14:37:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:42125 -> 97.120.245.83:58444
Dec 10 14:37:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:42125 -> 97.120.245.83:58444
Dec 10 14:37:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55547
Dec 10 14:37:19 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55547
Dec 10 14:34:09 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.225.216.67:40598 -> 97.120.245.83:1433
Dec 10 14:34:09 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.225.216.67:40598 -> 97.120.245.83:1433
Dec 10 14:33:57 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.7:5153 -> 97.120.245.83:5060
Dec 10 14:33:57 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.7:5153 -> 97.120.245.83:5060
Dec 10 14:33:57 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.7:5153 -> 97.120.245.83:5060
Dec 10 14:33:57 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.7:5153 -> 97.120.245.83:5060
Dec 10 14:33:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:57285 -> 97.120.245.83:10001
Dec 10 14:33:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:57285 -> 97.120.245.83:10001
Dec 10 14:33:54 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:57285 -> 97.120.245.83:10001
Dec 10 14:33:54 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:57285 -> 97.120.245.83:10001
Dec 10 14:33:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18022
Dec 10 14:33:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18022
Dec 10 14:32:39 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:3344
Dec 10 14:32:39 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:3344
Dec 10 14:32:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1947
Dec 10 14:32:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1947
Dec 10 14:30:39 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13335
Dec 10 14:30:39 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13335
Dec 10 14:29:46 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:45264
Dec 10 14:29:46 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:45264
Dec 10 14:28:48 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5229
Dec 10 14:28:48 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5229
Dec 10 14:28:39 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:28:39 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:28:39 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:28:39 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:28:39 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:28:39 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:6111 -> 97.120.245.83:5060
Dec 10 14:27:59 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8154
Dec 10 14:27:59 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8154
Dec 10 14:27:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:58111 -> 97.120.245.83:23543
Dec 10 14:27:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:58111 -> 97.120.245.83:23543
Dec 10 14:26:24 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:45719 -> 97.120.245.83:1025
Dec 10 14:26:24 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:45719 -> 97.120.245.83:1025
Dec 10 14:26:05 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:2076
Dec 10 14:26:05 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:2076
Dec 10 14:25:27 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.53:58413 -> 97.120.245.83:20249
Dec 10 14:25:27 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.53:58413 -> 97.120.245.83:20249
Dec 10 14:24:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:53615 -> 97.120.245.83:8888
Dec 10 14:24:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:53615 -> 97.120.245.83:8888
Dec 10 14:24:14 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9077
Dec 10 14:24:14 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9077
Dec 10 14:22:17 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8019
Dec 10 14:22:17 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8019
Dec 10 14:21:55 snort[49195]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.151:61000 -> 97.120.245.83:13119
Dec 10 14:21:55 snort[49195]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.151:61000 -> 97.120.245.83:13119
Dec 10 14:20:42 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13273
Dec 10 14:20:42 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13273
Dec 10 14:19:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39297 -> 97.120.245.83:623
Dec 10 14:19:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39297 -> 97.120.245.83:623
Dec 10 14:19:12 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39297 -> 97.120.245.83:623
Dec 10 14:19:12 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39297 -> 97.120.245.83:623
Dec 10 14:18:28 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.155.41.34:55296 -> 97.120.245.83:1433
Dec 10 14:18:28 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 61.155.41.34:55296 -> 97.120.245.83:1433
Dec 10 14:17:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:48725 -> 97.120.245.83:14784
Dec 10 14:17:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:48725 -> 97.120.245.83:14784
Dec 10 14:16:59 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.23:58039 -> 97.120.245.83:38072
Dec 10 14:16:59 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.23:58039 -> 97.120.245.83:38072
Dec 10 14:13:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:44044 -> 97.120.245.83:39518
Dec 10 14:13:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:44044 -> 97.120.245.83:39518
Dec 10 14:13:17 snort[49195]: [1:2403462:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 [Classification: Misc Attack] [Priority: 2] {TCP} 89.186.120.100:5640 -> 97.120.245.83:2323
Dec 10 14:13:17 snort[49195]: [1:2403462:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 [Classification: Misc Attack] [Priority: 2] {TCP} 89.186.120.100:5640 -> 97.120.245.83:2323
Dec 10 14:11:43 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5916
Dec 10 14:11:43 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5916
Dec 10 14:11:41 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:49805 -> 97.120.245.83:2151
Dec 10 14:11:41 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:49805 -> 97.120.245.83:2151
Dec 10 14:10:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3853
Dec 10 14:10:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3853
Dec 10 14:10:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47653
Dec 10 14:10:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47653
Dec 10 14:10:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 23.88.137.2:41140 -> 97.120.245.83:1433
Dec 10 14:10:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 23.88.137.2:41140 -> 97.120.245.83:1433
Dec 10 14:10:39 snort[49195]: [1:2403316:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 [Classification: Misc Attack] [Priority: 2] {TCP} 23.88.137.2:41140 -> 97.120.245.83:1433
Dec 10 14:10:39 snort[49195]: [1:2403316:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 [Classification: Misc Attack] [Priority: 2] {TCP} 23.88.137.2:41140 -> 97.120.245.83:1433
Dec 10 14:08:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60035
Dec 10 14:08:50 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60035
Dec 10 14:08:50 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60035
Dec 10 14:08:50 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60035
Dec 10 14:06:49 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.134.213.126:53733 -> 97.120.245.83:1433
Dec 10 14:06:49 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.134.213.126:53733 -> 97.120.245.83:1433
Dec 10 14:06:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.82:63509 -> 97.120.245.83:9295
Dec 10 14:06:30 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.82:63509 -> 97.120.245.83:9295
Dec 10 14:06:10 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5113
Dec 10 14:06:10 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5113
Dec 10 14:06:01 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 207.38.90.13:5382 -> 97.120.245.83:5060
Dec 10 14:06:01 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 207.38.90.13:5382 -> 97.120.245.83:5060
Dec 10 14:06:01 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 207.38.90.13:5382 -> 97.120.245.83:5060
Dec 10 14:06:01 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 207.38.90.13:5382 -> 97.120.245.83:5060
Dec 10 14:05:46 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:27199 -> 97.120.245.83:8089
Dec 10 14:05:46 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:27199 -> 97.120.245.83:8089
Dec 10 14:04:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:74
Dec 10 14:04:54 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:74
Dec 10 14:04:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:14000
Dec 10 14:04:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:14000
Dec 10 14:04:23 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:4064
Dec 10 14:04:23 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:4064
Dec 10 14:03:21 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 119.160.234.51:53105 -> 97.120.245.83:1433
Dec 10 14:03:21 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 119.160.234.51:53105 -> 97.120.245.83:1433
Dec 10 14:02:00 snort[49195]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.245.83:15551
Dec 10 14:02:00 snort[49195]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:55523 -> 97.120.245.83:15551
Dec 10 14:01:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:587
Dec 10 14:01:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:587
Dec 10 14:00:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:5688
Dec 10 14:00:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:5688
Dec 10 14:00:12 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:5688
Dec 10 14:00:12 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:5688
Dec 10 13:59:40 snort[49195]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 67.207.88.180:50434 -> 97.120.245.83:2274
Dec 10 13:59:40 snort[49195]: [1:2403416:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 59 [Classification: Misc Attack] [Priority: 2] {TCP} 67.207.88.180:50434 -> 97.120.245.83:2274
Dec 10 13:57:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1725
Dec 10 13:57:34 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1725
Dec 10 13:57:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:50855 -> 97.120.245.83:6666
Dec 10 13:57:29 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:50855 -> 97.120.245.83:6666
Dec 10 13:57:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3213
Dec 10 13:57:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3213
Dec 10 13:57:11 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:37387
Dec 10 13:57:11 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:37387
Dec 10 13:57:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:50665 -> 97.120.245.83:47397
Dec 10 13:57:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:50665 -> 97.120.245.83:47397
Dec 10 13:55:33 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:52524 -> 97.120.245.83:5038
Dec 10 13:55:33 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:52524 -> 97.120.245.83:5038
Dec 10 13:53:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.55:34364 -> 97.120.245.83:36135
Dec 10 13:53:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.55:34364 -> 97.120.245.83:36135
Dec 10 13:52:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:112
Dec 10 13:52:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:112
Dec 10 13:51:45 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:9040
Dec 10 13:51:45 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:9040
Dec 10 13:51:45 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1885
Dec 10 13:51:45 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1885
Dec 10 13:50:11 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3393
Dec 10 13:50:11 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3393
Dec 10 13:50:10 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 211.144.154.70:57436 -> 97.120.245.83:1433
Dec 10 13:50:10 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 211.144.154.70:57436 -> 97.120.245.83:1433
Dec 10 13:49:52 snort[49195]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 13:49:52 snort[49195]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 13:49:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 202.98.38.149:44127 -> 97.120.245.83:1433
Dec 10 13:49:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 202.98.38.149:44127 -> 97.120.245.83:1433
Dec 10 13:49:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 202.98.38.149:44127 -> 97.120.245.83:1433
Dec 10 13:49:39 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 202.98.38.149:44127 -> 97.120.245.83:1433
Dec 10 13:49:08 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5185
Dec 10 13:49:08 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5185
Dec 10 13:47:16 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3391
Dec 10 13:47:16 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3391
Dec 10 13:44:42 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5077 -> 97.120.245.83:5060
Dec 10 13:44:42 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5077 -> 97.120.245.83:5060
Dec 10 13:44:42 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5077 -> 97.120.245.83:5060
Dec 10 13:44:42 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5077 -> 97.120.245.83:5060
Dec 10 13:44:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33894
Dec 10 13:44:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33894
Dec 10 13:44:35 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33894
Dec 10 13:44:35 snort[49195]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33894
Dec 10 13:44:02 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4405
Dec 10 13:44:02 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4405
Dec 10 13:43:21 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.79:5169 -> 97.120.245.83:15061
Dec 10 13:43:21 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.79:5169 -> 97.120.245.83:15061
Dec 10 13:41:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:30043 -> 97.120.245.83:8089
Dec 10 13:41:07 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:30043 -> 97.120.245.83:8089
Dec 10 13:41:07 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:30043 -> 97.120.245.83:8089
Dec 10 13:41:07 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:30043 -> 97.120.245.83:8089
Dec 10 13:41:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:6000
Dec 10 13:41:04 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:6000
Dec 10 13:41:04 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:6000
Dec 10 13:41:04 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:6000
Dec 10 13:38:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:6906
Dec 10 13:38:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:6906
Dec 10 13:38:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:47097 -> 97.120.245.83:4441
Dec 10 13:38:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:47097 -> 97.120.245.83:4441
Dec 10 13:37:32 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:37:32 snort[49195]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:37:32 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:37:32 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:37:32 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:37:32 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.221.23:5088 -> 97.120.245.83:5060
Dec 10 13:36:27 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65010
Dec 10 13:36:27 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65010
Dec 10 13:36:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:42125 -> 97.120.245.83:58445
Dec 10 13:36:09 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:42125 -> 97.120.245.83:58445
Dec 10 13:36:03 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:34068 -> 97.120.245.83:1032
Dec 10 13:36:03 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:34068 -> 97.120.245.83:1032
Dec 10 13:36:03 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:34068 -> 97.120.245.83:1032
Dec 10 13:36:03 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:34068 -> 97.120.245.83:1032
Dec 10 13:35:27 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:41271 -> 97.120.245.83:3025
Dec 10 13:35:27 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:41271 -> 97.120.245.83:3025
Dec 10 13:34:38 snort[49195]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 2.32.30.37:50748 -> 97.120.245.83:23
Dec 10 13:34:38 snort[49195]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 2.32.30.37:50748 -> 97.120.245.83:23
Dec 10 13:34:11 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 181.209.7.178:62886 -> 97.120.245.83:1433
Dec 10 13:34:11 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 181.209.7.178:62886 -> 97.120.245.83:1433
Dec 10 13:34:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42202
Dec 10 13:34:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42202
Dec 10 13:32:38 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.146:48210 -> 97.120.245.83:3389
Dec 10 13:32:38 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.146:48210 -> 97.120.245.83:3389
Dec 10 13:32:33 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:45869 -> 97.120.245.83:1157
Dec 10 13:32:33 snort[49195]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:45869 -> 97.120.245.83:1157
Dec 10 13:30:46 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.66:5098 -> 97.120.245.83:5060
Dec 10 13:30:46 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.66:5098 -> 97.120.245.83:5060
Dec 10 13:30:46 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.66:5098 -> 97.120.245.83:5060
Dec 10 13:30:46 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.66:5098 -> 97.120.245.83:5060
Dec 10 13:30:39 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9003
Dec 10 13:30:39 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9003
Dec 10 13:30:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:7410
Dec 10 13:30:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:7410
Dec 10 13:29:51 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55188 -> 97.120.245.83:177
Dec 10 13:29:51 snort[49195]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55188 -> 97.120.245.83:177
Dec 10 13:29:51 snort[49195]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55188 -> 97.120.245.83:177
Dec 10 13:29:51 snort[49195]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:55188 -> 97.120.245.83:177
Dec 10 13:28:17 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.16.31.249:52903 -> 97.120.245.83:23
Dec 10 13:28:17 snort[49195]: [1:2403492:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 97 [Classification: Misc Attack] [Priority: 2] {TCP} 103.16.31.249:52903 -> 97.120.245.83:23
Dec 10 13:27:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1940
Dec 10 13:27:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1940
Dec 10 13:26:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.64:55218 -> 97.120.245.83:29720
Dec 10 13:26:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.64:55218 -> 97.120.245.83:29720
Dec 10 13:24:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8169
Dec 10 13:24:47 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8169
Dec 10 13:24:44 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:35861
Dec 10 13:24:44 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:35861
Dec 10 13:24:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:34757 -> 97.120.245.83:3000
Dec 10 13:24:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:34757 -> 97.120.245.83:3000
Dec 10 13:24:20 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:34757 -> 97.120.245.83:3000
Dec 10 13:24:20 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:34757 -> 97.120.245.83:3000
Dec 10 13:24:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11427
Dec 10 13:24:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11427
Dec 10 13:23:53 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 167.61.10.5:53065 -> 97.120.245.83:1433
Dec 10 13:23:53 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 167.61.10.5:53065 -> 97.120.245.83:1433
Dec 10 13:23:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:47916 -> 97.120.245.83:4444
Dec 10 13:23:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:47916 -> 97.120.245.83:4444
Dec 10 13:22:53 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.142.18.16:45118 -> 97.120.245.83:23
Dec 10 13:22:53 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.142.18.16:45118 -> 97.120.245.83:23
Dec 10 13:22:52 snort[49195]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:41214 -> 97.120.245.83:3386
Dec 10 13:22:52 snort[49195]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:41214 -> 97.120.245.83:3386
Dec 10 13:19:18 snort[49195]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 93.49.105.126:59641 -> 97.120.245.83:5555
Dec 10 13:19:18 snort[49195]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 93.49.105.126:59641 -> 97.120.245.83:5555
Dec 10 13:19:06 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:49416 -> 97.120.245.83:1025
Dec 10 13:19:06 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:49416 -> 97.120.245.83:1025
Dec 10 13:18:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1826
Dec 10 13:18:56 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1826
Dec 10 13:18:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50364 -> 97.120.245.83:8089
Dec 10 13:18:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50364 -> 97.120.245.83:8089
Dec 10 13:18:55 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50364 -> 97.120.245.83:8089
Dec 10 13:18:55 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50364 -> 97.120.245.83:8089
Dec 10 13:18:47 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5071 -> 97.120.245.83:5060
Dec 10 13:18:47 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5071 -> 97.120.245.83:5060
Dec 10 13:18:47 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5071 -> 97.120.245.83:5060
Dec 10 13:18:47 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5071 -> 97.120.245.83:5060
Dec 10 13:18:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:34904 -> 97.120.245.83:111
Dec 10 13:18:06 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:34904 -> 97.120.245.83:111
Dec 10 13:18:06 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:34904 -> 97.120.245.83:111
Dec 10 13:18:06 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:34904 -> 97.120.245.83:111
Dec 10 13:17:54 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.185:23320 -> 97.120.245.83:9002
Dec 10 13:17:54 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.146.185:23320 -> 97.120.245.83:9002
Dec 10 13:15:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32342
Dec 10 13:15:40 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32342
Dec 10 13:15:36 snort[49195]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.79.110.218:60163 -> 97.120.245.83:9999
Dec 10 13:15:36 snort[49195]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.79.110.218:60163 -> 97.120.245.83:9999
Dec 10 13:14:28 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.29:34584 -> 97.120.245.83:8080
Dec 10 13:14:28 snort[49195]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.29:34584 -> 97.120.245.83:8080
Dec 10 13:12:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:45099 -> 97.120.245.83:33709
Dec 10 13:12:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:45099 -> 97.120.245.83:33709
Dec 10 13:12:43 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:47724 -> 97.120.245.83:5038
Dec 10 13:12:43 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:47724 -> 97.120.245.83:5038
Dec 10 13:10:55 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6969
Dec 10 13:10:55 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6969
Dec 10 13:10:17 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:38116 -> 97.120.245.83:8089
Dec 10 13:10:17 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:38116 -> 97.120.245.83:8089
Dec 10 13:08:26 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.84.29:44641 -> 97.120.245.83:3416
Dec 10 13:08:26 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.84.29:44641 -> 97.120.245.83:3416
Dec 10 13:08:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47655
Dec 10 13:08:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47655
Dec 10 13:06:34 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.232.55.7:61870 -> 97.120.245.83:1433
Dec 10 13:06:34 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.232.55.7:61870 -> 97.120.245.83:1433
Dec 10 13:06:19 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7222
Dec 10 13:06:19 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7222
Dec 10 13:06:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44189
Dec 10 13:06:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44189
Dec 10 13:05:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.80:48216 -> 97.120.245.83:3389
Dec 10 13:05:12 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.80:48216 -> 97.120.245.83:3389
Dec 10 13:04:32 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.50:35373 -> 97.120.245.83:8080
Dec 10 13:04:32 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.50:35373 -> 97.120.245.83:8080
Dec 10 13:03:50 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6253
Dec 10 13:03:50 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6253
Dec 10 13:02:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:40505 -> 97.120.245.83:37642
Dec 10 13:02:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:40505 -> 97.120.245.83:37642
Dec 10 13:00:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.169:51192 -> 97.120.245.83:19158
Dec 10 13:00:23 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.169:51192 -> 97.120.245.83:19158
Dec 10 12:59:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2285
Dec 10 12:59:35 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2285
Dec 10 12:59:35 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2285
Dec 10 12:59:35 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2285
Dec 10 12:56:26 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.133:42313 -> 97.120.245.83:5038
Dec 10 12:56:26 snort[49195]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.133:42313 -> 97.120.245.83:5038
Dec 10 12:56:08 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:41284 -> 97.120.245.83:53242
Dec 10 12:56:08 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:41284 -> 97.120.245.83:53242
Dec 10 12:55:39 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:45623 -> 97.120.245.83:31500
Dec 10 12:55:39 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:45623 -> 97.120.245.83:31500
Dec 10 12:53:11 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3392
Dec 10 12:53:11 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3392
Dec 10 12:52:25 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3079
Dec 10 12:52:25 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3079
Dec 10 12:51:32 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:33896
Dec 10 12:51:32 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:33896
Dec 10 12:51:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1732
Dec 10 12:51:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1732
Dec 10 12:50:38 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.83:39805 -> 97.120.245.83:5605
Dec 10 12:50:38 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.83:39805 -> 97.120.245.83:5605
Dec 10 12:50:01 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3300
Dec 10 12:50:01 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3300
Dec 10 12:49:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.83:48224 -> 97.120.245.83:3389
Dec 10 12:49:53 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.83:48224 -> 97.120.245.83:3389
Dec 10 12:49:43 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:49:43 snort[49195]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:49:43 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:49:43 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:49:43 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:49:43 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5084 -> 97.120.245.83:5060
