City: unknown
Region: unknown
Country: Canada
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.144.30.170 | attackbots | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:10:58 |
b
; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.144.3.3
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31585
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.144.3.3. IN A
;; AUTHORITY SECTION:
. 418 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022801 1800 900 604800 86400
;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Mar 01 03:09:08 CST 2022
;; MSG SIZE rcvd: 104
Host 3.3.144.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 3.3.144.104.in-addr.arpa: NXDOMAIN
| IP | Type | Details | Datetime |
|---|---|---|---|
| 190.141.193.79 | attackspambots | DATE:2019-06-24 14:00:58, IP:190.141.193.79, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc-bis) |
2019-06-25 01:06:37 |
| 27.254.144.84 | attack | blogonese.net 27.254.144.84 \[24/Jun/2019:17:25:57 +0200\] "POST /wp-login.php HTTP/1.1" 200 5772 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" blogonese.net 27.254.144.84 \[24/Jun/2019:17:25:59 +0200\] "POST /wp-login.php HTTP/1.1" 200 5732 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-06-25 00:15:33 |
| 88.82.176.149 | attackbots | [portscan] Port scan |
2019-06-25 00:07:17 |
| 91.193.130.66 | attack | Brute Force Joomla Admin Login |
2019-06-25 00:59:17 |
| 187.75.252.224 | attackbots | Unauthorised access (Jun 24) SRC=187.75.252.224 LEN=52 TTL=112 ID=30082 DF TCP DPT=445 WINDOW=8192 SYN |
2019-06-25 01:04:31 |
| 185.189.113.243 | attack | Attempts spam post to comment form - stupid bot. |
2019-06-25 00:18:53 |
| 141.98.10.52 | attackbotsspam | Rude login attack (5 tries in 1d) |
2019-06-25 00:39:04 |
| 37.49.224.67 | attackbotsspam | ¯\_(ツ)_/¯ |
2019-06-25 00:18:10 |
| 187.6.249.142 | attackbotsspam | 20 attempts against mh-ssh on sun.magehost.pro |
2019-06-25 00:58:34 |
| 103.255.240.42 | attackspambots | fail2ban honeypot |
2019-06-25 00:28:58 |
| 223.242.228.130 | attackspam | Postfix RBL failed |
2019-06-25 00:07:56 |
| 66.249.65.120 | attack | 66.249.65.120 - - [24/Jun/2019:19:02:26 +0700] "GET /index.php/121-peralatan-observasiklimatologi/aktinograf/78-aktinograf HTTP/1.1" 301 314 8064 "-" "Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2272.96 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)" - % 66.249.65.120 66.249.65.120 103.27.207.197 314 2822 - - - - - https://karangploso.jatim.bmkg.go.id/index.php/121-peralatan-observasiklimatologi/aktinograf/78-aktinograf HTTP/1.1 0 XRC70rB4H4Sl@VgBIuCaUQAAAFE GET 80 20141 - 0 /index.php/121-peralatan-observasiklimatologi/aktinograf/78-aktinograf karangploso.jatim.bmkg.go.id karangploso.jatim.bmkg.go.id + 635 8699 ... |
2019-06-25 00:49:07 |
| 139.199.192.159 | attackspam | Jun 24 16:15:06 marvibiene sshd[2872]: Invalid user beryl from 139.199.192.159 port 37766 Jun 24 16:15:06 marvibiene sshd[2872]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.199.192.159 Jun 24 16:15:06 marvibiene sshd[2872]: Invalid user beryl from 139.199.192.159 port 37766 Jun 24 16:15:09 marvibiene sshd[2872]: Failed password for invalid user beryl from 139.199.192.159 port 37766 ssh2 ... |
2019-06-25 00:54:31 |
| 149.56.140.24 | attackbotsspam | 149.56.140.24 - - \[24/Jun/2019:14:04:22 +0200\] "POST /wp-login.php HTTP/1.1" 200 1860 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" 149.56.140.24 - - \[24/Jun/2019:14:04:23 +0200\] "POST /wp-login.php HTTP/1.1" 200 2091 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" ... |
2019-06-25 00:04:38 |
| 198.245.62.147 | attackspam | WordPress login Brute force / Web App Attack on client site. |
2019-06-25 00:34:03 |