Dec 10 12:47:12 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12184
Dec 10 12:47:12 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12184
Dec 10 12:45:55 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.68.227:47990 -> 97.120.245.83:61199
Dec 10 12:45:55 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.68.227:47990 -> 97.120.245.83:61199
Dec 10 12:45:41 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8047
Dec 10 12:45:41 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8047
Dec 10 12:45:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21905
Dec 10 12:45:28 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21905
Dec 10 12:45:20 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 219.145.45.12:48473 -> 97.120.245.83:1433
Dec 10 12:45:20 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 219.145.45.12:48473 -> 97.120.245.83:1433
Dec 10 12:43:59 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5495 -> 97.120.245.83:5060
Dec 10 12:43:59 snort[49195]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5495 -> 97.120.245.83:5060
Dec 10 12:43:59 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5495 -> 97.120.245.83:5060
Dec 10 12:43:59 snort[49195]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5495 -> 97.120.245.83:5060
Dec 10 12:43:22 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:48336 -> 97.120.245.83:5555
Dec 10 12:43:22 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:48336 -> 97.120.245.83:5555
Dec 10 12:43:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3095
Dec 10 12:43:03 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3095
Dec 10 12:43:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:404
Dec 10 12:43:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:404
Dec 10 12:42:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.71:48214 -> 97.120.245.83:3389
Dec 10 12:42:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.71:48214 -> 97.120.245.83:3389
Dec 10 12:41:05 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:1793
Dec 10 12:41:05 snort[49195]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:1793
Dec 10 12:40:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:22000
Dec 10 12:40:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:22000
Dec 10 12:40:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:58945 -> 97.120.245.83:51114
Dec 10 12:40:26 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:58945 -> 97.120.245.83:51114
Dec 10 12:38:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:45396 -> 97.120.245.83:2222
Dec 10 12:38:17 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:45396 -> 97.120.245.83:2222
Dec 10 12:37:45 snort[49195]: [1:2403471:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 86 [Classification: Misc Attack] [Priority: 2] {UDP} 92.118.160.5:55495 -> 97.120.245.83:123
Dec 10 12:37:45 snort[49195]: [1:2403471:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 86 [Classification: Misc Attack] [Priority: 2] {UDP} 92.118.160.5:55495 -> 97.120.245.83:123
Dec 10 12:37:39 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.71:48129 -> 97.120.245.83:16322
Dec 10 12:37:39 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.71:48129 -> 97.120.245.83:16322
Dec 10 12:37:36 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:29464
Dec 10 12:37:36 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:29464
Dec 10 12:37:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:43377 -> 97.120.245.83:9555
Dec 10 12:37:18 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:43377 -> 97.120.245.83:9555
Dec 10 12:36:48 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.104:48208 -> 97.120.245.83:3389
Dec 10 12:36:48 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.104:48208 -> 97.120.245.83:3389
Dec 10 12:35:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.70:48212 -> 97.120.245.83:3389
Dec 10 12:35:00 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.70:48212 -> 97.120.245.83:3389
Dec 10 12:34:51 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18023
Dec 10 12:34:51 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18023
Dec 10 12:33:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39540 -> 97.120.245.83:8089
Dec 10 12:33:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39540 -> 97.120.245.83:8089
Dec 10 12:33:58 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39540 -> 97.120.245.83:8089
Dec 10 12:33:58 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39540 -> 97.120.245.83:8089
Dec 10 12:32:35 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.4.190.102:6745 -> 97.120.245.83:1433
Dec 10 12:32:35 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.4.190.102:6745 -> 97.120.245.83:1433
Dec 10 12:32:27 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 78.29.9.120:51166 -> 97.120.245.83:1433
Dec 10 12:32:27 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 78.29.9.120:51166 -> 97.120.245.83:1433
Dec 10 12:32:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:16783 -> 97.120.245.83:8089
Dec 10 12:32:15 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:16783 -> 97.120.245.83:8089
Dec 10 12:28:50 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.0.13.218:44490 -> 97.120.245.83:1433
Dec 10 12:28:50 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.0.13.218:44490 -> 97.120.245.83:1433
Dec 10 12:28:50 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.0.13.218:44490 -> 97.120.245.83:1433
Dec 10 12:28:50 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.0.13.218:44490 -> 97.120.245.83:1433
Dec 10 12:28:30 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3392
Dec 10 12:28:30 snort[49195]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3392
Dec 10 12:27:49 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.199.23:29011 -> 97.120.245.83:5560
Dec 10 12:27:49 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.199.23:29011 -> 97.120.245.83:5560
Dec 10 12:26:04 snort[49195]: [1:2403372:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.12.179:38229 -> 97.120.245.83:9943
Dec 10 12:26:04 snort[49195]: [1:2403372:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 37 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.12.179:38229 -> 97.120.245.83:9943
Dec 10 12:25:57 snort[49195]: [1:2403421:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 [Classification: Misc Attack] [Priority: 2] {UDP} 71.6.232.6:40169 -> 97.120.245.83:123
Dec 10 12:25:57 snort[49195]: [1:2403421:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 [Classification: Misc Attack] [Priority: 2] {UDP} 71.6.232.6:40169 -> 97.120.245.83:123
Dec 10 12:25:57 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5213
Dec 10 12:25:57 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5213
Dec 10 12:24:45 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:7131
Dec 10 12:24:45 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:7131
Dec 10 12:24:11 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5919
Dec 10 12:24:11 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5919
Dec 10 12:24:05 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10234
Dec 10 12:24:05 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10234
Dec 10 12:23:15 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1586
Dec 10 12:23:15 snort[49195]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1586
Dec 10 12:23:15 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 12:23:15 snort[49195]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 12:21:13 snort[49195]: [1:2010937:3] ET SCAN Suspicious inbound to mySQL port 3306 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 220.191.220.246:9366 -> 97.120.245.83:3306
Dec 10 12:21:13 snort[49195]: [1:2010937:3] ET SCAN Suspicious inbound to mySQL port 3306 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 220.191.220.246:9366 -> 97.120.245.83:3306
Dec 10 12:20:27 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.231.96.145:43970 -> 97.120.245.83:22
Dec 10 12:20:27 snort[49195]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.231.96.145:43970 -> 97.120.245.83:22
Dec 10 12:19:58 snort[49195]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.245.83:5151
Dec 10 12:19:58 snort[49195]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:42112 -> 97.120.245.83:5151
Dec 10 12:19:02 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9389
Dec 10 12:19:02 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9389
Dec 10 12:18:26 snort[49195]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.142:61000 -> 97.120.245.83:22293
Dec 10 12:18:26 snort[49195]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.142:61000 -> 97.120.245.83:22293
Dec 10 12:18:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42203
Dec 10 12:18:14 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42203
Dec 10 12:18:09 snort[49195]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3368
Dec 10 12:18:09 snort[49195]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3368
Dec 10 12:16:59 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 84.241.0.23:57814 -> 97.120.245.83:1433
Dec 10 12:16:59 snort[49195]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 84.241.0.23:57814 -> 97.120.245.83:1433
Dec 10 12:16:57 snort[49195]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.180:61000 -> 97.120.245.83:36775
Dec 10 12:16:57 snort[49195]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.180:61000 -> 97.120.245.83:36775
Dec 10 12:16:53 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:5110
Dec 10 12:16:53 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:5110
Dec 10 12:16:47 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13346
Dec 10 12:16:47 snort[49195]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13346
Dec 10 12:16:32 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3394
Dec 10 12:16:32 snort[49195]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3394
Dec 10 12:16:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60036
Dec 10 12:16:20 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60036
Dec 10 12:16:20 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60036
Dec 10 12:16:20 snort[49195]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:57151 -> 97.120.245.83:60036
Dec 10 12:15:45 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8687
Dec 10 12:15:45 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8687
Dec 10 12:14:50 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5178
Dec 10 12:14:50 snort[49195]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5178
Dec 10 12:13:02 snort[49195]: [1:2403330:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 16 [Classification: Misc Attack] [Priority: 2] {TCP} 36.34.162.177:52022 -> 97.120.245.83:2323
Dec 10 12:13:02 snort[49195]: [1:2403330:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 16 [Classification: Misc Attack] [Priority: 2] {TCP} 36.34.162.177:52022 -> 97.120.245.83:2323
Dec 10 12:12:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3591
Dec 10 12:12:52 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3591
Dec 10 12:12:43 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5106
Dec 10 12:12:43 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5106
Dec 10 12:12:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3320
Dec 10 12:12:41 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3320
Dec 10 12:12:41 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3320
Dec 10 12:12:41 snort[49195]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3320
Dec 10 12:12:34 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3496
Dec 10 12:12:34 snort[49195]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3496
Dec 10 12:11:55 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:47718 -> 97.120.245.83:1025
Dec 10 12:11:55 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:47718 -> 97.120.245.83:1025
Dec 10 12:11:37 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32341
Dec 10 12:11:37 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32341
Dec 10 12:11:17 snort[49195]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.163:29011 -> 97.120.245.83:9009
Dec 10 12:11:17 snort[49195]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.163:29011 -> 97.120.245.83:9009
Dec 10 12:10:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1899
Dec 10 12:10:55 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1899
Dec 10 12:10:41 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8867
Dec 10 12:10:41 snort[49195]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8867
Dec 10 12:10:21 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:11938
Dec 10 12:10:21 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:11938
Dec 10 12:08:26 snort[49195]: [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 69.30.200.178:48507 -> 97.120.245.83:5432
Dec 10 12:08:26 snort[49195]: [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 69.30.200.178:48507 -> 97.120.245.83:5432
Dec 10 12:08:26 snort[49195]: [1:2403418:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 [Classification: Misc Attack] [Priority: 2] {TCP} 69.30.200.178:48507 -> 97.120.245.83:5432
Dec 10 12:08:26 snort[49195]: [1:2403418:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 60 [Classification: Misc Attack] [Priority: 2] {TCP} 69.30.200.178:48507 -> 97.120.245.83:5432
Dec 10 12:07:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39536 -> 97.120.245.83:110
Dec 10 12:07:58 snort[49195]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39536 -> 97.120.245.83:110
Dec 10 12:07:58 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39536 -> 97.120.245.83:110
Dec 10 12:07:58 snort[49195]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:39536 -> 97.120.245.83:110
Dec 10 12:06:40 snort[57357]: *** Caught Term-Signal
Dec 10 12:06:40 snort[57357]: *** Caught Term-Signal
Dec 10 12:06:38 snort[56829]: *** Caught Term-Signal
Dec 10 12:06:38 snort[56829]: *** Caught Term-Signal
Dec 10 12:06:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23398
Dec 10 12:06:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23398
Dec 10 12:06:33 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23398
Dec 10 12:06:33 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23398
Dec 10 12:04:37 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:41024 -> 97.120.245.83:5038
Dec 10 12:04:37 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:41024 -> 97.120.245.83:5038
Dec 10 12:04:34 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.52:35373 -> 97.120.245.83:8080
Dec 10 12:04:34 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.52:35373 -> 97.120.245.83:8080
Dec 10 12:04:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.50:10462 -> 97.120.245.83:8040
Dec 10 12:04:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.50:10462 -> 97.120.245.83:8040
Dec 10 12:03:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5123
Dec 10 12:03:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5123
Dec 10 12:00:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:2552
Dec 10 12:00:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:2552
Dec 10 11:57:54 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.245.83:44222
Dec 10 11:57:54 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.245.83:44222
Dec 10 11:57:54 snort[56829]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.245.83:44222
Dec 10 11:57:54 snort[56829]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:43720 -> 97.120.245.83:44222
Dec 10 11:56:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7389
Dec 10 11:56:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7389
Dec 10 11:56:20 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:56:20 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:56:20 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:56:20 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:56:20 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:56:20 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.108.15:5082 -> 97.120.245.83:5060
Dec 10 11:55:59 snort[56829]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.56.91.118:36718 -> 97.120.245.83:80
Dec 10 11:55:59 snort[56829]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.56.91.118:36718 -> 97.120.245.83:80
Dec 10 11:55:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42204
Dec 10 11:55:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:46024 -> 97.120.245.83:42204
Dec 10 11:55:10 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:57675
Dec 10 11:55:10 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:57675
Dec 10 11:54:25 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.152.181.42:59082 -> 97.120.245.83:445
Dec 10 11:54:25 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.152.181.42:59082 -> 97.120.245.83:445
Dec 10 11:54:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:9016
Dec 10 11:54:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:9016
Dec 10 11:54:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55546
Dec 10 11:54:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55546
Dec 10 11:53:58 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42589 -> 97.120.245.83:1029
Dec 10 11:53:58 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42589 -> 97.120.245.83:1029
Dec 10 11:53:58 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42589 -> 97.120.245.83:1029
Dec 10 11:53:58 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42589 -> 97.120.245.83:1029
Dec 10 11:53:40 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 11:53:40 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 11:53:40 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 11:53:40 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 11:53:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3533
Dec 10 11:53:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3533
Dec 10 11:52:44 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.169.59.206:46525 -> 97.120.245.83:1433
Dec 10 11:52:44 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.169.59.206:46525 -> 97.120.245.83:1433
Dec 10 11:51:57 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5075 -> 97.120.245.83:5060
Dec 10 11:51:57 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5075 -> 97.120.245.83:5060
Dec 10 11:51:57 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5075 -> 97.120.245.83:5060
Dec 10 11:51:57 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5075 -> 97.120.245.83:5060
Dec 10 11:51:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9014
Dec 10 11:51:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9014
Dec 10 11:49:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:7979
Dec 10 11:49:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:7979
Dec 10 11:49:26 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:7979
Dec 10 11:49:26 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:7979
Dec 10 11:47:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1944
Dec 10 11:47:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1944
Dec 10 11:47:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:2211
Dec 10 11:47:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:2211
Dec 10 11:46:39 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42403 -> 97.120.245.83:139
Dec 10 11:46:39 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42403 -> 97.120.245.83:139
Dec 10 11:46:39 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42403 -> 97.120.245.83:139
Dec 10 11:46:39 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:42403 -> 97.120.245.83:139
Dec 10 11:45:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:2048
Dec 10 11:45:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:2048
Dec 10 11:45:13 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:60585 -> 97.120.245.83:1088
Dec 10 11:45:13 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:60585 -> 97.120.245.83:1088
Dec 10 11:45:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:59545 -> 97.120.245.83:22327
Dec 10 11:45:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:59545 -> 97.120.245.83:22327
Dec 10 11:45:02 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8839
Dec 10 11:45:02 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8839
Dec 10 11:44:54 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:60451 -> 97.120.245.83:1025
Dec 10 11:44:54 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:60451 -> 97.120.245.83:1025
Dec 10 11:43:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1928
Dec 10 11:43:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1928
Dec 10 11:43:18 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13341
Dec 10 11:43:18 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13341
Dec 10 11:41:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.51.63.32:60667 -> 97.120.245.83:1433
Dec 10 11:41:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.51.63.32:60667 -> 97.120.245.83:1433
Dec 10 11:41:29 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.51.63.32:60667 -> 97.120.245.83:1433
Dec 10 11:41:29 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.51.63.32:60667 -> 97.120.245.83:1433
Dec 10 11:40:03 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.230.28.30:45593 -> 97.120.245.83:23
Dec 10 11:40:03 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.230.28.30:45593 -> 97.120.245.83:23
Dec 10 11:39:23 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:20527 -> 97.120.245.83:8089
Dec 10 11:39:23 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:20527 -> 97.120.245.83:8089
Dec 10 11:39:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8192
Dec 10 11:39:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8192
Dec 10 11:37:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:3290
Dec 10 11:37:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:3290
Dec 10 11:36:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:40553 -> 97.120.245.83:33390
Dec 10 11:36:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:40553 -> 97.120.245.83:33390
Dec 10 11:36:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.46:42001 -> 97.120.245.83:6005
Dec 10 11:36:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.46:42001 -> 97.120.245.83:6005
Dec 10 11:34:47 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.12.22.202:3457 -> 97.120.245.83:1433
Dec 10 11:34:47 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.12.22.202:3457 -> 97.120.245.83:1433
Dec 10 11:34:27 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8022
Dec 10 11:34:27 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8022
Dec 10 11:34:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:367
Dec 10 11:34:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:367
Dec 10 11:33:43 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:40780
Dec 10 11:33:43 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:40780
Dec 10 11:32:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.103:45295 -> 97.120.245.83:110
Dec 10 11:32:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.103:45295 -> 97.120.245.83:110
Dec 10 11:30:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:8270
Dec 10 11:30:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:8270
Dec 10 11:29:57 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:19235
Dec 10 11:29:57 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:19235
Dec 10 11:28:41 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.39.53.198:41884 -> 97.120.245.83:1433
Dec 10 11:28:41 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.39.53.198:41884 -> 97.120.245.83:1433
Dec 10 11:28:41 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.39.53.198:41884 -> 97.120.245.83:1433
Dec 10 11:28:41 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.39.53.198:41884 -> 97.120.245.83:1433
Dec 10 11:28:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:10389
Dec 10 11:28:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:10389
Dec 10 11:27:20 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3397
Dec 10 11:27:20 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:59655 -> 97.120.245.83:3397
Dec 10 11:25:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:21211
Dec 10 11:25:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:21211
Dec 10 11:24:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35461 -> 97.120.245.83:8089
Dec 10 11:24:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35461 -> 97.120.245.83:8089
Dec 10 11:24:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35461 -> 97.120.245.83:8089
Dec 10 11:24:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35461 -> 97.120.245.83:8089
Dec 10 11:24:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32343
Dec 10 11:24:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:54205 -> 97.120.245.83:32343
Dec 10 11:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:45381 -> 97.120.245.83:8089
Dec 10 11:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:45381 -> 97.120.245.83:8089
Dec 10 11:23:48 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:45381 -> 97.120.245.83:8089
Dec 10 11:23:48 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:45381 -> 97.120.245.83:8089
Dec 10 11:22:37 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5223
Dec 10 11:22:37 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5223
Dec 10 11:19:40 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:50000
Dec 10 11:19:40 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:50000
Dec 10 11:19:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.185:47185 -> 97.120.245.83:49272
Dec 10 11:19:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.185:47185 -> 97.120.245.83:49272
Dec 10 11:17:26 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.37.194.170:58875 -> 97.120.245.83:3389
Dec 10 11:17:26 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.37.194.170:58875 -> 97.120.245.83:3389
Dec 10 11:16:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3392
Dec 10 11:16:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3392
Dec 10 11:14:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:46025 -> 97.120.245.83:63204
Dec 10 11:14:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:46025 -> 97.120.245.83:63204
Dec 10 11:12:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33890
Dec 10 11:12:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33890
Dec 10 11:12:56 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33890
Dec 10 11:12:56 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33890
Dec 10 11:12:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:427
Dec 10 11:12:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:427
Dec 10 11:11:18 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3689
Dec 10 11:11:18 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3689
Dec 10 11:10:49 snort[56829]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 1.69.160.164:36680 -> 97.120.245.83:23
Dec 10 11:10:49 snort[56829]: [1:2403304:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 3 [Classification: Misc Attack] [Priority: 2] {TCP} 1.69.160.164:36680 -> 97.120.245.83:23
Dec 10 11:08:57 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9076
Dec 10 11:08:57 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:41882 -> 97.120.245.83:9076
Dec 10 11:08:52 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13321
Dec 10 11:08:52 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13321
Dec 10 11:08:31 snort[56829]: [1:2403446:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 [Classification: Misc Attack] [Priority: 2] {TCP} 83.233.110.45:21182 -> 97.120.245.83:26
Dec 10 11:08:31 snort[56829]: [1:2403446:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 74 [Classification: Misc Attack] [Priority: 2] {TCP} 83.233.110.45:21182 -> 97.120.245.83:26
Dec 10 11:06:55 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.170.180.96:13164 -> 97.120.245.83:23
Dec 10 11:06:55 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.170.180.96:13164 -> 97.120.245.83:23
Dec 10 11:05:46 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.4.32.28:50717 -> 97.120.245.83:1433
Dec 10 11:05:46 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 117.4.32.28:50717 -> 97.120.245.83:1433
Dec 10 11:05:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.35:21112 -> 97.120.245.83:1234
Dec 10 11:05:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.35:21112 -> 97.120.245.83:1234
Dec 10 11:04:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5209
Dec 10 11:04:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:42019 -> 97.120.245.83:5209
Dec 10 11:03:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6389
Dec 10 11:03:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6389
Dec 10 11:00:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44188
Dec 10 11:00:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44188
Dec 10 10:59:41 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:51347 -> 97.120.245.83:50802
Dec 10 10:59:41 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:51347 -> 97.120.245.83:50802
Dec 10 10:59:19 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 36.110.3.50:49930 -> 97.120.245.83:1433
Dec 10 10:59:19 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 36.110.3.50:49930 -> 97.120.245.83:1433
Dec 10 10:59:19 snort[56829]: [1:2403326:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 [Classification: Misc Attack] [Priority: 2] {TCP} 36.110.3.50:49930 -> 97.120.245.83:1433
Dec 10 10:59:19 snort[56829]: [1:2403326:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 14 [Classification: Misc Attack] [Priority: 2] {TCP} 36.110.3.50:49930 -> 97.120.245.83:1433
Dec 10 10:58:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:9999
Dec 10 10:58:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:9999
Dec 10 10:58:14 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:58:14 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:58:14 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:58:14 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:58:14 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:58:14 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5096 -> 97.120.245.83:5060
Dec 10 10:57:56 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42194
Dec 10 10:57:56 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42194
Dec 10 10:57:32 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:30293 -> 97.120.245.83:8089
Dec 10 10:57:32 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:30293 -> 97.120.245.83:8089
Dec 10 10:56:50 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.190:20012 -> 97.120.245.83:311
Dec 10 10:56:50 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.190:20012 -> 97.120.245.83:311
Dec 10 10:56:50 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.190:20012 -> 97.120.245.83:311
Dec 10 10:56:50 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.190:20012 -> 97.120.245.83:311
Dec 10 10:55:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35278 -> 97.120.245.83:88
Dec 10 10:55:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35278 -> 97.120.245.83:88
Dec 10 10:55:17 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35278 -> 97.120.245.83:88
Dec 10 10:55:17 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:35278 -> 97.120.245.83:88
Dec 10 10:55:08 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2743
Dec 10 10:55:08 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2743
Dec 10 10:54:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56710 -> 97.120.245.83:3389
Dec 10 10:54:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56710 -> 97.120.245.83:3389
Dec 10 10:54:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56710 -> 97.120.245.83:3389
Dec 10 10:54:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56710 -> 97.120.245.83:3389
Dec 10 10:52:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:65
Dec 10 10:52:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:65
Dec 10 10:49:49 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:56964 -> 97.120.245.83:21443
Dec 10 10:49:49 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:56964 -> 97.120.245.83:21443
Dec 10 10:49:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7388
Dec 10 10:49:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7388
Dec 10 10:48:06 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5197
Dec 10 10:48:06 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:42160 -> 97.120.245.83:5197
Dec 10 10:47:33 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:38661
Dec 10 10:47:33 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:38661
Dec 10 10:46:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3944
Dec 10 10:46:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3944
Dec 10 10:43:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47654
Dec 10 10:43:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:58531 -> 97.120.245.83:47654
Dec 10 10:43:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:3300
Dec 10 10:43:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:3300
Dec 10 10:43:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:4567
Dec 10 10:43:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:4567
Dec 10 10:41:18 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4508
Dec 10 10:41:18 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4508
Dec 10 10:40:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9009
Dec 10 10:40:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58729 -> 97.120.245.83:9009
Dec 10 10:40:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21906
Dec 10 10:40:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:41105 -> 97.120.245.83:21906
Dec 10 10:39:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10123
Dec 10 10:39:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10123
Dec 10 10:39:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:140
Dec 10 10:39:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:140
Dec 10 10:39:11 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3457
Dec 10 10:39:11 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3457
Dec 10 10:38:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 200.155.56.170:7892 -> 97.120.245.83:1433
Dec 10 10:38:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 200.155.56.170:7892 -> 97.120.245.83:1433
Dec 10 10:37:17 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:35051 -> 97.120.245.83:1025
Dec 10 10:37:17 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:35051 -> 97.120.245.83:1025
Dec 10 10:37:04 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:59811
Dec 10 10:37:04 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:59811
Dec 10 10:32:50 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:1010
Dec 10 10:32:50 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:1010
Dec 10 10:31:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.26:45143 -> 97.120.245.83:39829
Dec 10 10:31:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.26:45143 -> 97.120.245.83:39829
Dec 10 10:30:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3284
Dec 10 10:30:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3284
Dec 10 10:27:55 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14164
Dec 10 10:27:55 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14164
Dec 10 10:27:38 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.247.115.2:40607 -> 97.120.245.83:23
Dec 10 10:27:38 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.247.115.2:40607 -> 97.120.245.83:23
Dec 10 10:27:29 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 10:27:29 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 10:27:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2302
Dec 10 10:27:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2302
Dec 10 10:27:12 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2302
Dec 10 10:27:12 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.85:56886 -> 97.120.245.83:2302
Dec 10 10:25:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.193:17340 -> 97.120.245.83:80
Dec 10 10:25:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.193:17340 -> 97.120.245.83:80
Dec 10 10:25:36 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.193:17340 -> 97.120.245.83:80
Dec 10 10:25:36 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.193:17340 -> 97.120.245.83:80
Dec 10 10:25:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:58945 -> 97.120.245.83:51112
Dec 10 10:25:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:58945 -> 97.120.245.83:51112
Dec 10 10:23:44 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:45571
Dec 10 10:23:44 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:45571
Dec 10 10:23:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55548
Dec 10 10:23:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:40625 -> 97.120.245.83:55548
Dec 10 10:21:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9701
Dec 10 10:21:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9701
Dec 10 10:21:39 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9701
Dec 10 10:21:39 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:41918 -> 97.120.245.83:9701
Dec 10 10:21:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:40505 -> 97.120.245.83:37644
Dec 10 10:21:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:40505 -> 97.120.245.83:37644
Dec 10 10:19:19 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.141.70.102:59916 -> 97.120.245.83:1433
Dec 10 10:19:19 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.141.70.102:59916 -> 97.120.245.83:1433
Dec 10 10:18:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8096
Dec 10 10:18:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8096
Dec 10 10:17:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1739
Dec 10 10:17:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1739
Dec 10 10:17:04 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:2576
Dec 10 10:17:04 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:2576
Dec 10 10:17:04 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5112 -> 97.120.245.83:5060
Dec 10 10:17:04 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5112 -> 97.120.245.83:5060
Dec 10 10:17:04 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5112 -> 97.120.245.83:5060
Dec 10 10:17:04 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5112 -> 97.120.245.83:5060
Dec 10 10:16:31 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33705 -> 97.120.245.83:8089
Dec 10 10:16:31 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33705 -> 97.120.245.83:8089
Dec 10 10:14:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9388
Dec 10 10:14:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9388
Dec 10 10:13:19 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.168:61000 -> 97.120.245.83:39798
Dec 10 10:13:19 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.168:61000 -> 97.120.245.83:39798
Dec 10 10:13:11 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5698 -> 97.120.245.83:5060
Dec 10 10:13:11 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5698 -> 97.120.245.83:5060
Dec 10 10:13:11 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5698 -> 97.120.245.83:5060
Dec 10 10:13:11 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:5698 -> 97.120.245.83:5060
Dec 10 10:12:46 snort[56829]: [1:2010937:3] ET SCAN Suspicious inbound to mySQL port 3306 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 104.140.188.14:53233 -> 97.120.245.83:3306
Dec 10 10:12:46 snort[56829]: [1:2010937:3] ET SCAN Suspicious inbound to mySQL port 3306 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 104.140.188.14:53233 -> 97.120.245.83:3306
Dec 10 10:12:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:56734 -> 97.120.245.83:3499
Dec 10 10:12:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:56734 -> 97.120.245.83:3499
Dec 10 10:12:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3390
Dec 10 10:12:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3390
Dec 10 10:11:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23397
Dec 10 10:11:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23397
Dec 10 10:11:10 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23397
Dec 10 10:11:10 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23397
Dec 10 10:11:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1904
Dec 10 10:11:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1904
Dec 10 10:09:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5108
Dec 10 10:09:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5108
Dec 10 10:09:39 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 106.13.46.33:44365 -> 97.120.245.83:1433
Dec 10 10:09:39 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 106.13.46.33:44365 -> 97.120.245.83:1433
Dec 10 10:09:25 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8047
Dec 10 10:09:25 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8047
Dec 10 10:09:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:57775 -> 97.120.245.83:1111
Dec 10 10:09:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:57775 -> 97.120.245.83:1111
Dec 10 10:08:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8388
Dec 10 10:08:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8388
Dec 10 10:07:06 snort[56829]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:41214 -> 97.120.245.83:3385
Dec 10 10:07:06 snort[56829]: [1:2403434:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 68 [Classification: Misc Attack] [Priority: 2] {TCP} 79.124.62.18:41214 -> 97.120.245.83:3385
Dec 10 10:06:54 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40575 -> 97.120.245.83:1026
Dec 10 10:06:54 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40575 -> 97.120.245.83:1026
Dec 10 10:06:54 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40575 -> 97.120.245.83:1026
Dec 10 10:06:54 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40575 -> 97.120.245.83:1026
Dec 10 10:06:54 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 42.113.244.245:43548 -> 97.120.245.83:2323
Dec 10 10:06:54 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 42.113.244.245:43548 -> 97.120.245.83:2323
Dec 10 10:05:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:57333 -> 97.120.245.83:4750
Dec 10 10:05:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:57333 -> 97.120.245.83:4750
Dec 10 10:04:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:41784 -> 97.120.245.83:31966
Dec 10 10:04:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:41784 -> 97.120.245.83:31966
Dec 10 10:04:10 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43970 -> 97.120.245.83:135
Dec 10 10:04:10 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43970 -> 97.120.245.83:135
Dec 10 10:04:10 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43970 -> 97.120.245.83:135
Dec 10 10:04:10 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:43970 -> 97.120.245.83:135
Dec 10 10:03:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:58111 -> 97.120.245.83:23544
Dec 10 10:03:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:58111 -> 97.120.245.83:23544
Dec 10 10:03:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:46025 -> 97.120.245.83:63202
Dec 10 10:03:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:46025 -> 97.120.245.83:63202
Dec 10 10:03:05 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5080 -> 97.120.245.83:5060
Dec 10 10:03:05 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5080 -> 97.120.245.83:5060
Dec 10 10:03:05 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5080 -> 97.120.245.83:5060
Dec 10 10:03:05 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5080 -> 97.120.245.83:5060
Dec 10 10:02:11 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 177.84.236.201:58890 -> 97.120.245.83:1433
Dec 10 10:02:11 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 177.84.236.201:58890 -> 97.120.245.83:1433
Dec 10 10:01:57 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.238.164.179:19544 -> 97.120.245.83:1433
Dec 10 10:01:57 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.238.164.179:19544 -> 97.120.245.83:1433
Dec 10 10:01:32 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.232.4:46991 -> 97.120.245.83:587
Dec 10 10:01:32 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.232.4:46991 -> 97.120.245.83:587
Dec 10 10:00:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:59545 -> 97.120.245.83:22328
Dec 10 10:00:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:59545 -> 97.120.245.83:22328
Dec 10 10:00:51 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 210.41.219.245:56985 -> 97.120.245.83:1433
Dec 10 10:00:51 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 210.41.219.245:56985 -> 97.120.245.83:1433
Dec 10 09:58:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34503
Dec 10 09:58:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34503
Dec 10 09:58:07 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34503
Dec 10 09:58:07 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34503
Dec 10 09:58:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3640
Dec 10 09:58:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3640
Dec 10 09:57:40 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:41401 -> 97.120.245.83:1070
Dec 10 09:57:40 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:41401 -> 97.120.245.83:1070
Dec 10 09:57:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:58590 -> 97.120.245.83:8089
Dec 10 09:57:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:58590 -> 97.120.245.83:8089
Dec 10 09:57:35 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:58590 -> 97.120.245.83:8089
Dec 10 09:57:35 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:58590 -> 97.120.245.83:8089
Dec 10 09:57:30 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 09:57:30 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 09:57:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3674
Dec 10 09:57:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3674
Dec 10 09:57:26 snort[56829]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.244.189:56844 -> 97.120.245.83:20331
Dec 10 09:57:26 snort[56829]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.244.189:56844 -> 97.120.245.83:20331
Dec 10 09:57:25 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 89.250.17.212:11484 -> 97.120.245.83:1433
Dec 10 09:57:25 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 89.250.17.212:11484 -> 97.120.245.83:1433
Dec 10 09:56:32 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:447
Dec 10 09:56:32 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:447
Dec 10 09:56:14 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.147.122.82:49206 -> 97.120.245.83:1433
Dec 10 09:56:14 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 213.147.122.82:49206 -> 97.120.245.83:1433
Dec 10 09:55:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33895
Dec 10 09:55:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33895
Dec 10 09:55:57 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33895
Dec 10 09:55:57 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.85:57970 -> 97.120.245.83:33895
Dec 10 09:54:47 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.245.83:3386
Dec 10 09:54:47 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.245.83:3386
Dec 10 09:54:01 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 46.130.113.57:58742 -> 97.120.245.83:1433
Dec 10 09:54:01 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 46.130.113.57:58742 -> 97.120.245.83:1433
Dec 10 09:53:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18024
Dec 10 09:53:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:45665 -> 97.120.245.83:18024
Dec 10 09:53:18 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.8.74:57024 -> 97.120.245.83:1433
Dec 10 09:53:18 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.8.74:57024 -> 97.120.245.83:1433
Dec 10 09:52:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3078
Dec 10 09:52:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3078
Dec 10 09:50:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3701
Dec 10 09:50:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3701
Dec 10 09:49:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3663
Dec 10 09:49:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3663
Dec 10 09:47:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:334
Dec 10 09:47:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:334
Dec 10 09:46:39 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6787
Dec 10 09:46:39 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6787
Dec 10 09:46:33 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3349
Dec 10 09:46:33 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3349
Dec 10 09:46:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:84
Dec 10 09:46:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:84
Dec 10 09:45:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:58679 -> 97.120.245.83:4300
Dec 10 09:45:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:58679 -> 97.120.245.83:4300
Dec 10 09:41:38 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:18438 -> 97.120.245.83:23
Dec 10 09:41:38 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:18438 -> 97.120.245.83:23
Dec 10 09:41:08 snort[56829]: [1:2403361:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 [Classification: Misc Attack] [Priority: 2] {UDP} 45.67.15.69:1681 -> 97.120.245.83:389
Dec 10 09:41:08 snort[56829]: [1:2403361:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 [Classification: Misc Attack] [Priority: 2] {UDP} 45.67.15.69:1681 -> 97.120.245.83:389
Dec 10 09:40:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3187
Dec 10 09:40:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3187
Dec 10 09:40:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 154.236.10.217:60980 -> 97.120.245.83:1433
Dec 10 09:40:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 154.236.10.217:60980 -> 97.120.245.83:1433
Dec 10 09:40:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.242:44390 -> 97.120.245.83:36135
Dec 10 09:40:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.242:44390 -> 97.120.245.83:36135
Dec 10 09:39:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.3:46277 -> 97.120.245.83:9002
Dec 10 09:39:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.3:46277 -> 97.120.245.83:9002
Dec 10 09:39:29 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.3:46277 -> 97.120.245.83:9002
Dec 10 09:39:29 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.3:46277 -> 97.120.245.83:9002
Dec 10 09:39:23 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:4005
Dec 10 09:39:23 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:4005
Dec 10 09:38:29 snort[56829]: [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.130.187.14:54427 -> 97.120.245.83:5432
Dec 10 09:38:29 snort[56829]: [1:2010939:3] ET SCAN Suspicious inbound to PostgreSQL port 5432 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 170.130.187.14:54427 -> 97.120.245.83:5432
Dec 10 09:37:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44190
Dec 10 09:37:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:58289 -> 97.120.245.83:44190
Dec 10 09:37:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:15651
Dec 10 09:37:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:15651
Dec 10 09:37:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.6:34293 -> 97.120.245.83:8889
Dec 10 09:37:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.6:34293 -> 97.120.245.83:8889
Dec 10 09:36:54 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65004
Dec 10 09:36:54 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65004
Dec 10 09:36:52 snort[56829]: [1:2403463:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 82 [Classification: Misc Attack] [Priority: 2] {UDP} 89.163.206.242:5392 -> 97.120.245.83:5080
Dec 10 09:36:52 snort[56829]: [1:2403463:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 82 [Classification: Misc Attack] [Priority: 2] {UDP} 89.163.206.242:5392 -> 97.120.245.83:5080
Dec 10 09:34:18 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.82.233.138:49168 -> 97.120.245.83:1433
Dec 10 09:34:18 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.82.233.138:49168 -> 97.120.245.83:1433
Dec 10 09:33:17 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42189
Dec 10 09:33:17 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42189
Dec 10 09:33:14 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:5275
Dec 10 09:33:14 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:5275
Dec 10 09:32:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:55097 -> 97.120.245.83:8337
Dec 10 09:32:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:55097 -> 97.120.245.83:8337
Dec 10 09:32:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:425
Dec 10 09:32:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:425
Dec 10 09:32:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.50:21566 -> 97.120.245.83:2062
Dec 10 09:32:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.50:21566 -> 97.120.245.83:2062
Dec 10 09:32:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.105.184.247:57711 -> 97.120.245.83:1433
Dec 10 09:32:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.105.184.247:57711 -> 97.120.245.83:1433
Dec 10 09:30:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.216.160.130:48731 -> 97.120.245.83:1433
Dec 10 09:30:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.216.160.130:48731 -> 97.120.245.83:1433
Dec 10 09:30:21 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.216.160.130:48731 -> 97.120.245.83:1433
Dec 10 09:30:21 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.216.160.130:48731 -> 97.120.245.83:1433
Dec 10 09:29:32 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:48538 -> 97.120.245.83:1025
Dec 10 09:29:32 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:48538 -> 97.120.245.83:1025
Dec 10 09:29:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3300
Dec 10 09:29:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3300
Dec 10 09:29:25 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3300
Dec 10 09:29:25 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3300
Dec 10 09:29:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 60.167.71.10:27509 -> 97.120.245.83:1433
Dec 10 09:29:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 60.167.71.10:27509 -> 97.120.245.83:1433
Dec 10 09:29:03 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.167.71.10:27509 -> 97.120.245.83:1433
Dec 10 09:29:03 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.167.71.10:27509 -> 97.120.245.83:1433
Dec 10 09:28:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:33389
Dec 10 09:28:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:33389
Dec 10 09:26:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:1111
Dec 10 09:26:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:55646 -> 97.120.245.83:1111
Dec 10 09:26:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1875
Dec 10 09:26:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1875
Dec 10 09:26:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:585
Dec 10 09:26:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:585
Dec 10 09:26:11 snort[56829]: [1:2403456:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 [Classification: Misc Attack] [Priority: 2] {TCP} 87.241.105.71:65219 -> 97.120.245.83:23
Dec 10 09:26:11 snort[56829]: [1:2403456:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 79 [Classification: Misc Attack] [Priority: 2] {TCP} 87.241.105.71:65219 -> 97.120.245.83:23
Dec 10 09:25:36 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.230.56:56129 -> 97.120.245.83:5060
Dec 10 09:25:36 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.230.56:56129 -> 97.120.245.83:5060
Dec 10 09:25:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3386
Dec 10 09:25:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3386
Dec 10 09:25:24 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3386
Dec 10 09:25:24 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.133:48875 -> 97.120.245.83:3386
Dec 10 09:24:56 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:18343 -> 97.120.245.83:8089
Dec 10 09:24:56 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:18343 -> 97.120.245.83:8089
Dec 10 09:24:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:9583
Dec 10 09:24:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:9583
Dec 10 09:24:26 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 203.146.26.105:58245 -> 97.120.245.83:1433
Dec 10 09:24:26 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 203.146.26.105:58245 -> 97.120.245.83:1433
Dec 10 09:23:55 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6321
Dec 10 09:23:55 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6321
Dec 10 09:23:53 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:39299
Dec 10 09:23:53 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:39299
Dec 10 09:23:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3690
Dec 10 09:23:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3690
Dec 10 09:23:29 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14342
Dec 10 09:23:29 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14342
Dec 10 09:22:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1810
Dec 10 09:22:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1810
Dec 10 09:22:27 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3395
Dec 10 09:22:27 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:53754 -> 97.120.245.83:3395
Dec 10 09:20:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:53305 -> 97.120.245.83:81
Dec 10 09:20:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:53305 -> 97.120.245.83:81
Dec 10 09:20:41 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:53305 -> 97.120.245.83:81
Dec 10 09:20:41 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:53305 -> 97.120.245.83:81
Dec 10 09:20:33 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.185.27.18:40637 -> 97.120.245.83:1433
Dec 10 09:20:33 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.185.27.18:40637 -> 97.120.245.83:1433
Dec 10 09:19:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5647
Dec 10 09:19:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5647
Dec 10 09:17:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.199:51598 -> 97.120.245.83:29720
Dec 10 09:17:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.199:51598 -> 97.120.245.83:29720
Dec 10 09:16:06 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 2.50.167.181:45739 -> 97.120.245.83:1433
Dec 10 09:16:06 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 2.50.167.181:45739 -> 97.120.245.83:1433
Dec 10 09:15:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3134
Dec 10 09:15:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3134
Dec 10 09:13:56 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.219:51976 -> 97.120.245.83:3389
Dec 10 09:13:56 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.219:51976 -> 97.120.245.83:3389
Dec 10 09:12:17 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:51144 -> 97.120.245.83:22555
Dec 10 09:12:17 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:51144 -> 97.120.245.83:22555
Dec 10 09:12:17 snort[56829]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:51144 -> 97.120.245.83:22555
Dec 10 09:12:17 snort[56829]: [1:2500022:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 12 [Classification: Misc Attack] [Priority: 2] {TCP} 72.52.128.192:51144 -> 97.120.245.83:22555
Dec 10 09:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:45136 -> 97.120.245.83:3128
Dec 10 09:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:45136 -> 97.120.245.83:3128
Dec 10 09:10:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:45136 -> 97.120.245.83:3128
Dec 10 09:10:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.112:45136 -> 97.120.245.83:3128
Dec 10 09:10:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:53840 -> 97.120.245.83:3397
Dec 10 09:10:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:53840 -> 97.120.245.83:3397
Dec 10 09:10:07 snort[56829]: [1:2500000:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 103.85.255.40:56192 -> 97.120.245.83:22
Dec 10 09:10:07 snort[56829]: [1:2500000:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 103.85.255.40:56192 -> 97.120.245.83:22
Dec 10 09:07:15 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6365
Dec 10 09:07:15 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6365
Dec 10 09:06:54 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:54 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:54 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:54 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:54 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:54 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.82:5081 -> 97.120.245.83:5060
Dec 10 09:06:20 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5955
Dec 10 09:06:20 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5955
Dec 10 09:06:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3717
Dec 10 09:06:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3717
Dec 10 09:05:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45018
Dec 10 09:05:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45018
Dec 10 09:05:05 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:3811
Dec 10 09:05:05 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:3811
Dec 10 09:04:27 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6681
Dec 10 09:04:27 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6681
Dec 10 09:00:50 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15676
Dec 10 09:00:50 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15676
Dec 10 09:00:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1914
Dec 10 09:00:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1914
Dec 10 08:59:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:49262 -> 97.120.245.83:9443
Dec 10 08:59:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:49262 -> 97.120.245.83:9443
Dec 10 08:59:06 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:49262 -> 97.120.245.83:9443
Dec 10 08:59:06 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.193:49262 -> 97.120.245.83:9443
Dec 10 08:58:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9390
Dec 10 08:58:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:48176 -> 97.120.245.83:9390
Dec 10 08:57:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:34737 -> 97.120.245.83:9060
Dec 10 08:57:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:34737 -> 97.120.245.83:9060
Dec 10 08:57:44 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:34737 -> 97.120.245.83:9060
Dec 10 08:57:44 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.176:34737 -> 97.120.245.83:9060
Dec 10 08:57:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.45:18126 -> 97.120.245.83:1024
Dec 10 08:57:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.45:18126 -> 97.120.245.83:1024
Dec 10 08:56:24 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.77.192.7:32767 -> 97.120.245.83:8545
Dec 10 08:56:24 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.77.192.7:32767 -> 97.120.245.83:8545
Dec 10 08:56:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 104.140.188.18:58373 -> 97.120.245.83:1433
Dec 10 08:56:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 104.140.188.18:58373 -> 97.120.245.83:1433
Dec 10 08:55:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7565
Dec 10 08:55:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7565
Dec 10 08:55:46 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:47436
Dec 10 08:55:46 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:47436
Dec 10 08:55:09 snort[56829]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.31:34584 -> 97.120.245.83:8080
Dec 10 08:55:09 snort[56829]: [1:2403366:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 34 [Classification: Misc Attack] [Priority: 2] {TCP} 46.174.191.31:34584 -> 97.120.245.83:8080
Dec 10 08:53:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:7391
Dec 10 08:53:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:7391
Dec 10 08:52:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51422
Dec 10 08:52:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51422
Dec 10 08:50:57 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:543
Dec 10 08:50:57 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:543
Dec 10 08:50:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.219:58748 -> 97.120.245.83:19158
Dec 10 08:50:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.219:58748 -> 97.120.245.83:19158
Dec 10 08:49:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5084
Dec 10 08:49:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5084
Dec 10 08:48:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:43824 -> 97.120.245.83:38983
Dec 10 08:48:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:43824 -> 97.120.245.83:38983
Dec 10 08:47:04 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 91.250.47.173:45832 -> 97.120.245.83:1433
Dec 10 08:47:04 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 91.250.47.173:45832 -> 97.120.245.83:1433
Dec 10 08:47:04 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 91.250.47.173:45832 -> 97.120.245.83:1433
Dec 10 08:47:04 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 91.250.47.173:45832 -> 97.120.245.83:1433
Dec 10 08:47:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3707
Dec 10 08:47:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3707
Dec 10 08:44:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:40263 -> 97.120.245.83:8089
Dec 10 08:44:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:40263 -> 97.120.245.83:8089
Dec 10 08:44:13 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:8888
Dec 10 08:44:13 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:8888
Dec 10 08:44:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23392
Dec 10 08:44:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23392
Dec 10 08:44:02 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23392
Dec 10 08:44:02 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.203:51243 -> 97.120.245.83:23392
Dec 10 08:43:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:50252 -> 97.120.245.83:5920
Dec 10 08:43:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:50252 -> 97.120.245.83:5920
Dec 10 08:42:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:46464 -> 97.120.245.83:64546
Dec 10 08:42:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:46464 -> 97.120.245.83:64546
Dec 10 08:41:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3398
Dec 10 08:41:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3398
Dec 10 08:40:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:49042 -> 97.120.245.83:1200
Dec 10 08:40:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:49042 -> 97.120.245.83:1200
Dec 10 08:40:02 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.205.34:9111 -> 97.120.245.83:1177
Dec 10 08:40:02 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.205.34:9111 -> 97.120.245.83:1177
Dec 10 08:39:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3390
Dec 10 08:39:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3390
Dec 10 08:39:42 snort[56829]: [1:2403361:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 [Classification: Misc Attack] [Priority: 2] {UDP} 45.67.15.69:30312 -> 97.120.245.83:19
Dec 10 08:39:42 snort[56829]: [1:2403361:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 31 [Classification: Misc Attack] [Priority: 2] {UDP} 45.67.15.69:30312 -> 97.120.245.83:19
Dec 10 08:38:39 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:2569
Dec 10 08:38:39 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:2569
Dec 10 08:37:15 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.245.83:3399
Dec 10 08:37:15 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.134.179.241:52799 -> 97.120.245.83:3399
Dec 10 08:36:45 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.49:52294 -> 97.120.245.83:2483
Dec 10 08:36:45 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.49:52294 -> 97.120.245.83:2483
Dec 10 08:36:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:168
Dec 10 08:36:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:168
Dec 10 08:34:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.105.184.118:47338 -> 97.120.245.83:1433
Dec 10 08:34:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.105.184.118:47338 -> 97.120.245.83:1433
Dec 10 08:33:04 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:43464 -> 97.120.245.83:8114
Dec 10 08:33:04 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:43464 -> 97.120.245.83:8114
Dec 10 08:31:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:59025 -> 97.120.245.83:2078
Dec 10 08:31:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:59025 -> 97.120.245.83:2078
Dec 10 08:28:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6388
Dec 10 08:28:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6388
Dec 10 08:28:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3658
Dec 10 08:28:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3658
Dec 10 08:27:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:51
Dec 10 08:27:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:51
Dec 10 08:27:31 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:34258
Dec 10 08:27:31 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:34258
Dec 10 08:26:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.127:37541 -> 97.120.245.83:16322
Dec 10 08:26:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.127:37541 -> 97.120.245.83:16322
Dec 10 08:25:39 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 08:25:39 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 08:25:10 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:2023
Dec 10 08:25:10 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:2023
Dec 10 08:24:41 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:49463 -> 97.120.245.83:5038
Dec 10 08:24:41 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:49463 -> 97.120.245.83:5038
Dec 10 08:24:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:55354
Dec 10 08:24:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:55354
Dec 10 08:23:58 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42536 -> 97.120.245.83:1022
Dec 10 08:23:58 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42536 -> 97.120.245.83:1022
Dec 10 08:23:58 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42536 -> 97.120.245.83:1022
Dec 10 08:23:58 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:42536 -> 97.120.245.83:1022
Dec 10 08:23:52 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6834
Dec 10 08:23:52 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6834
Dec 10 08:23:27 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:8123
Dec 10 08:23:27 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:8123
Dec 10 08:22:45 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 190.98.227.243:54874 -> 97.120.245.83:1433
Dec 10 08:22:45 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 190.98.227.243:54874 -> 97.120.245.83:1433
Dec 10 08:22:31 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13711
Dec 10 08:22:31 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:13711
Dec 10 08:22:19 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3580
Dec 10 08:22:19 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3580
Dec 10 08:22:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3399
Dec 10 08:22:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3399
Dec 10 08:22:01 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:33100 -> 97.120.245.83:1025
Dec 10 08:22:01 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:33100 -> 97.120.245.83:1025
Dec 10 08:21:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:48050 -> 97.120.245.83:5152
Dec 10 08:21:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:48050 -> 97.120.245.83:5152
Dec 10 08:20:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:398
Dec 10 08:20:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:398
Dec 10 08:18:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1886
Dec 10 08:18:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1886
Dec 10 08:17:53 snort[56829]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.88.112.109:9090 -> 97.120.245.83:22
Dec 10 08:17:53 snort[56829]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.88.112.109:9090 -> 97.120.245.83:22
Dec 10 08:16:38 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13332
Dec 10 08:16:38 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13332
Dec 10 08:15:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3081
Dec 10 08:15:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3081
Dec 10 08:13:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:424
Dec 10 08:13:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:424
Dec 10 08:13:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:55910 -> 97.120.245.83:36038
Dec 10 08:13:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:55910 -> 97.120.245.83:36038
Dec 10 08:13:52 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:3030
Dec 10 08:13:52 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:3030
Dec 10 08:13:31 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:36387 -> 97.120.245.83:88
Dec 10 08:13:31 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:36387 -> 97.120.245.83:88
Dec 10 08:13:31 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:36387 -> 97.120.245.83:88
Dec 10 08:13:31 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:36387 -> 97.120.245.83:88
Dec 10 08:12:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:56090 -> 97.120.245.83:48523
Dec 10 08:12:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:56090 -> 97.120.245.83:48523
Dec 10 08:11:51 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.255.247.7:12512 -> 97.120.245.83:23
Dec 10 08:11:51 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.255.247.7:12512 -> 97.120.245.83:23
Dec 10 08:11:07 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.31.106:47819 -> 97.120.245.83:3389
Dec 10 08:11:07 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.31.106:47819 -> 97.120.245.83:3389
Dec 10 08:10:44 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:55582 -> 97.120.245.83:1067
Dec 10 08:10:44 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:55582 -> 97.120.245.83:1067
Dec 10 08:09:51 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.83:5482 -> 97.120.245.83:5060
Dec 10 08:09:51 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.83:5482 -> 97.120.245.83:5060
Dec 10 08:09:51 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.83:5482 -> 97.120.245.83:5060
Dec 10 08:09:51 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.230.83:5482 -> 97.120.245.83:5060
Dec 10 08:09:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5888
Dec 10 08:09:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:5888
Dec 10 08:09:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3067
Dec 10 08:09:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3067
Dec 10 08:08:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:242
Dec 10 08:08:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:242
Dec 10 08:07:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3645
Dec 10 08:07:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3645
Dec 10 08:06:32 snort[56829]: [1:2500000:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 103.85.255.40:65483 -> 97.120.245.83:22
Dec 10 08:06:32 snort[56829]: [1:2500000:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 103.85.255.40:65483 -> 97.120.245.83:22
Dec 10 08:06:20 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 195.154.241.75:5067 -> 97.120.245.83:5060
Dec 10 08:06:20 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 195.154.241.75:5067 -> 97.120.245.83:5060
Dec 10 08:05:33 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42192
Dec 10 08:05:33 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42192
Dec 10 08:03:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:8082
Dec 10 08:03:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:8082
Dec 10 08:03:28 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6697
Dec 10 08:03:28 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6697
Dec 10 08:02:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1831
Dec 10 08:02:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1831
Dec 10 08:02:37 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 85.185.200.161:50228 -> 97.120.245.83:1433
Dec 10 08:02:37 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 85.185.200.161:50228 -> 97.120.245.83:1433
Dec 10 08:02:37 snort[56829]: [1:2403452:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 77 [Classification: Misc Attack] [Priority: 2] {TCP} 85.185.200.161:50228 -> 97.120.245.83:1433
Dec 10 08:02:37 snort[56829]: [1:2403452:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 77 [Classification: Misc Attack] [Priority: 2] {TCP} 85.185.200.161:50228 -> 97.120.245.83:1433
Dec 10 08:02:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.59:37945 -> 97.120.245.83:16218
Dec 10 08:02:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 159.203.201.59:37945 -> 97.120.245.83:16218
Dec 10 08:01:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:57287 -> 97.120.245.83:13933
Dec 10 08:01:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:57287 -> 97.120.245.83:13933
Dec 10 07:58:58 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4319
Dec 10 07:58:58 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4319
Dec 10 07:58:34 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6796
Dec 10 07:58:34 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6796
Dec 10 07:57:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 218.93.120.220:40736 -> 97.120.245.83:1433
Dec 10 07:57:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 218.93.120.220:40736 -> 97.120.245.83:1433
Dec 10 07:55:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3729
Dec 10 07:55:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3729
Dec 10 07:53:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:60134 -> 97.120.245.83:80
Dec 10 07:53:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:60134 -> 97.120.245.83:80
Dec 10 07:53:42 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:60134 -> 97.120.245.83:80
Dec 10 07:53:42 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:60134 -> 97.120.245.83:80
Dec 10 07:52:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1714
Dec 10 07:52:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1714
Dec 10 07:51:29 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:20000
Dec 10 07:51:29 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:20000
Dec 10 07:51:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:537
Dec 10 07:51:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:537
Dec 10 07:50:52 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:24365 -> 97.120.245.83:8089
Dec 10 07:50:52 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:24365 -> 97.120.245.83:8089
Dec 10 07:50:44 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5971
Dec 10 07:50:44 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5971
Dec 10 07:50:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8798
Dec 10 07:50:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:8798
Dec 10 07:49:54 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.231.126.12:7679 -> 97.120.245.83:1433
Dec 10 07:49:54 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.231.126.12:7679 -> 97.120.245.83:1433
Dec 10 07:49:51 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.231.126.12:7679 -> 97.120.245.83:1433
Dec 10 07:49:51 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 115.231.126.12:7679 -> 97.120.245.83:1433
Dec 10 07:49:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5507
Dec 10 07:49:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5507
Dec 10 07:49:29 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3312
Dec 10 07:49:29 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3312
Dec 10 07:48:57 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.122.78.206:51645 -> 97.120.245.83:1433
Dec 10 07:48:57 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.122.78.206:51645 -> 97.120.245.83:1433
Dec 10 07:48:07 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.73.232.18:13345 -> 97.120.245.83:1433
Dec 10 07:48:07 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.73.232.18:13345 -> 97.120.245.83:1433
Dec 10 07:48:05 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.73.232.18:13345 -> 97.120.245.83:1433
Dec 10 07:48:05 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.73.232.18:13345 -> 97.120.245.83:1433
Dec 10 07:47:44 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.96:5072 -> 97.120.245.83:5060
Dec 10 07:47:44 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.96:5072 -> 97.120.245.83:5060
Dec 10 07:47:44 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.96:5072 -> 97.120.245.83:5060
Dec 10 07:47:44 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.96:5072 -> 97.120.245.83:5060
Dec 10 07:47:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1936
Dec 10 07:47:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1936
Dec 10 07:45:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.132.156.2:59869 -> 97.120.245.83:1433
Dec 10 07:45:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 222.132.156.2:59869 -> 97.120.245.83:1433
Dec 10 07:45:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:49598 -> 97.120.245.83:8089
Dec 10 07:45:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:49598 -> 97.120.245.83:8089
Dec 10 07:45:25 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:49598 -> 97.120.245.83:8089
Dec 10 07:45:25 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:49598 -> 97.120.245.83:8089
Dec 10 07:45:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3207
Dec 10 07:45:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3207
Dec 10 07:42:49 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10396
Dec 10 07:42:49 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10396
Dec 10 07:40:39 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:294
Dec 10 07:40:39 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:294
Dec 10 07:38:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2013
Dec 10 07:38:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2013
Dec 10 07:37:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7390
Dec 10 07:37:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:45235 -> 97.120.245.83:7390
Dec 10 07:37:12 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.167.142:29011 -> 97.120.245.83:4567
Dec 10 07:37:12 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.167.142:29011 -> 97.120.245.83:4567
Dec 10 07:36:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:127
Dec 10 07:36:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:127
Dec 10 07:35:52 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.103.255.165:63697 -> 97.120.245.83:1433
Dec 10 07:35:52 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 185.103.255.165:63697 -> 97.120.245.83:1433
Dec 10 07:32:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11854
Dec 10 07:32:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:11854
Dec 10 07:31:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.52:54237 -> 97.120.245.83:8103
Dec 10 07:31:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.52:54237 -> 97.120.245.83:8103
Dec 10 07:26:49 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.225.166:43375 -> 97.120.245.83:6881
Dec 10 07:26:49 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.225.166:43375 -> 97.120.245.83:6881
Dec 10 07:26:09 snort[56829]: [1:2403312:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 7 [Classification: Misc Attack] [Priority: 2] {TCP} 14.192.0.103:26283 -> 97.120.245.83:9000
Dec 10 07:26:09 snort[56829]: [1:2403312:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 7 [Classification: Misc Attack] [Priority: 2] {TCP} 14.192.0.103:26283 -> 97.120.245.83:9000
Dec 10 07:25:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3662
Dec 10 07:25:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3662
Dec 10 07:25:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8389
Dec 10 07:25:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8389
Dec 10 07:25:02 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.119.37.145:45796 -> 97.120.245.83:1433
Dec 10 07:25:02 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.119.37.145:45796 -> 97.120.245.83:1433
Dec 10 07:24:47 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:51347 -> 97.120.245.83:5038
Dec 10 07:24:47 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.146:51347 -> 97.120.245.83:5038
Dec 10 07:24:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6390
Dec 10 07:24:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:43315 -> 97.120.245.83:6390
Dec 10 07:24:11 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.147.254:29011 -> 97.120.245.83:9009
Dec 10 07:24:11 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.147.254:29011 -> 97.120.245.83:9009
Dec 10 07:24:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 90.150.188.154:50214 -> 97.120.245.83:1433
Dec 10 07:24:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 90.150.188.154:50214 -> 97.120.245.83:1433
Dec 10 07:23:07 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.45:60025 -> 97.120.245.83:6379
Dec 10 07:23:07 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.45:60025 -> 97.120.245.83:6379
Dec 10 07:18:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.87:51155 -> 97.120.245.83:3390
Dec 10 07:18:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.87:51155 -> 97.120.245.83:3390
Dec 10 07:17:46 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 07:17:46 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 07:17:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:29992
Dec 10 07:17:27 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:29992
Dec 10 07:16:15 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 1.162.174.242:44799 -> 97.120.245.83:1433
Dec 10 07:16:15 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 1.162.174.242:44799 -> 97.120.245.83:1433
Dec 10 07:15:25 snort[56829]: [1:2403306:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 4 [Classification: Misc Attack] [Priority: 2] {TCP} 5.141.223.206:57316 -> 97.120.245.83:23
Dec 10 07:15:25 snort[56829]: [1:2403306:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 4 [Classification: Misc Attack] [Priority: 2] {TCP} 5.141.223.206:57316 -> 97.120.245.83:23
Dec 10 07:14:26 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:33965 -> 97.120.245.83:1025
Dec 10 07:14:26 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:33965 -> 97.120.245.83:1025
Dec 10 07:14:10 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:13576 -> 97.120.245.83:8089
Dec 10 07:14:10 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:13576 -> 97.120.245.83:8089
Dec 10 07:12:57 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.165:61000 -> 97.120.245.83:4644
Dec 10 07:12:57 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.165:61000 -> 97.120.245.83:4644
Dec 10 07:12:34 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3492
Dec 10 07:12:34 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3492
Dec 10 07:11:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:30389
Dec 10 07:11:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.22:47090 -> 97.120.245.83:30389
Dec 10 07:11:19 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12753
Dec 10 07:11:19 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12753
Dec 10 07:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6734
Dec 10 07:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6734
Dec 10 07:10:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6734
Dec 10 07:10:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6734
Dec 10 07:10:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3696
Dec 10 07:10:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3696
Dec 10 07:08:19 snort[56829]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:42678 -> 97.120.245.83:6688
Dec 10 07:08:19 snort[56829]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:42678 -> 97.120.245.83:6688
Dec 10 07:07:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3096
Dec 10 07:07:32 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3096
Dec 10 07:06:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3012
Dec 10 07:06:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3012
Dec 10 07:05:19 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:12328 -> 97.120.245.83:5060
Dec 10 07:05:19 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:12328 -> 97.120.245.83:5060
Dec 10 07:05:19 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:12328 -> 97.120.245.83:5060
Dec 10 07:05:19 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.98:12328 -> 97.120.245.83:5060
Dec 10 07:04:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3651
Dec 10 07:04:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3651
Dec 10 07:04:31 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:3042
Dec 10 07:04:31 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:3042
Dec 10 07:04:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5127
Dec 10 07:04:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5127
Dec 10 07:04:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:40553 -> 97.120.245.83:13389
Dec 10 07:04:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:40553 -> 97.120.245.83:13389
Dec 10 07:03:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1890
Dec 10 07:03:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1890
Dec 10 07:03:08 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6905
Dec 10 07:03:08 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6905
Dec 10 06:59:58 snort[56829]: [1:2403313:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 [Classification: Misc Attack] [Priority: 2] {UDP} 14.0.67.44:60979 -> 97.120.245.83:33434
Dec 10 06:59:58 snort[56829]: [1:2403313:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 7 [Classification: Misc Attack] [Priority: 2] {UDP} 14.0.67.44:60979 -> 97.120.245.83:33434
Dec 10 06:58:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:283
Dec 10 06:58:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:283
Dec 10 06:57:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:48371 -> 97.120.245.83:1994
Dec 10 06:57:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:48371 -> 97.120.245.83:1994
Dec 10 06:57:43 snort[56829]: [1:2403482:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 92 [Classification: Misc Attack] [Priority: 2] {TCP} 95.218.198.238:44580 -> 97.120.245.83:60001
Dec 10 06:57:43 snort[56829]: [1:2403482:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 92 [Classification: Misc Attack] [Priority: 2] {TCP} 95.218.198.238:44580 -> 97.120.245.83:60001
Dec 10 06:55:53 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:8865
Dec 10 06:55:53 snort[56829]: [1:2403414:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 58 [Classification: Misc Attack] [Priority: 2] {TCP} 66.240.219.146:26200 -> 97.120.245.83:8865
Dec 10 06:53:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3389
Dec 10 06:53:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3389
Dec 10 06:53:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:25800 -> 97.120.245.83:8089
Dec 10 06:53:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:25800 -> 97.120.245.83:8089
Dec 10 06:53:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:25800 -> 97.120.245.83:8089
Dec 10 06:53:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:25800 -> 97.120.245.83:8089
Dec 10 06:53:00 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.54:35373 -> 97.120.245.83:8080
Dec 10 06:53:00 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.108.177.54:35373 -> 97.120.245.83:8080
Dec 10 06:52:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:59865 -> 97.120.245.83:5248
Dec 10 06:52:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:59865 -> 97.120.245.83:5248
Dec 10 06:52:13 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6830
Dec 10 06:52:13 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6830
Dec 10 06:51:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:48020
Dec 10 06:51:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:48020
Dec 10 06:51:12 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42190
Dec 10 06:51:12 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42190
Dec 10 06:50:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:469
Dec 10 06:50:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:469
Dec 10 06:49:17 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 106.51.2.86:54607 -> 97.120.245.83:1433
Dec 10 06:49:17 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 106.51.2.86:54607 -> 97.120.245.83:1433
Dec 10 06:49:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3385
Dec 10 06:49:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3385
Dec 10 06:47:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:48405 -> 97.120.245.83:28869
Dec 10 06:47:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:48405 -> 97.120.245.83:28869
Dec 10 06:46:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.33:61499 -> 97.120.245.83:51
Dec 10 06:46:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.33:61499 -> 97.120.245.83:51
Dec 10 06:44:52 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.160:61000 -> 97.120.245.83:20232
Dec 10 06:44:52 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.160:61000 -> 97.120.245.83:20232
Dec 10 06:44:01 snort[56829]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 46.161.27.150:8898 -> 97.120.245.83:5900
Dec 10 06:44:01 snort[56829]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 46.161.27.150:8898 -> 97.120.245.83:5900
Dec 10 06:43:45 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:55447 -> 97.120.245.83:997
Dec 10 06:43:45 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:55447 -> 97.120.245.83:997
Dec 10 06:43:45 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:55447 -> 97.120.245.83:997
Dec 10 06:43:45 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:55447 -> 97.120.245.83:997
Dec 10 06:43:40 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:41006
Dec 10 06:43:40 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:41006
Dec 10 06:43:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3670
Dec 10 06:43:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3670
Dec 10 06:42:59 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 220.182.3.39:52408 -> 97.120.245.83:1433
Dec 10 06:42:59 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 220.182.3.39:52408 -> 97.120.245.83:1433
Dec 10 06:42:57 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:41144 -> 97.120.245.83:5060
Dec 10 06:42:57 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.229.167:41144 -> 97.120.245.83:5060
Dec 10 06:42:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:3309
Dec 10 06:42:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:3309
Dec 10 06:42:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33545
Dec 10 06:42:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33545
Dec 10 06:42:30 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33545
Dec 10 06:42:30 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33545
Dec 10 06:41:34 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5517
Dec 10 06:41:34 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5517
Dec 10 06:41:02 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:44417 -> 97.120.245.83:214
Dec 10 06:41:02 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:44417 -> 97.120.245.83:214
Dec 10 06:41:01 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 73.155.104.254:35051 -> 97.120.245.83:2323
Dec 10 06:41:01 snort[56829]: [1:2403422:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 62 [Classification: Misc Attack] [Priority: 2] {TCP} 73.155.104.254:35051 -> 97.120.245.83:2323
Dec 10 06:37:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4577
Dec 10 06:37:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4577
Dec 10 06:37:43 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 93.57.30.14:40869 -> 97.120.245.83:1433
Dec 10 06:37:43 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 93.57.30.14:40869 -> 97.120.245.83:1433
Dec 10 06:37:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5648
Dec 10 06:37:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5648
Dec 10 06:37:14 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13333
Dec 10 06:37:14 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13333
Dec 10 06:36:52 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.109:36861 -> 97.120.245.83:7001
Dec 10 06:36:52 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.227.109:36861 -> 97.120.245.83:7001
Dec 10 06:36:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.44:33648 -> 97.120.245.83:8969
Dec 10 06:36:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.44:33648 -> 97.120.245.83:8969
Dec 10 06:36:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36247
Dec 10 06:36:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36247
Dec 10 06:34:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3072
Dec 10 06:34:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.54:48329 -> 97.120.245.83:3072
Dec 10 06:34:31 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.67.49.212:41582 -> 97.120.245.83:1433
Dec 10 06:34:31 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.67.49.212:41582 -> 97.120.245.83:1433
Dec 10 06:34:16 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6784
Dec 10 06:34:16 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6784
Dec 10 06:32:33 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3374
Dec 10 06:32:33 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3374
Dec 10 06:32:31 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 64.187.186.165:45026 -> 97.120.245.83:1433
Dec 10 06:32:31 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 64.187.186.165:45026 -> 97.120.245.83:1433
Dec 10 06:32:31 snort[56829]: [1:2403410:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 [Classification: Misc Attack] [Priority: 2] {TCP} 64.187.186.165:45026 -> 97.120.245.83:1433
Dec 10 06:32:31 snort[56829]: [1:2403410:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 [Classification: Misc Attack] [Priority: 2] {TCP} 64.187.186.165:45026 -> 97.120.245.83:1433
Dec 10 06:31:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1912
Dec 10 06:31:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1912
Dec 10 06:28:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45016
Dec 10 06:28:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45016
Dec 10 06:28:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1736
Dec 10 06:28:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1736
Dec 10 06:26:47 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.5:58640 -> 97.120.245.83:443
Dec 10 06:26:47 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.160.5:58640 -> 97.120.245.83:443
Dec 10 06:26:44 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:59003
Dec 10 06:26:44 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:59003
Dec 10 06:26:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3397
Dec 10 06:26:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3397
Dec 10 06:25:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5978
Dec 10 06:25:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5978
Dec 10 06:23:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:3383
Dec 10 06:23:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:3383
Dec 10 06:22:50 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.53.10:47375 -> 97.120.245.83:1723
Dec 10 06:22:50 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.53.10:47375 -> 97.120.245.83:1723
Dec 10 06:22:43 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:55430 -> 97.120.245.83:1060
Dec 10 06:22:43 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:55430 -> 97.120.245.83:1060
Dec 10 06:22:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:31061
Dec 10 06:22:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:31061
Dec 10 06:21:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:41784 -> 97.120.245.83:31967
Dec 10 06:21:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:41784 -> 97.120.245.83:31967
Dec 10 06:21:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:52577 -> 97.120.245.83:3400
Dec 10 06:21:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:52577 -> 97.120.245.83:3400
Dec 10 06:20:51 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 84.210.78.77:28161 -> 97.120.245.83:23
Dec 10 06:20:51 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 84.210.78.77:28161 -> 97.120.245.83:23
Dec 10 06:20:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:19
Dec 10 06:20:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:19
Dec 10 06:19:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:40750 -> 97.120.245.83:6127
Dec 10 06:19:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:40750 -> 97.120.245.83:6127
Dec 10 06:19:15 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:52491 -> 97.120.245.83:3386
Dec 10 06:19:15 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:52491 -> 97.120.245.83:3386
Dec 10 06:17:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7152
Dec 10 06:17:51 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7152
Dec 10 06:17:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:59207 -> 97.120.245.83:8192
Dec 10 06:17:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:59207 -> 97.120.245.83:8192
Dec 10 06:17:04 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:38128 -> 97.120.245.83:8089
Dec 10 06:17:04 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:38128 -> 97.120.245.83:8089
Dec 10 06:15:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3656
Dec 10 06:15:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3656
Dec 10 06:15:01 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2843
Dec 10 06:15:01 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2843
Dec 10 06:12:04 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:43824 -> 97.120.245.83:38985
Dec 10 06:12:04 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:43824 -> 97.120.245.83:38985
Dec 10 06:11:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:166
Dec 10 06:11:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:166
Dec 10 06:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4388
Dec 10 06:10:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4388
Dec 10 06:10:51 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3364
Dec 10 06:10:51 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3364
Dec 10 06:10:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8390
Dec 10 06:10:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:45656 -> 97.120.245.83:8390
Dec 10 06:10:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:52524 -> 97.120.245.83:69
Dec 10 06:10:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:52524 -> 97.120.245.83:69
Dec 10 06:10:16 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:52524 -> 97.120.245.83:69
Dec 10 06:10:16 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:52524 -> 97.120.245.83:69
Dec 10 06:09:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:58523 -> 97.120.245.83:1802
Dec 10 06:09:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:58523 -> 97.120.245.83:1802
Dec 10 06:09:05 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.13.48.130:5759 -> 97.120.245.83:5555
Dec 10 06:09:05 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.13.48.130:5759 -> 97.120.245.83:5555
Dec 10 06:08:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10261
Dec 10 06:08:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:45982 -> 97.120.245.83:10261
Dec 10 06:07:36 snort[56829]: [1:2403320:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 11 [Classification: Misc Attack] [Priority: 2] {TCP} 27.254.34.230:50616 -> 97.120.245.83:445
Dec 10 06:07:36 snort[56829]: [1:2403320:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 11 [Classification: Misc Attack] [Priority: 2] {TCP} 27.254.34.230:50616 -> 97.120.245.83:445
Dec 10 06:05:54 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8005
Dec 10 06:05:54 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8005
Dec 10 06:05:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:7520
Dec 10 06:05:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:7520
Dec 10 06:04:16 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:46163 -> 97.120.245.83:1025
Dec 10 06:04:16 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:46163 -> 97.120.245.83:1025
Dec 10 06:00:55 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:7008
Dec 10 06:00:55 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:41199 -> 97.120.245.83:7008
Dec 10 06:00:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:41826 -> 97.120.245.83:3472
Dec 10 06:00:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:41826 -> 97.120.245.83:3472
Dec 10 05:57:26 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14424
Dec 10 05:57:26 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:14424
Dec 10 05:57:02 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.72.66.206:62329 -> 97.120.245.83:1433
Dec 10 05:57:02 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.72.66.206:62329 -> 97.120.245.83:1433
Dec 10 05:55:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:41839 -> 97.120.245.83:8089
Dec 10 05:55:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:41839 -> 97.120.245.83:8089
Dec 10 05:55:58 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:41839 -> 97.120.245.83:8089
Dec 10 05:55:58 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:41839 -> 97.120.245.83:8089
Dec 10 05:53:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:59025 -> 97.120.245.83:2077
Dec 10 05:53:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:59025 -> 97.120.245.83:2077
Dec 10 05:51:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.245.83:33398
Dec 10 05:51:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:43425 -> 97.120.245.83:33398
Dec 10 05:49:44 snort[56829]: [1:2403318:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 10 [Classification: Misc Attack] [Priority: 2] {TCP} 24.126.198.9:40747 -> 97.120.245.83:5555
Dec 10 05:49:44 snort[56829]: [1:2403318:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 10 [Classification: Misc Attack] [Priority: 2] {TCP} 24.126.198.9:40747 -> 97.120.245.83:5555
Dec 10 05:48:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3393
Dec 10 05:48:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3393
Dec 10 05:46:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35755 -> 97.120.245.83:8089
Dec 10 05:46:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35755 -> 97.120.245.83:8089
Dec 10 05:46:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35755 -> 97.120.245.83:8089
Dec 10 05:46:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:35755 -> 97.120.245.83:8089
Dec 10 05:46:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:14166 -> 97.120.245.83:6666
Dec 10 05:46:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:14166 -> 97.120.245.83:6666
Dec 10 05:46:02 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:14166 -> 97.120.245.83:6666
Dec 10 05:46:02 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:14166 -> 97.120.245.83:6666
Dec 10 05:45:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:43464 -> 97.120.245.83:8113
Dec 10 05:45:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:43464 -> 97.120.245.83:8113
Dec 10 05:44:08 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1492
Dec 10 05:44:08 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1492
Dec 10 05:43:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:58845 -> 97.120.245.83:53081
Dec 10 05:43:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:58845 -> 97.120.245.83:53081
Dec 10 05:41:43 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:41293 -> 97.120.245.83:8089
Dec 10 05:41:43 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:41293 -> 97.120.245.83:8089
Dec 10 05:40:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:18250
Dec 10 05:40:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:18250
Dec 10 05:39:50 snort[56829]: [1:2403381:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 [Classification: Misc Attack] [Priority: 2] {UDP} 52.73.169.169:55737 -> 97.120.245.83:123
Dec 10 05:39:50 snort[56829]: [1:2403381:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 41 [Classification: Misc Attack] [Priority: 2] {UDP} 52.73.169.169:55737 -> 97.120.245.83:123
Dec 10 05:39:24 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3205
Dec 10 05:39:24 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:3205
Dec 10 05:39:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 87.245.170.34:8338 -> 97.120.245.83:1433
Dec 10 05:39:03 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 87.245.170.34:8338 -> 97.120.245.83:1433
Dec 10 05:39:03 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 87.245.170.34:8338 -> 97.120.245.83:1433
Dec 10 05:39:03 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 87.245.170.34:8338 -> 97.120.245.83:1433
Dec 10 05:38:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1876
Dec 10 05:38:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1876
Dec 10 05:38:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:57287 -> 97.120.245.83:13934
Dec 10 05:38:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:57287 -> 97.120.245.83:13934
Dec 10 05:38:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6744
Dec 10 05:38:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6744
Dec 10 05:38:21 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6744
Dec 10 05:38:21 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6744
Dec 10 05:37:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3680
Dec 10 05:37:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3680
Dec 10 05:36:45 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.160.117.88:52665 -> 97.120.245.83:1433
Dec 10 05:36:45 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 113.160.117.88:52665 -> 97.120.245.83:1433
Dec 10 05:36:03 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8788
Dec 10 05:36:03 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8788
Dec 10 05:33:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:80
Dec 10 05:33:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:80
Dec 10 05:33:20 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 125.47.83.45:45701 -> 97.120.245.83:1433
Dec 10 05:33:20 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 125.47.83.45:45701 -> 97.120.245.83:1433
Dec 10 05:33:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:59865 -> 97.120.245.83:5250
Dec 10 05:33:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:59865 -> 97.120.245.83:5250
Dec 10 05:32:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1815
Dec 10 05:32:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1815
Dec 10 05:31:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3697
Dec 10 05:31:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3697
Dec 10 05:31:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.108:19018 -> 97.120.245.83:2506
Dec 10 05:31:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.108:19018 -> 97.120.245.83:2506
Dec 10 05:31:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51421
Dec 10 05:31:05 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51421
Dec 10 05:29:44 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10390
Dec 10 05:29:44 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10390
Dec 10 05:28:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.90:20045 -> 97.120.245.83:3555
Dec 10 05:28:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.90:20045 -> 97.120.245.83:3555
Dec 10 05:28:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3334
Dec 10 05:28:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3334
Dec 10 05:28:34 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3334
Dec 10 05:28:34 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3334
Dec 10 05:27:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:284
Dec 10 05:27:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:284
Dec 10 05:27:32 snort[56829]: [1:2403410:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 [Classification: Misc Attack] [Priority: 2] {TCP} 62.28.160.141:48870 -> 97.120.245.83:445
Dec 10 05:27:32 snort[56829]: [1:2403410:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 56 [Classification: Misc Attack] [Priority: 2] {TCP} 62.28.160.141:48870 -> 97.120.245.83:445
Dec 10 05:27:04 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:56637 -> 97.120.245.83:3024
Dec 10 05:27:04 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:56637 -> 97.120.245.83:3024
Dec 10 05:25:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:29081
Dec 10 05:25:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:29081
Dec 10 05:25:47 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:29081
Dec 10 05:25:47 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:29081
Dec 10 05:25:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5116
Dec 10 05:25:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5116
Dec 10 05:24:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3728
Dec 10 05:24:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3728
Dec 10 05:24:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.184.117.230:46066 -> 97.120.245.83:1433
Dec 10 05:24:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.184.117.230:46066 -> 97.120.245.83:1433
Dec 10 05:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1927
Dec 10 05:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1927
Dec 10 05:22:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:42555 -> 97.120.245.83:2388
Dec 10 05:22:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:42555 -> 97.120.245.83:2388
Dec 10 05:21:13 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5902
Dec 10 05:21:13 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5902
Dec 10 05:21:08 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:6060
Dec 10 05:21:08 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:57210 -> 97.120.245.83:6060
Dec 10 05:19:55 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5527
Dec 10 05:19:55 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5527
Dec 10 05:19:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3075
Dec 10 05:19:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3075
Dec 10 05:16:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7228
Dec 10 05:16:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:55480 -> 97.120.245.83:7228
Dec 10 05:16:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3649
Dec 10 05:16:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3649
Dec 10 05:14:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1742
Dec 10 05:14:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:49999 -> 97.120.245.83:1742
Dec 10 05:13:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:40020 -> 97.120.245.83:1502
Dec 10 05:13:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:40020 -> 97.120.245.83:1502
Dec 10 05:13:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:56745 -> 97.120.245.83:16690
Dec 10 05:13:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:56745 -> 97.120.245.83:16690
Dec 10 05:13:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:3304
Dec 10 05:13:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.190:58230 -> 97.120.245.83:3304
Dec 10 05:13:01 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6436
Dec 10 05:13:01 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:41313 -> 97.120.245.83:6436
Dec 10 05:12:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:9995
Dec 10 05:12:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.194:59984 -> 97.120.245.83:9995
Dec 10 05:12:18 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:42190
Dec 10 05:12:18 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:42190
Dec 10 05:10:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:56090 -> 97.120.245.83:48525
Dec 10 05:10:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.54:56090 -> 97.120.245.83:48525
Dec 10 05:09:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:29482
Dec 10 05:09:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:29482
Dec 10 05:07:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.49:8410 -> 97.120.245.83:9017
Dec 10 05:07:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.49:8410 -> 97.120.245.83:9017
Dec 10 05:07:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:40635 -> 97.120.245.83:1389
Dec 10 05:07:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.26:40635 -> 97.120.245.83:1389
Dec 10 05:06:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:59747 -> 97.120.245.83:9835
Dec 10 05:06:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:59747 -> 97.120.245.83:9835
Dec 10 05:06:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:10857
Dec 10 05:06:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:10857
Dec 10 05:05:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3396
Dec 10 05:05:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3396
Dec 10 05:04:22 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40610 -> 97.120.245.83:631
Dec 10 05:04:22 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40610 -> 97.120.245.83:631
Dec 10 05:04:22 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40610 -> 97.120.245.83:631
Dec 10 05:04:22 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:40610 -> 97.120.245.83:631
Dec 10 05:02:57 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:3040
Dec 10 05:02:57 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:3040
Dec 10 05:01:48 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3366
Dec 10 05:01:48 snort[56829]: [1:2400019:2736] ET DROP Spamhaus DROP Listed Traffic Inbound group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 185.222.211.165:8080 -> 97.120.245.83:3366
Dec 10 05:01:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3392
Dec 10 05:01:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:41298 -> 97.120.245.83:3392
Dec 10 05:01:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.37:54177 -> 97.120.245.83:631
Dec 10 05:01:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.37:54177 -> 97.120.245.83:631
Dec 10 05:01:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:10000
Dec 10 05:01:22 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:10000
Dec 10 05:00:55 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.228.244.78:62938 -> 97.120.245.83:37777
Dec 10 05:00:55 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.228.244.78:62938 -> 97.120.245.83:37777
Dec 10 05:00:45 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4680
Dec 10 05:00:45 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4680
Dec 10 05:00:32 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:52146 -> 97.120.245.83:1025
Dec 10 05:00:32 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:52146 -> 97.120.245.83:1025
Dec 10 04:58:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:58176 -> 97.120.245.83:2375
Dec 10 04:58:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:58176 -> 97.120.245.83:2375
Dec 10 04:57:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:56927 -> 97.120.245.83:1604
Dec 10 04:57:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:56927 -> 97.120.245.83:1604
Dec 10 04:57:43 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:56927 -> 97.120.245.83:1604
Dec 10 04:57:43 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:56927 -> 97.120.245.83:1604
Dec 10 04:57:19 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:57626 -> 97.120.245.83:5038
Dec 10 04:57:19 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:57626 -> 97.120.245.83:5038
Dec 10 04:56:54 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12775
Dec 10 04:56:54 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:42054 -> 97.120.245.83:12775
Dec 10 04:56:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:52577 -> 97.120.245.83:3399
Dec 10 04:56:45 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.3:52577 -> 97.120.245.83:3399
Dec 10 04:55:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:472
Dec 10 04:55:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:472
Dec 10 04:53:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.12.22.202:2133 -> 97.120.245.83:1433
Dec 10 04:53:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.12.22.202:2133 -> 97.120.245.83:1433
Dec 10 04:53:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 101.71.38.82:2133 -> 97.120.245.83:1433
Dec 10 04:53:38 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 101.71.38.82:2133 -> 97.120.245.83:1433
Dec 10 04:53:15 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 04:53:15 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 04:50:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36249
Dec 10 04:50:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36249
Dec 10 04:50:04 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:33896
Dec 10 04:50:04 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:33896
Dec 10 04:45:08 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5105 -> 97.120.245.83:5060
Dec 10 04:45:08 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5105 -> 97.120.245.83:5060
Dec 10 04:45:08 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5105 -> 97.120.245.83:5060
Dec 10 04:45:08 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 185.53.88.78:5105 -> 97.120.245.83:5060
Dec 10 04:44:07 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6846
Dec 10 04:44:07 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6846
Dec 10 04:42:29 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:24217 -> 97.120.245.83:8089
Dec 10 04:42:29 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:24217 -> 97.120.245.83:8089
Dec 10 04:41:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15677
Dec 10 04:41:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15677
Dec 10 04:41:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:146
Dec 10 04:41:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:146
Dec 10 04:39:47 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:36481
Dec 10 04:39:47 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:36481
Dec 10 04:39:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:59727 -> 97.120.245.83:3389
Dec 10 04:39:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.25:59727 -> 97.120.245.83:3389
Dec 10 04:39:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39321 -> 97.120.245.83:8089
Dec 10 04:39:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39321 -> 97.120.245.83:8089
Dec 10 04:39:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39321 -> 97.120.245.83:8089
Dec 10 04:39:22 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39321 -> 97.120.245.83:8089
Dec 10 04:38:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:41394 -> 97.120.245.83:5058
Dec 10 04:38:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:41394 -> 97.120.245.83:5058
Dec 10 04:38:25 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:41394 -> 97.120.245.83:5058
Dec 10 04:38:25 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:41394 -> 97.120.245.83:5058
Dec 10 04:36:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:48405 -> 97.120.245.83:28867
Dec 10 04:36:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.21:48405 -> 97.120.245.83:28867
Dec 10 04:35:44 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:36307 -> 97.120.245.83:1055
Dec 10 04:35:44 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:36307 -> 97.120.245.83:1055
Dec 10 04:35:38 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.232.5:42667 -> 97.120.245.83:135
Dec 10 04:35:38 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.232.5:42667 -> 97.120.245.83:135
Dec 10 04:32:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:16
Dec 10 04:32:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:16
Dec 10 04:32:19 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.83:40611 -> 97.120.245.83:22
Dec 10 04:32:19 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.83:40611 -> 97.120.245.83:22
Dec 10 04:30:58 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6694
Dec 10 04:30:58 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6694
Dec 10 04:29:27 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 59.45.27.182:48990 -> 97.120.245.83:1433
Dec 10 04:29:27 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 59.45.27.182:48990 -> 97.120.245.83:1433
Dec 10 04:28:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1837
Dec 10 04:28:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59731 -> 97.120.245.83:1837
Dec 10 04:27:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3298
Dec 10 04:27:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3298
Dec 10 04:27:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1887
Dec 10 04:27:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1887
Dec 10 04:25:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:58845 -> 97.120.245.83:53082
Dec 10 04:25:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:58845 -> 97.120.245.83:53082
Dec 10 04:23:42 snort[56829]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:42 snort[56829]: [1:2403351:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 26 [Classification: Misc Attack] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:42 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:42 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:42 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:42 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 45.143.220.76:5072 -> 97.120.245.83:5060
Dec 10 04:23:19 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42191
Dec 10 04:23:19 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:59436 -> 97.120.245.83:42191
Dec 10 04:22:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.105:46711 -> 97.120.245.83:9020
Dec 10 04:22:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.105:46711 -> 97.120.245.83:9020
Dec 10 04:22:28 snort[56829]: [1:2403450:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 76 [Classification: Misc Attack] [Priority: 2] {TCP} 85.105.31.183:56551 -> 97.120.245.83:23
Dec 10 04:22:28 snort[56829]: [1:2403450:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 76 [Classification: Misc Attack] [Priority: 2] {TCP} 85.105.31.183:56551 -> 97.120.245.83:23
Dec 10 04:21:31 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.166:61000 -> 97.120.245.83:45778
Dec 10 04:21:31 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.166:61000 -> 97.120.245.83:45778
Dec 10 04:20:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33525
Dec 10 04:20:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33525
Dec 10 04:20:41 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33525
Dec 10 04:20:41 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33525
Dec 10 04:20:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45017
Dec 10 04:20:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:58364 -> 97.120.245.83:45017
Dec 10 04:18:43 snort[56829]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.96.206.3:64717 -> 97.120.245.83:9001
Dec 10 04:18:43 snort[56829]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.96.206.3:64717 -> 97.120.245.83:9001
Dec 10 04:18:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3712
Dec 10 04:18:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3712
Dec 10 04:15:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:7484
Dec 10 04:15:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:7484
Dec 10 04:15:43 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.74:58551 -> 97.120.245.83:4489
Dec 10 04:15:43 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.74:58551 -> 97.120.245.83:4489
Dec 10 04:14:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:263
Dec 10 04:14:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:263
Dec 10 04:14:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:59207 -> 97.120.245.83:7777
Dec 10 04:14:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:59207 -> 97.120.245.83:7777
Dec 10 04:13:57 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8877
Dec 10 04:13:57 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.52.127:26200 -> 97.120.245.83:8877
Dec 10 04:11:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.17:49995 -> 97.120.245.83:5903
Dec 10 04:11:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.17:49995 -> 97.120.245.83:5903
Dec 10 04:10:39 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 121.15.219.94:50178 -> 97.120.245.83:1433
Dec 10 04:10:39 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 121.15.219.94:50178 -> 97.120.245.83:1433
Dec 10 04:08:52 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33401 -> 97.120.245.83:8089
Dec 10 04:08:52 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:33401 -> 97.120.245.83:8089
Dec 10 04:07:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.58.2.89:58176 -> 97.120.245.83:1433
Dec 10 04:07:21 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.58.2.89:58176 -> 97.120.245.83:1433
Dec 10 04:06:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1838
Dec 10 04:06:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1838
Dec 10 04:04:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:3332
Dec 10 04:04:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:3332
Dec 10 04:03:15 snort[56829]: [1:2403338:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 41.32.215.74:11129 -> 97.120.245.83:23
Dec 10 04:03:15 snort[56829]: [1:2403338:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 20 [Classification: Misc Attack] [Priority: 2] {TCP} 41.32.215.74:11129 -> 97.120.245.83:23
Dec 10 04:01:01 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5082
Dec 10 04:01:01 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5082
Dec 10 04:00:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16097
Dec 10 04:00:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16097
Dec 10 04:00:40 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16097
Dec 10 04:00:40 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16097
Dec 10 03:59:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:46464 -> 97.120.245.83:64548
Dec 10 03:59:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:46464 -> 97.120.245.83:64548
Dec 10 03:59:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2014
Dec 10 03:59:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2014
Dec 10 03:58:17 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.122:43187 -> 97.120.245.83:8291
Dec 10 03:58:17 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.122:43187 -> 97.120.245.83:8291
Dec 10 03:57:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3660
Dec 10 03:57:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3660
Dec 10 03:53:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.78:62536 -> 97.120.245.83:4734
Dec 10 03:53:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.78:62536 -> 97.120.245.83:4734
Dec 10 03:53:40 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.87:53423 -> 97.120.245.83:5901
Dec 10 03:53:40 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.87:53423 -> 97.120.245.83:5901
Dec 10 03:51:27 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:40000
Dec 10 03:51:27 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:55623 -> 97.120.245.83:40000
Dec 10 03:50:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5520
Dec 10 03:50:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5520
Dec 10 03:50:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51423
Dec 10 03:50:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:43826 -> 97.120.245.83:51423
Dec 10 03:48:18 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:27746
Dec 10 03:48:18 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:27746
Dec 10 03:47:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3393
Dec 10 03:47:25 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3393
Dec 10 03:46:16 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:52790 -> 97.120.245.83:3389
Dec 10 03:46:16 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:52790 -> 97.120.245.83:3389
Dec 10 03:45:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5649
Dec 10 03:45:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:58245 -> 97.120.245.83:5649
Dec 10 03:45:10 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3367
Dec 10 03:45:10 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3367
Dec 10 03:44:52 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8097
Dec 10 03:44:52 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:58189 -> 97.120.245.83:8097
Dec 10 03:44:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:56906 -> 97.120.245.83:33395
Dec 10 03:44:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.86:56906 -> 97.120.245.83:33395
Dec 10 03:44:34 snort[56829]: [1:2403316:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 [Classification: Misc Attack] [Priority: 2] {TCP} 23.95.84.242:48401 -> 97.120.245.83:623
Dec 10 03:44:34 snort[56829]: [1:2403316:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 9 [Classification: Misc Attack] [Priority: 2] {TCP} 23.95.84.242:48401 -> 97.120.245.83:623
Dec 10 03:43:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:13913
Dec 10 03:43:48 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:13913
Dec 10 03:43:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5126
Dec 10 03:43:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5126
Dec 10 03:43:22 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 116.227.103.210:42234 -> 97.120.245.83:1433
Dec 10 03:43:22 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 116.227.103.210:42234 -> 97.120.245.83:1433
Dec 10 03:43:01 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.76.213.139:2846 -> 97.120.245.83:1433
Dec 10 03:43:01 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.76.213.139:2846 -> 97.120.245.83:1433
Dec 10 03:42:27 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 138.117.162.82:27253 -> 97.120.245.83:1433
Dec 10 03:42:27 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 138.117.162.82:27253 -> 97.120.245.83:1433
Dec 10 03:41:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3691
Dec 10 03:41:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3691
Dec 10 03:40:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11791
Dec 10 03:40:59 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11791
Dec 10 03:39:19 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4091
Dec 10 03:39:19 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:55642 -> 97.120.245.83:4091
Dec 10 03:37:49 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:48375 -> 97.120.245.83:5065
Dec 10 03:37:49 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:48375 -> 97.120.245.83:5065
Dec 10 03:36:18 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6786
Dec 10 03:36:18 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6786
Dec 10 03:36:16 snort[56829]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.163:23320 -> 97.120.245.83:2083
Dec 10 03:36:16 snort[56829]: [1:2403346:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 24 [Classification: Misc Attack] [Priority: 2] {TCP} 43.245.222.163:23320 -> 97.120.245.83:2083
Dec 10 03:35:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:43585 -> 97.120.245.83:53
Dec 10 03:35:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:43585 -> 97.120.245.83:53
Dec 10 03:35:41 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:43585 -> 97.120.245.83:53
Dec 10 03:35:41 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:43585 -> 97.120.245.83:53
Dec 10 03:33:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.56:5786 -> 97.120.245.83:3108
Dec 10 03:33:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.56:5786 -> 97.120.245.83:3108
Dec 10 03:32:41 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.222.11.82:48013 -> 97.120.245.83:1433
Dec 10 03:32:41 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 58.222.11.82:48013 -> 97.120.245.83:1433
Dec 10 03:32:41 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.222.11.82:48013 -> 97.120.245.83:1433
Dec 10 03:32:41 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.222.11.82:48013 -> 97.120.245.83:1433
Dec 10 03:31:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:8822
Dec 10 03:31:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.154:47905 -> 97.120.245.83:8822
Dec 10 03:31:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:27942 -> 97.120.245.83:8089
Dec 10 03:31:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:27942 -> 97.120.245.83:8089
Dec 10 03:31:46 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:27942 -> 97.120.245.83:8089
Dec 10 03:31:46 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:27942 -> 97.120.245.83:8089
Dec 10 03:31:42 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6291
Dec 10 03:31:42 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6291
Dec 10 03:30:23 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.170.189.102:14037 -> 97.120.245.83:23
Dec 10 03:30:23 snort[56829]: [1:2403394:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 48 [Classification: Misc Attack] [Priority: 2] {TCP} 60.170.189.102:14037 -> 97.120.245.83:23
Dec 10 03:29:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3388
Dec 10 03:29:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3388
Dec 10 03:28:43 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 176.107.130.221:5090 -> 97.120.245.83:5060
Dec 10 03:28:43 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 176.107.130.221:5090 -> 97.120.245.83:5060
Dec 10 03:28:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:33899
Dec 10 03:28:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:33899
Dec 10 03:28:03 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 176.107.133.144:5110 -> 97.120.245.83:5060
Dec 10 03:28:03 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 176.107.133.144:5110 -> 97.120.245.83:5060
Dec 10 03:27:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.112:53152 -> 97.120.245.83:22
Dec 10 03:27:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.112:53152 -> 97.120.245.83:22
Dec 10 03:26:51 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.158:61000 -> 97.120.245.83:57141
Dec 10 03:26:51 snort[56829]: [1:2403362:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 32 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.158:61000 -> 97.120.245.83:57141
Dec 10 03:26:28 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.74.247.126:25600 -> 97.120.245.83:1433
Dec 10 03:26:28 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 182.74.247.126:25600 -> 97.120.245.83:1433
Dec 10 03:26:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3682
Dec 10 03:26:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3682
Dec 10 03:26:15 snort[56829]: [1:2403379:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 40 [Classification: Misc Attack] [Priority: 2] {UDP} 51.158.21.110:5079 -> 97.120.245.83:5060
Dec 10 03:26:15 snort[56829]: [1:2403379:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 40 [Classification: Misc Attack] [Priority: 2] {UDP} 51.158.21.110:5079 -> 97.120.245.83:5060
Dec 10 03:26:15 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 51.158.21.110:5079 -> 97.120.245.83:5060
Dec 10 03:26:15 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 51.158.21.110:5079 -> 97.120.245.83:5060
Dec 10 03:25:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:53404 -> 97.120.245.83:9530
Dec 10 03:25:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:53404 -> 97.120.245.83:9530
Dec 10 03:25:39 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:59279 -> 97.120.245.83:515
Dec 10 03:25:39 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:59279 -> 97.120.245.83:515
Dec 10 03:25:39 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:59279 -> 97.120.245.83:515
Dec 10 03:25:39 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:59279 -> 97.120.245.83:515
Dec 10 03:25:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:124
Dec 10 03:25:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:124
Dec 10 03:25:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55442 -> 97.120.245.83:8089
Dec 10 03:25:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55442 -> 97.120.245.83:8089
Dec 10 03:25:17 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55442 -> 97.120.245.83:8089
Dec 10 03:25:17 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:55442 -> 97.120.245.83:8089
Dec 10 03:25:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39733
Dec 10 03:25:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39733
Dec 10 03:23:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:55095 -> 97.120.245.83:5390
Dec 10 03:23:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.34:55095 -> 97.120.245.83:5390
Dec 10 03:22:28 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:1697
Dec 10 03:22:28 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:1697
Dec 10 03:19:28 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:49576
Dec 10 03:19:28 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:49576
Dec 10 03:18:59 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:47433 -> 97.120.245.83:3030
Dec 10 03:18:59 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:47433 -> 97.120.245.83:3030
Dec 10 03:18:46 snort[56829]: [1:2403408:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 55 [Classification: Misc Attack] [Priority: 2] {TCP} 61.6.205.10:57769 -> 97.120.245.83:445
Dec 10 03:18:46 snort[56829]: [1:2403408:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 55 [Classification: Misc Attack] [Priority: 2] {TCP} 61.6.205.10:57769 -> 97.120.245.83:445
Dec 10 03:18:23 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.98.114.114:55454 -> 97.120.245.83:1433
Dec 10 03:18:23 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.98.114.114:55454 -> 97.120.245.83:1433
Dec 10 03:18:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3642
Dec 10 03:18:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3642
Dec 10 03:17:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4389
Dec 10 03:17:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4389
Dec 10 03:14:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:3003
Dec 10 03:14:39 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:3003
Dec 10 03:13:47 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.208.6.164:14850 -> 97.120.245.83:1433
Dec 10 03:13:47 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 221.208.6.164:14850 -> 97.120.245.83:1433
Dec 10 03:11:43 snort[56829]: [1:2403348:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 [Classification: Misc Attack] [Priority: 2] {TCP} 45.117.42.125:53874 -> 97.120.245.83:445
Dec 10 03:11:43 snort[56829]: [1:2403348:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 25 [Classification: Misc Attack] [Priority: 2] {TCP} 45.117.42.125:53874 -> 97.120.245.83:445
Dec 10 03:11:14 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:51990 -> 97.120.245.83:3023
Dec 10 03:11:14 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.75.165.119:51990 -> 97.120.245.83:3023
Dec 10 03:11:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15678
Dec 10 03:11:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:56331 -> 97.120.245.83:15678
Dec 10 03:10:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3710
Dec 10 03:10:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3710
Dec 10 03:09:30 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:51382 -> 97.120.245.83:21243
Dec 10 03:09:30 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.119:51382 -> 97.120.245.83:21243
Dec 10 03:09:13 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:29011 -> 97.120.245.83:4040
Dec 10 03:09:13 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.167.131:29011 -> 97.120.245.83:4040
Dec 10 03:08:37 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:25201 -> 97.120.245.83:8089
Dec 10 03:08:37 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:25201 -> 97.120.245.83:8089
Dec 10 03:07:13 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 03:07:13 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 03:05:30 snort[56829]: [1:2500002:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 2 [Classification: Misc Attack] [Priority: 2] {TCP} 116.240.199.86:52259 -> 97.120.245.83:22
Dec 10 03:05:30 snort[56829]: [1:2500002:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 2 [Classification: Misc Attack] [Priority: 2] {TCP} 116.240.199.86:52259 -> 97.120.245.83:22
Dec 10 03:04:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:53709 -> 97.120.245.83:11795
Dec 10 03:04:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:53709 -> 97.120.245.83:11795
Dec 10 03:03:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:55024 -> 97.120.245.83:23635
Dec 10 03:03:46 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.49:55024 -> 97.120.245.83:23635
Dec 10 03:03:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1827
Dec 10 03:03:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1827
Dec 10 03:02:59 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5890
Dec 10 03:02:59 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5890
Dec 10 03:02:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6739
Dec 10 03:02:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6739
Dec 10 03:02:19 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6739
Dec 10 03:02:19 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6739
Dec 10 03:01:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:344
Dec 10 03:01:28 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:344
Dec 10 03:01:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:515
Dec 10 03:01:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.89:43524 -> 97.120.245.83:515
Dec 10 02:59:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:42843 -> 97.120.245.83:17777
Dec 10 02:59:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:42843 -> 97.120.245.83:17777
Dec 10 02:59:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36248
Dec 10 02:59:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:52005 -> 97.120.245.83:36248
Dec 10 02:59:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:7601
Dec 10 02:59:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:7601
Dec 10 02:59:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:51448 -> 97.120.245.83:10298
Dec 10 02:59:02 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.71:51448 -> 97.120.245.83:10298
Dec 10 02:54:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:9046
Dec 10 02:54:53 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:9046
Dec 10 02:54:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:9046
Dec 10 02:54:53 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.172.16:26200 -> 97.120.245.83:9046
Dec 10 02:53:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:481
Dec 10 02:53:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.90:42924 -> 97.120.245.83:481
Dec 10 02:52:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:41625 -> 97.120.245.83:46900
Dec 10 02:52:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.11:41625 -> 97.120.245.83:46900
Dec 10 02:51:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:56586 -> 97.120.245.83:15629
Dec 10 02:51:10 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.38:56586 -> 97.120.245.83:15629
Dec 10 02:49:32 snort[56829]: [1:2403496:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 99 [Classification: Misc Attack] [Priority: 2] {TCP} 103.240.100.100:42943 -> 97.120.245.83:445
Dec 10 02:49:32 snort[56829]: [1:2403496:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 99 [Classification: Misc Attack] [Priority: 2] {TCP} 103.240.100.100:42943 -> 97.120.245.83:445
Dec 10 02:49:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:44205 -> 97.120.245.83:33334
Dec 10 02:49:11 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:44205 -> 97.120.245.83:33334
Dec 10 02:48:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3310
Dec 10 02:48:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3310
Dec 10 02:48:55 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3310
Dec 10 02:48:55 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3310
Dec 10 02:48:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:51659 -> 97.120.245.83:55425
Dec 10 02:48:52 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:51659 -> 97.120.245.83:55425
Dec 10 02:48:05 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:44593 -> 97.120.245.83:1051
Dec 10 02:48:05 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:44593 -> 97.120.245.83:1051
Dec 10 02:46:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:54544 -> 97.120.245.83:45196
Dec 10 02:46:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:54544 -> 97.120.245.83:45196
Dec 10 02:45:46 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6693
Dec 10 02:45:46 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6693
Dec 10 02:44:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:54398
Dec 10 02:44:44 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:52509 -> 97.120.245.83:54398
Dec 10 02:44:37 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.87:53423 -> 97.120.245.83:5900
Dec 10 02:44:37 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.87:53423 -> 97.120.245.83:5900
Dec 10 02:43:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:29011 -> 97.120.245.83:9009
Dec 10 02:43:41 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:29011 -> 97.120.245.83:9009
Dec 10 02:43:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:29011 -> 97.120.245.83:9009
Dec 10 02:43:41 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.139:29011 -> 97.120.245.83:9009
Dec 10 02:42:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3100
Dec 10 02:42:56 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3100
Dec 10 02:42:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3657
Dec 10 02:42:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3657
Dec 10 02:41:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:42975 -> 97.120.245.83:3389
Dec 10 02:41:30 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.102:42975 -> 97.120.245.83:3389
Dec 10 02:41:23 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:14413
Dec 10 02:41:23 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:14413
Dec 10 02:41:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:54470 -> 97.120.245.83:2001
Dec 10 02:41:16 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:54470 -> 97.120.245.83:2001
Dec 10 02:41:16 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:54470 -> 97.120.245.83:2001
Dec 10 02:41:16 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:54470 -> 97.120.245.83:2001
Dec 10 02:40:46 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 181.40.66.11:58280 -> 97.120.245.83:1433
Dec 10 02:40:46 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 181.40.66.11:58280 -> 97.120.245.83:1433
Dec 10 02:40:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11095
Dec 10 02:40:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11095
Dec 10 02:40:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.90:2467 -> 97.120.245.83:554
Dec 10 02:40:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.90:2467 -> 97.120.245.83:554
Dec 10 02:38:40 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3380
Dec 10 02:38:40 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3380
Dec 10 02:38:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2007
Dec 10 02:38:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.113:59531 -> 97.120.245.83:2007
Dec 10 02:37:50 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:55782 -> 97.120.245.83:4445
Dec 10 02:37:50 snort[56829]: [1:2403380:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 41 [Classification: Misc Attack] [Priority: 2] {TCP} 51.91.212.81:55782 -> 97.120.245.83:4445
Dec 10 02:37:25 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:12434 -> 97.120.245.83:8089
Dec 10 02:37:25 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:12434 -> 97.120.245.83:8089
Dec 10 02:37:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:52457 -> 97.120.245.83:3460
Dec 10 02:37:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:52457 -> 97.120.245.83:3460
Dec 10 02:36:35 snort[56829]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.9.196:32962 -> 97.120.245.83:2083
Dec 10 02:36:35 snort[56829]: [1:2403376:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 39 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.9.196:32962 -> 97.120.245.83:2083
Dec 10 02:36:11 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.178.224.81:16363 -> 97.120.245.83:1433
Dec 10 02:36:11 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 111.178.224.81:16363 -> 97.120.245.83:1433
Dec 10 02:35:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3694
Dec 10 02:35:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3694
Dec 10 02:35:51 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:44311
Dec 10 02:35:51 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:44311
Dec 10 02:34:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:59524 -> 97.120.245.83:9492
Dec 10 02:34:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.42:59524 -> 97.120.245.83:9492
Dec 10 02:33:38 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6844
Dec 10 02:33:38 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6844
Dec 10 02:33:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 223.199.157.183:6000 -> 97.120.245.83:1433
Dec 10 02:33:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 223.199.157.183:6000 -> 97.120.245.83:1433
Dec 10 02:29:52 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.178.147.6:59584 -> 97.120.245.83:1433
Dec 10 02:29:52 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 123.178.147.6:59584 -> 97.120.245.83:1433
Dec 10 02:24:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:75
Dec 10 02:24:35 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.91:59496 -> 97.120.245.83:75
Dec 10 02:24:08 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:24:08 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:24:08 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:24:08 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:24:08 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:24:08 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.110.58:5613 -> 97.120.245.83:5060
Dec 10 02:23:40 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.65.68.70:48753 -> 97.120.245.83:1433
Dec 10 02:23:40 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 41.65.68.70:48753 -> 97.120.245.83:1433
Dec 10 02:23:40 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.65.68.70:48753 -> 97.120.245.83:1433
Dec 10 02:23:40 snort[56829]: [1:2403340:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 21 [Classification: Misc Attack] [Priority: 2] {TCP} 41.65.68.70:48753 -> 97.120.245.83:1433
Dec 10 02:23:24 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.199.23:25932 -> 97.120.245.83:49
Dec 10 02:23:24 snort[56829]: [1:2403420:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 61 [Classification: Misc Attack] [Priority: 2] {TCP} 71.6.199.23:25932 -> 97.120.245.83:49
Dec 10 02:23:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:40055 -> 97.120.245.83:8089
Dec 10 02:23:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:40055 -> 97.120.245.83:8089
Dec 10 02:23:19 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:40055 -> 97.120.245.83:8089
Dec 10 02:23:19 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:40055 -> 97.120.245.83:8089
Dec 10 02:22:56 snort[56829]: [1:2403324:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 13 [Classification: Misc Attack] [Priority: 2] {TCP} 31.208.236.235:64598 -> 97.120.245.83:23
Dec 10 02:22:56 snort[56829]: [1:2403324:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 13 [Classification: Misc Attack] [Priority: 2] {TCP} 31.208.236.235:64598 -> 97.120.245.83:23
Dec 10 02:21:08 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.108.88:5214 -> 97.120.245.83:5090
Dec 10 02:21:08 snort[56829]: [1:2403429:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 65 [Classification: Misc Attack] [Priority: 2] {UDP} 77.247.108.88:5214 -> 97.120.245.83:5090
Dec 10 02:20:09 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 183.239.210.114:51233 -> 97.120.245.83:1433
Dec 10 02:20:09 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 183.239.210.114:51233 -> 97.120.245.83:1433
Dec 10 02:19:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1892
Dec 10 02:19:37 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.166:50011 -> 97.120.245.83:1892
Dec 10 02:19:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3676
Dec 10 02:19:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3676
Dec 10 02:15:35 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13343
Dec 10 02:15:35 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13343
Dec 10 02:15:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3648
Dec 10 02:15:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3648
Dec 10 02:12:58 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:40361 -> 97.120.245.83:4491
Dec 10 02:12:58 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:40361 -> 97.120.245.83:4491
Dec 10 02:11:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50098 -> 97.120.245.83:8089
Dec 10 02:11:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50098 -> 97.120.245.83:8089
Dec 10 02:11:24 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50098 -> 97.120.245.83:8089
Dec 10 02:11:24 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:50098 -> 97.120.245.83:8089
Dec 10 02:11:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3722
Dec 10 02:11:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.31:49017 -> 97.120.245.83:3722
Dec 10 02:10:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1930
Dec 10 02:10:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.18:50304 -> 97.120.245.83:1930
Dec 10 02:08:09 snort[56829]: [1:2403466:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 84 [Classification: Misc Attack] [Priority: 2] {TCP} 90.217.252.212:33673 -> 97.120.245.83:5555
Dec 10 02:08:09 snort[56829]: [1:2403466:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 84 [Classification: Misc Attack] [Priority: 2] {TCP} 90.217.252.212:33673 -> 97.120.245.83:5555
Dec 10 02:08:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5110
Dec 10 02:08:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5110
Dec 10 02:07:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3060
Dec 10 02:07:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3060
Dec 10 02:07:21 snort[56829]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.253.65.170:43985 -> 97.120.245.83:33892
Dec 10 02:07:21 snort[56829]: [1:2403360:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 31 [Classification: Misc Attack] [Priority: 2] {TCP} 45.253.65.170:43985 -> 97.120.245.83:33892
Dec 10 02:06:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:32861 -> 97.120.245.83:5672
Dec 10 02:06:54 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:32861 -> 97.120.245.83:5672
Dec 10 02:06:54 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:32861 -> 97.120.245.83:5672
Dec 10 02:06:54 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:32861 -> 97.120.245.83:5672
Dec 10 02:05:46 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:52990 -> 97.120.245.83:9
Dec 10 02:05:46 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:52990 -> 97.120.245.83:9
Dec 10 02:05:46 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:52990 -> 97.120.245.83:9
Dec 10 02:05:46 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:52990 -> 97.120.245.83:9
Dec 10 02:05:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.208.127:51744 -> 97.120.245.83:1433
Dec 10 02:05:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.208.127:51744 -> 97.120.245.83:1433
Dec 10 02:05:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.208.127:51744 -> 97.120.245.83:1433
Dec 10 02:05:36 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 114.34.208.127:51744 -> 97.120.245.83:1433
Dec 10 02:04:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:50216 -> 97.120.245.83:8250
Dec 10 02:04:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:50216 -> 97.120.245.83:8250
Dec 10 02:02:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34507
Dec 10 02:02:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34507
Dec 10 02:02:18 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34507
Dec 10 02:02:18 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:34507
Dec 10 02:01:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5098
Dec 10 02:01:33 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.161:50112 -> 97.120.245.83:5098
Dec 10 01:59:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:53709 -> 97.120.245.83:11796
Dec 10 01:59:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.98:53709 -> 97.120.245.83:11796
Dec 10 01:57:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4390
Dec 10 01:57:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.30:45495 -> 97.120.245.83:4390
Dec 10 01:56:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:47578 -> 97.120.245.83:80
Dec 10 01:56:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:47578 -> 97.120.245.83:80
Dec 10 01:56:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1849
Dec 10 01:56:13 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.246:49927 -> 97.120.245.83:1849
Dec 10 01:55:58 snort[56829]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.64.160.36:42314 -> 97.120.245.83:445
Dec 10 01:55:58 snort[56829]: [1:2403388:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 45 [Classification: Misc Attack] [Priority: 2] {TCP} 58.64.160.36:42314 -> 97.120.245.83:445
Dec 10 01:55:05 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6350
Dec 10 01:55:05 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6350
Dec 10 01:54:52 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 01:54:52 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 01:54:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16098
Dec 10 01:54:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16098
Dec 10 01:54:19 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16098
Dec 10 01:54:19 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.115:58414 -> 97.120.245.83:16098
Dec 10 01:54:11 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5896
Dec 10 01:54:11 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5896
Dec 10 01:54:04 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6781
Dec 10 01:54:04 snort[56829]: [1:2403478:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 90 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.56.181:57356 -> 97.120.245.83:6781
Dec 10 01:51:56 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.41.44.125:55133 -> 97.120.245.83:1433
Dec 10 01:51:56 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 103.41.44.125:55133 -> 97.120.245.83:1433
Dec 10 01:50:01 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.225.166:38072 -> 97.120.245.83:17185
Dec 10 01:50:01 snort[56829]: [1:2403335:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 18 [Classification: Misc Attack] [Priority: 2] {UDP} 37.49.225.166:38072 -> 97.120.245.83:17185
Dec 10 01:49:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:56765 -> 97.120.245.83:62854
Dec 10 01:49:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.14:56765 -> 97.120.245.83:62854
Dec 10 01:49:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.33.209.11:58317 -> 97.120.245.83:1433
Dec 10 01:49:24 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.33.209.11:58317 -> 97.120.245.83:1433
Dec 10 01:48:21 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:43892 -> 97.120.245.83:445
Dec 10 01:48:21 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:43892 -> 97.120.245.83:445
Dec 10 01:48:21 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:43892 -> 97.120.245.83:445
Dec 10 01:48:21 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:43892 -> 97.120.245.83:445
Dec 10 01:48:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.94:35151 -> 97.120.245.83:8412
Dec 10 01:48:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.94:35151 -> 97.120.245.83:8412
Dec 10 01:47:48 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 187.135.199.52:51115 -> 97.120.245.83:1433
Dec 10 01:47:48 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 187.135.199.52:51115 -> 97.120.245.83:1433
Dec 10 01:46:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:444
Dec 10 01:46:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:444
Dec 10 01:46:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:44983 -> 97.120.245.83:5595
Dec 10 01:46:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.31:44983 -> 97.120.245.83:5595
Dec 10 01:46:04 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:46120 -> 97.120.245.83:5038
Dec 10 01:46:04 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.108.77:46120 -> 97.120.245.83:5038
Dec 10 01:45:35 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:43462
Dec 10 01:45:35 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:43462
Dec 10 01:45:22 snort[56829]: [1:2010936:3] ET SCAN Suspicious inbound to Oracle SQL port 1521 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 198.108.66.146:33577 -> 97.120.245.83:1521
Dec 10 01:45:22 snort[56829]: [1:2010936:3] ET SCAN Suspicious inbound to Oracle SQL port 1521 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 198.108.66.146:33577 -> 97.120.245.83:1521
Dec 10 01:42:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.242.194.14:9837 -> 97.120.245.83:1433
Dec 10 01:42:34 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 201.242.194.14:9837 -> 97.120.245.83:1433
Dec 10 01:42:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3384
Dec 10 01:42:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.18:50285 -> 97.120.245.83:3384
Dec 10 01:42:16 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:1628
Dec 10 01:42:16 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:1628
Dec 10 01:41:16 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7220
Dec 10 01:41:16 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7220
Dec 10 01:41:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3378
Dec 10 01:41:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.94:47098 -> 97.120.245.83:3378
Dec 10 01:40:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:64903
Dec 10 01:40:30 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:64903
Dec 10 01:37:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3789
Dec 10 01:37:42 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3789
Dec 10 01:37:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:8721
Dec 10 01:37:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:8721
Dec 10 01:37:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39735
Dec 10 01:37:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39735
Dec 10 01:34:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:22040 -> 97.120.245.83:8089
Dec 10 01:34:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:22040 -> 97.120.245.83:8089
Dec 10 01:34:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:49341 -> 97.120.245.83:2222
Dec 10 01:34:38 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:49341 -> 97.120.245.83:2222
Dec 10 01:34:38 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:49341 -> 97.120.245.83:2222
Dec 10 01:34:38 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.51:49341 -> 97.120.245.83:2222
Dec 10 01:33:30 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:14641
Dec 10 01:33:30 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:14641
Dec 10 01:32:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:41264 -> 97.120.245.83:46936
Dec 10 01:32:43 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:41264 -> 97.120.245.83:46936
Dec 10 01:32:42 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.122:43187 -> 97.120.245.83:8298
Dec 10 01:32:42 snort[56829]: [1:2403334:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 18 [Classification: Misc Attack] [Priority: 2] {TCP} 37.49.231.122:43187 -> 97.120.245.83:8298
Dec 10 01:32:31 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:48206 -> 97.120.245.83:3390
Dec 10 01:32:31 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.53:48206 -> 97.120.245.83:3390
Dec 10 01:32:03 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:80
Dec 10 01:32:03 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.90:8080 -> 97.120.245.83:80
Dec 10 01:30:47 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2651
Dec 10 01:30:47 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:2651
Dec 10 01:29:32 snort[56829]: [1:2403403:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 52 [Classification: Misc Attack] [Priority: 2] {UDP} 61.167.78.116:54604 -> 97.120.245.83:8000
Dec 10 01:29:32 snort[56829]: [1:2403403:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 52 [Classification: Misc Attack] [Priority: 2] {UDP} 61.167.78.116:54604 -> 97.120.245.83:8000
Dec 10 01:27:54 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:49777 -> 97.120.245.83:1795
Dec 10 01:27:54 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.99:49777 -> 97.120.245.83:1795
Dec 10 01:26:55 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 49.205.182.154:53014 -> 97.120.245.83:1433
Dec 10 01:26:55 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 49.205.182.154:53014 -> 97.120.245.83:1433
Dec 10 01:26:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3713
Dec 10 01:26:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.84:49007 -> 97.120.245.83:3713
Dec 10 01:25:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6740
Dec 10 01:25:21 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6740
Dec 10 01:25:21 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6740
Dec 10 01:25:21 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6740
Dec 10 01:24:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:52692 -> 97.120.245.83:36957
Dec 10 01:24:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:52692 -> 97.120.245.83:36957
Dec 10 01:24:14 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:52692 -> 97.120.245.83:36957
Dec 10 01:24:14 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.194.148:52692 -> 97.120.245.83:36957
Dec 10 01:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3692
Dec 10 01:23:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.58:48992 -> 97.120.245.83:3692
Dec 10 01:22:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:42843 -> 97.120.245.83:19999
Dec 10 01:22:00 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.240:42843 -> 97.120.245.83:19999
Dec 10 01:21:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:9027
Dec 10 01:21:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:9027
Dec 10 01:18:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:45166 -> 97.120.245.83:33389
Dec 10 01:18:08 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.38:45166 -> 97.120.245.83:33389
Dec 10 01:17:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:332
Dec 10 01:17:24 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:332
Dec 10 01:17:13 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10398
Dec 10 01:17:13 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.102:45592 -> 97.120.245.83:10398
Dec 10 01:16:20 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:51437 -> 97.120.245.83:1704
Dec 10 01:16:20 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.105:51437 -> 97.120.245.83:1704
Dec 10 01:15:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39911 -> 97.120.245.83:8089
Dec 10 01:15:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39911 -> 97.120.245.83:8089
Dec 10 01:15:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39911 -> 97.120.245.83:8089
Dec 10 01:15:47 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:39911 -> 97.120.245.83:8089
Dec 10 01:15:18 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:55289 -> 97.120.245.83:8076
Dec 10 01:15:18 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.143.220.87:55289 -> 97.120.245.83:8076
Dec 10 01:14:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3683
Dec 10 01:14:07 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.33:48983 -> 97.120.245.83:3683
Dec 10 01:13:37 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.46:5062 -> 97.120.245.83:5060
Dec 10 01:13:37 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.46:5062 -> 97.120.245.83:5060
Dec 10 01:13:37 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.46:5062 -> 97.120.245.83:5060
Dec 10 01:13:37 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 77.247.109.46:5062 -> 97.120.245.83:5060
Dec 10 01:13:33 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:32328
Dec 10 01:13:33 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.143:47581 -> 97.120.245.83:32328
Dec 10 01:13:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3666
Dec 10 01:13:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.2:48970 -> 97.120.245.83:3666
Dec 10 01:13:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:56104 -> 97.120.245.83:31977
Dec 10 01:13:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.31:56104 -> 97.120.245.83:31977
Dec 10 01:12:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:188
Dec 10 01:12:49 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.51:41602 -> 97.120.245.83:188
Dec 10 01:12:41 snort[56829]: [1:2403424:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 63 [Classification: Misc Attack] [Priority: 2] {TCP} 74.63.227.26:50957 -> 97.120.245.83:5060
Dec 10 01:12:41 snort[56829]: [1:2403424:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 63 [Classification: Misc Attack] [Priority: 2] {TCP} 74.63.227.26:50957 -> 97.120.245.83:5060
Dec 10 01:11:44 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 129.126.221.21:46438 -> 97.120.245.83:1433
Dec 10 01:11:44 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 129.126.221.21:46438 -> 97.120.245.83:1433
Dec 10 01:10:41 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3382
Dec 10 01:10:41 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.109.95:57819 -> 97.120.245.83:3382
Dec 10 01:10:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:44165 -> 97.120.245.83:3105
Dec 10 01:10:31 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.107:44165 -> 97.120.245.83:3105
Dec 10 01:10:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:55985 -> 97.120.245.83:59121
Dec 10 01:10:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.45:55985 -> 97.120.245.83:59121
Dec 10 01:08:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3647
Dec 10 01:08:18 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.17:49085 -> 97.120.245.83:3647
Dec 10 01:07:28 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3304
Dec 10 01:07:28 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.95:56081 -> 97.120.245.83:3304
Dec 10 01:07:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:209
Dec 10 01:07:23 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.92:41963 -> 97.120.245.83:209
Dec 10 01:07:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:54101 -> 97.120.245.83:44477
Dec 10 01:07:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.159:54101 -> 97.120.245.83:44477
Dec 10 01:06:10 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:29864 -> 97.120.245.83:8089
Dec 10 01:06:10 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.211:29864 -> 97.120.245.83:8089
Dec 10 01:04:45 snort[56829]: [1:2403426:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 64 [Classification: Misc Attack] [Priority: 2] {TCP} 76.64.254.38:57512 -> 97.120.245.83:23
Dec 10 01:04:45 snort[56829]: [1:2403426:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 64 [Classification: Misc Attack] [Priority: 2] {TCP} 76.64.254.38:57512 -> 97.120.245.83:23
Dec 10 01:04:22 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 122.180.145.225:57914 -> 97.120.245.83:1433
Dec 10 01:04:22 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 122.180.145.225:57914 -> 97.120.245.83:1433
Dec 10 01:01:15 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:36460 -> 97.120.245.83:1045
Dec 10 01:01:15 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.78.100:36460 -> 97.120.245.83:1045
Dec 10 01:01:05 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:59159 -> 97.120.245.83:2121
Dec 10 01:01:05 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.65.74:59159 -> 97.120.245.83:2121
Dec 10 00:59:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:43285 -> 97.120.245.83:600
Dec 10 00:59:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.12:43285 -> 97.120.245.83:600
Dec 10 00:59:17 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 00:59:17 snort[56829]: [1:2403384:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 43 [Classification: Misc Attack] [Priority: 2] {TCP} 58.225.75.147:32767 -> 97.120.245.83:8545
Dec 10 00:58:54 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 120.198.64.4:51769 -> 97.120.245.83:1433
Dec 10 00:58:54 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 120.198.64.4:51769 -> 97.120.245.83:1433
Dec 10 00:58:35 snort[56829]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.217.135.17:64161 -> 97.120.245.83:1024
Dec 10 00:58:35 snort[56829]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.217.135.17:64161 -> 97.120.245.83:1024
Dec 10 00:57:38 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.110.24:46196 -> 97.120.245.83:9900
Dec 10 00:57:38 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.136.110.24:46196 -> 97.120.245.83:9900
Dec 10 00:54:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:44205 -> 97.120.245.83:33336
Dec 10 00:54:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.27:44205 -> 97.120.245.83:33336
Dec 10 00:53:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:42555 -> 97.120.245.83:2389
Dec 10 00:53:58 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.14:42555 -> 97.120.245.83:2389
Dec 10 00:53:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5121
Dec 10 00:53:09 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.216.140.252:45656 -> 97.120.245.83:5121
Dec 10 00:51:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:55538 -> 97.120.245.83:26
Dec 10 00:51:06 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:55538 -> 97.120.245.83:26
Dec 10 00:51:06 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:55538 -> 97.120.245.83:26
Dec 10 00:51:06 snort[56829]: [1:2403448:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 75 [Classification: Misc Attack] [Priority: 2] {TCP} 83.97.20.46:55538 -> 97.120.245.83:26
Dec 10 00:50:17 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.231.118:5076 -> 97.120.245.83:5060
Dec 10 00:50:17 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.231.118:5076 -> 97.120.245.83:5060
Dec 10 00:50:17 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.231.118:5076 -> 97.120.245.83:5060
Dec 10 00:50:17 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 37.49.231.118:5076 -> 97.120.245.83:5060
Dec 10 00:49:23 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:57369 -> 97.120.245.83:5000
Dec 10 00:49:23 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.31:57369 -> 97.120.245.83:5000
Dec 10 00:49:12 snort[56829]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.210.236.42:44087 -> 97.120.245.83:3392
Dec 10 00:49:12 snort[56829]: [1:2403494:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 98 [Classification: Misc Attack] [Priority: 2] {TCP} 103.210.236.42:44087 -> 97.120.245.83:3392
Dec 10 00:48:30 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:52491 -> 97.120.245.83:3388
Dec 10 00:48:30 snort[56829]: [1:2403428:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 65 [Classification: Misc Attack] [Priority: 2] {TCP} 77.247.110.161:52491 -> 97.120.245.83:3388
Dec 10 00:47:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:47646 -> 97.120.245.83:20547
Dec 10 00:47:55 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:47646 -> 97.120.245.83:20547
Dec 10 00:47:55 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:47646 -> 97.120.245.83:20547
Dec 10 00:47:55 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.77.144:47646 -> 97.120.245.83:20547
Dec 10 00:43:23 snort[56829]: [1:2403498:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 100 [Classification: Misc Attack] [Priority: 2] {TCP} 103.41.35.34:4911 -> 97.120.245.83:26
Dec 10 00:43:23 snort[56829]: [1:2403498:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 100 [Classification: Misc Attack] [Priority: 2] {TCP} 103.41.35.34:4911 -> 97.120.245.83:26
Dec 10 00:43:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:41625 -> 97.120.245.83:55890
Dec 10 00:43:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:41625 -> 97.120.245.83:55890
Dec 10 00:41:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3315
Dec 10 00:41:19 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3315
Dec 10 00:41:19 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3315
Dec 10 00:41:19 snort[56829]: [1:2403440:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 71 [Classification: Misc Attack] [Priority: 2] {TCP} 81.22.45.29:53107 -> 97.120.245.83:3315
Dec 10 00:40:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3099
Dec 10 00:40:48 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.80:56162 -> 97.120.245.83:3099
Dec 10 00:40:14 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:59889
Dec 10 00:40:14 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.52:47557 -> 97.120.245.83:59889
Dec 10 00:37:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33595
Dec 10 00:37:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33595
Dec 10 00:37:57 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33595
Dec 10 00:37:57 snort[56829]: [1:2403476:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 89 [Classification: Misc Attack] [Priority: 2] {TCP} 94.102.49.65:43641 -> 97.120.245.83:33595
Dec 10 00:36:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3983
Dec 10 00:36:39 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.2:42533 -> 97.120.245.83:3983
Dec 10 00:35:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:49804 -> 97.120.245.83:18801
Dec 10 00:35:17 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.17:49804 -> 97.120.245.83:18801
Dec 10 00:33:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56658 -> 97.120.245.83:3389
Dec 10 00:33:40 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56658 -> 97.120.245.83:3389
Dec 10 00:33:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56658 -> 97.120.245.83:3389
Dec 10 00:33:40 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.169.95:56658 -> 97.120.245.83:3389
Dec 10 00:33:25 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:8090
Dec 10 00:33:25 snort[56829]: [1:2403442:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 72 [Classification: Misc Attack] [Priority: 2] {TCP} 82.102.173.83:40228 -> 97.120.245.83:8090
Dec 10 00:33:09 snort[56829]: [1:2403480:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 91 [Classification: Misc Attack] [Priority: 2] {TCP} 94.52.53.201:8868 -> 97.120.245.83:26
Dec 10 00:33:09 snort[56829]: [1:2403480:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 91 [Classification: Misc Attack] [Priority: 2] {TCP} 94.52.53.201:8868 -> 97.120.245.83:26
Dec 10 00:31:44 snort[56829]: [1:2403421:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 [Classification: Misc Attack] [Priority: 2] {UDP} 71.6.199.23:31515 -> 97.120.245.83:2222
Dec 10 00:31:44 snort[56829]: [1:2403421:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 61 [Classification: Misc Attack] [Priority: 2] {UDP} 71.6.199.23:31515 -> 97.120.245.83:2222
Dec 10 00:31:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:41914 -> 97.120.245.83:13397
Dec 10 00:31:33 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 193.32.161.60:41914 -> 97.120.245.83:13397
Dec 10 00:31:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46697 -> 97.120.245.83:8089
Dec 10 00:31:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46697 -> 97.120.245.83:8089
Dec 10 00:31:26 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46697 -> 97.120.245.83:8089
Dec 10 00:31:26 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.215:46697 -> 97.120.245.83:8089
Dec 10 00:30:59 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:45833 -> 97.120.245.83:33390
Dec 10 00:30:59 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.103:45833 -> 97.120.245.83:33390
Dec 10 00:30:24 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6839
Dec 10 00:30:24 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.106:57447 -> 97.120.245.83:6839
Dec 10 00:29:41 snort[56829]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.175:61000 -> 97.120.245.83:33129
Dec 10 00:29:41 snort[56829]: [1:2403364:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 33 [Classification: Misc Attack] [Priority: 2] {TCP} 45.93.20.175:61000 -> 97.120.245.83:33129
Dec 10 00:27:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:54544 -> 97.120.245.83:45197
Dec 10 00:27:47 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.7:54544 -> 97.120.245.83:45197
Dec 10 00:25:42 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65005
Dec 10 00:25:42 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.178:47713 -> 97.120.245.83:65005
Dec 10 00:25:39 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5510
Dec 10 00:25:39 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.160.193:58374 -> 97.120.245.83:5510
Dec 10 00:25:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:58466 -> 97.120.245.83:7077
Dec 10 00:25:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.153.196.97:58466 -> 97.120.245.83:7077
Dec 10 00:23:42 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:59567 -> 97.120.245.83:1719
Dec 10 00:23:42 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:59567 -> 97.120.245.83:1719
Dec 10 00:23:42 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:59567 -> 97.120.245.83:1719
Dec 10 00:23:42 snort[56829]: [1:2403465:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 83 [Classification: Misc Attack] [Priority: 2] {UDP} 89.248.168.217:59567 -> 97.120.245.83:1719
Dec 10 00:22:39 snort[56829]: [1:2500024:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 13 [Classification: Misc Attack] [Priority: 2] {TCP} 94.177.213.102:51043 -> 97.120.245.83:8889
Dec 10 00:22:39 snort[56829]: [1:2500024:5276] ET COMPROMISED Known Compromised or Hostile Host Traffic TCP group 13 [Classification: Misc Attack] [Priority: 2] {TCP} 94.177.213.102:51043 -> 97.120.245.83:8889
Dec 10 00:22:18 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13314
Dec 10 00:22:18 snort[56829]: [1:2403350:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 26 [Classification: Misc Attack] [Priority: 2] {TCP} 45.141.86.131:51113 -> 97.120.245.83:13314
Dec 10 00:22:13 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:13615
Dec 10 00:22:13 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.53:53645 -> 97.120.245.83:13615
Dec 10 00:21:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6747
Dec 10 00:21:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6747
Dec 10 00:21:36 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6747
Dec 10 00:21:36 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.168.202:57271 -> 97.120.245.83:6747
Dec 10 00:21:16 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:33854
Dec 10 00:21:16 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:33854
Dec 10 00:19:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:41264 -> 97.120.245.83:46938
Dec 10 00:19:22 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.3:41264 -> 97.120.245.83:46938
Dec 10 00:19:22 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 00:19:22 snort[56829]: [1:2403378:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 40 [Classification: Misc Attack] [Priority: 2] {TCP} 51.161.12.231:32767 -> 97.120.245.83:8545
Dec 10 00:19:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:45920 -> 97.120.245.83:3399
Dec 10 00:19:14 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.176.27.46:45920 -> 97.120.245.83:3399
Dec 10 00:19:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:40361 -> 97.120.245.83:4155
Dec 10 00:19:10 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.83:40361 -> 97.120.245.83:4155
Dec 10 00:19:07 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.37:49176 -> 97.120.245.83:2160
Dec 10 00:19:07 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.161.37:49176 -> 97.120.245.83:2160
Dec 10 00:18:33 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:2467
Dec 10 00:18:33 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.55:59720 -> 97.120.245.83:2467
Dec 10 00:18:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.15.149.226:61971 -> 97.120.245.83:1433
Dec 10 00:18:08 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 112.15.149.226:61971 -> 97.120.245.83:1433
Dec 10 00:17:37 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:430
Dec 10 00:17:37 snort[56829]: [1:2403430:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 66 [Classification: Misc Attack] [Priority: 2] {TCP} 78.128.112.114:52894 -> 97.120.245.83:430
Dec 10 00:17:28 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:47433 -> 97.120.245.83:33394
Dec 10 00:17:28 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.246.76.203:47433 -> 97.120.245.83:33394
Dec 10 00:15:52 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6687
Dec 10 00:15:52 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.70.239:57148 -> 97.120.245.83:6687
Dec 10 00:15:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:8616
Dec 10 00:15:15 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.66:53335 -> 97.120.245.83:8616
Dec 10 00:13:51 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.196.9:40072 -> 97.120.245.83:3553
Dec 10 00:13:51 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.63.196.9:40072 -> 97.120.245.83:3553
Dec 10 00:13:45 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3530
Dec 10 00:13:45 snort[56829]: [1:2403438:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 70 [Classification: Misc Attack] [Priority: 2] {TCP} 80.82.64.127:8080 -> 97.120.245.83:3530
Dec 10 00:13:42 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 171.126.44.85:40021 -> 97.120.245.83:1433
Dec 10 00:13:42 snort[56829]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 171.126.44.85:40021 -> 97.120.245.83:1433
Dec 10 00:13:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:26000
Dec 10 00:13:29 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.104:44360 -> 97.120.245.83:26000
Dec 10 00:12:32 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:49222 -> 97.120.245.83:158
Dec 10 00:12:32 snort[56829]: [1:2402001:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:49222 -> 97.120.245.83:158
Dec 10 00:12:32 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:49222 -> 97.120.245.83:158
Dec 10 00:12:32 snort[56829]: [1:2403439:53780] ET CINS Active Threat Intelligence Poor Reputation IP UDP group 70 [Classification: Misc Attack] [Priority: 2] {UDP} 80.82.77.245:49222 -> 97.120.245.83:158
Dec 10 00:11:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:1000
Dec 10 00:11:26 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.143.223.126:54457 -> 97.120.245.83:1000
Dec 10 00:10:39 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.74:58551 -> 97.120.245.83:6783
Dec 10 00:10:39 snort[56829]: [1:2403458:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 80 [Classification: Misc Attack] [Priority: 2] {TCP} 88.214.26.74:58551 -> 97.120.245.83:6783
Dec 10 00:10:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:54131 -> 97.120.245.83:63279
Dec 10 00:10:12 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.175.93.27:54131 -> 97.120.245.83:63279
Dec 10 00:09:23 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 91.194.84.83:5215 -> 97.120.245.83:5060
Dec 10 00:09:23 snort[56829]: [1:2008578:6] ET SCAN Sipvicious Scan [Classification: Attempted Information Leak] [Priority: 2] {UDP} 91.194.84.83:5215 -> 97.120.245.83:5060
Dec 10 00:09:23 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 91.194.84.83:5215 -> 97.120.245.83:5060
Dec 10 00:09:23 snort[56829]: [1:2011716:4] ET SCAN Sipvicious User-Agent Detected (friendly-scanner) [Classification: Attempted Information Leak] [Priority: 2] {UDP} 91.194.84.83:5215 -> 97.120.245.83:5060
Dec 10 00:09:06 snort[56829]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.232.87:59228 -> 97.120.245.83:999
Dec 10 00:09:06 snort[56829]: [1:2403374:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 38 [Classification: Misc Attack] [Priority: 2] {TCP} 49.51.232.87:59228 -> 97.120.245.83:999
Dec 10 00:08:49 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5968
Dec 10 00:08:49 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.61:40527 -> 97.120.245.83:5968
Dec 10 00:08:09 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7223
Dec 10 00:08:09 snort[56829]: [1:2403472:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 87 [Classification: Misc Attack] [Priority: 2] {TCP} 92.119.160.65:44921 -> 97.120.245.83:7223
Dec 10 00:08:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:31694 -> 97.120.245.83:8089
Dec 10 00:08:03 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:31694 -> 97.120.245.83:8089
Dec 10 00:08:03 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:31694 -> 97.120.245.83:8089
Dec 10 00:08:03 snort[56829]: [1:2403464:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 83 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.174.205:31694 -> 97.120.245.83:8089
Dec 10 00:07:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11847
Dec 10 00:07:01 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.64:55266 -> 97.120.245.83:11847
Dec 10 00:06:46 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:48375 -> 97.120.245.83:6238
Dec 10 00:06:46 snort[56829]: [1:2403470:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 86 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.58:48375 -> 97.120.245.83:6238
Dec 10 00:06:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39734
Dec 10 00:06:36 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.34:57604 -> 97.120.245.83:39734
Dec 10 00:05:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:348
Dec 10 00:05:57 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.209.0.32:42738 -> 97.120.245.83:348
Dec 10 00:05:50 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6303
Dec 10 00:05:50 snort[56829]: [1:2403474:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 88 [Classification: Misc Attack] [Priority: 2] {TCP} 92.53.65.40:48697 -> 97.120.245.83:6303
Dec 10 00:05:42 snort[56829]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:42678 -> 97.120.245.83:3388
Dec 10 00:05:42 snort[56829]: [1:2403358:53780] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 30 [Classification: Misc Attack] [Priority: 2] {TCP} 45.227.254.30:42678 -> 97.120.245.83:3388
Dec 10 00:05:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.104:23607 -> 97.120.245.83:9091
Dec 10 00:05:34 snort[56829]: [1:2402000:5388] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 198.108.67.104:23607 -> 97.120.245.83:9091
Dec 10 00:05:13 snort[94422]: *** Caught Term-Signal
Dec 10 00:05:13 snort[94422]: *** Caught Term-Signal
Dec 10 00:05:11 snort[94054]: *** Caught Term-Signal
Dec 10 00:05:11 snort[94054]: *** Caught Term-Signal
Dec 10 00:04:44 snort[94054]: [1:2402000:5385] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:41625 -> 97.120.245.83:55889
Dec 10 00:04:44 snort[94054]: [1:2402000:5385] ET DROP Dshield Block Listed Source group 1 [Classification: Misc Attack] [Priority: 2] {TCP} 185.156.73.25:41625 -> 97.120.245.83:55889
Dec 10 00:02:59 snort[94054]: [1:2403468:53708] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:59106
Dec 10 00:02:59 snort[94054]: [1:2403468:53708] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 85 [Classification: Misc Attack] [Priority: 2] {TCP} 92.118.37.86:53214 -> 97.120.245.83:59106
Dec 10 00:01:50 snort[94054]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 78.164.99.119:64600 -> 97.120.245.83:1433
Dec 10 00:01:50 snort[94054]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 78.164.99.119:64600 -> 97.120.245.83:1433
Dec 10 00:01:28 snort[94054]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 148.153.12.196:40867 -> 97.120.245.83:1433
Dec 10 00:01:28 snort[94054]: [1:2010935:3] ET SCAN Suspicious inbound to MSSQL port 1433 [Classification: Potentially Bad Traffic] [Priority: 2] {TCP} 148.153.12.196:40867 -> 97.120.245.83:1433
Dec 10 00:00:07 snort[94054]: [1:2403462:53708] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:34888 -> 97.120.245.83:8089
Dec 10 00:00:07 snort[94054]: [1:2403462:53708] ET CINS Active Threat Intelligence Poor Reputation IP TCP group 82 [Classification: Misc Attack] [Priority: 2] {TCP} 89.248.162.144:34888 -> 97.120.245.83:8089