City: unknown
Region: unknown
Country: Canada
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 104.144.30.170 | attackbots | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:10:58 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.144.3.48
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57155
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;104.144.3.48. IN A
;; AUTHORITY SECTION:
. 256 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022500 1800 900 604800 86400
;; Query time: 58 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 26 00:42:56 CST 2022
;; MSG SIZE rcvd: 105Host 48.3.144.104.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 48.3.144.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 83.110.15.157 | attack | Automatic report - XMLRPC Attack |
2020-05-15 20:33:56 |
| 113.88.13.124 | attack | (ftpd) Failed FTP login from 113.88.13.124 (CN/China/-): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: May 15 08:17:54 ir1 pure-ftpd: (?@113.88.13.124) [WARNING] Authentication failed for user [anonymous] |
2020-05-15 20:02:56 |
| 192.3.48.122 | attackbots | May 15 12:33:56 |
2020-05-15 20:15:58 |
| 183.89.215.33 | attackbots | Dovecot Invalid User Login Attempt. |
2020-05-15 20:29:44 |
| 45.142.195.15 | attackbots | May 15 13:25:34 blackbee postfix/smtpd\[29043\]: warning: unknown\[45.142.195.15\]: SASL LOGIN authentication failed: authentication failure May 15 13:26:26 blackbee postfix/smtpd\[29043\]: warning: unknown\[45.142.195.15\]: SASL LOGIN authentication failed: authentication failure May 15 13:27:19 blackbee postfix/smtpd\[29043\]: warning: unknown\[45.142.195.15\]: SASL LOGIN authentication failed: authentication failure May 15 13:28:11 blackbee postfix/smtpd\[29043\]: warning: unknown\[45.142.195.15\]: SASL LOGIN authentication failed: authentication failure May 15 13:29:01 blackbee postfix/smtpd\[29043\]: warning: unknown\[45.142.195.15\]: SASL LOGIN authentication failed: authentication failure ... |
2020-05-15 20:32:30 |
| 123.207.218.163 | attackbots | 5x Failed Password |
2020-05-15 20:02:09 |
| 183.89.211.57 | attackspambots | Dovecot Invalid User Login Attempt. |
2020-05-15 20:23:50 |
| 133.18.208.160 | attackspam | May 15 03:22:17 ns sshd[11129]: Connection from 133.18.208.160 port 59170 on 134.119.39.98 port 22 May 15 03:22:18 ns sshd[11129]: Invalid user m4 from 133.18.208.160 port 59170 May 15 03:22:18 ns sshd[11129]: Failed password for invalid user m4 from 133.18.208.160 port 59170 ssh2 May 15 03:22:19 ns sshd[11129]: Received disconnect from 133.18.208.160 port 59170:11: Bye Bye [preauth] May 15 03:22:19 ns sshd[11129]: Disconnected from 133.18.208.160 port 59170 [preauth] May 15 03:31:26 ns sshd[29487]: Connection from 133.18.208.160 port 36865 on 134.119.39.98 port 22 May 15 03:31:27 ns sshd[29487]: Invalid user w from 133.18.208.160 port 36865 May 15 03:31:27 ns sshd[29487]: Failed password for invalid user w from 133.18.208.160 port 36865 ssh2 May 15 03:31:28 ns sshd[29487]: Received disconnect from 133.18.208.160 port 36865:11: Bye Bye [preauth] May 15 03:31:28 ns sshd[29487]: Disconnected from 133.18.208.160 port 36865 [preauth] May 15 03:35:38 ns sshd[17566]: Connecti........ ------------------------------- |
2020-05-15 20:18:37 |
| 49.232.165.42 | attackspam | Invalid user admissions from 49.232.165.42 port 42524 |
2020-05-15 20:05:35 |
| 68.183.12.80 | attackspambots | Invalid user payroll from 68.183.12.80 port 37124 |
2020-05-15 20:19:13 |
| 104.239.136.8 | attack | May 13 20:59:57 ns sshd[3515]: Connection from 104.239.136.8 port 37264 on 134.119.39.98 port 22 May 13 20:59:58 ns sshd[3515]: Invalid user postgres from 104.239.136.8 port 37264 May 13 20:59:58 ns sshd[3515]: Failed password for invalid user postgres from 104.239.136.8 port 37264 ssh2 May 13 20:59:58 ns sshd[3515]: Received disconnect from 104.239.136.8 port 37264:11: Bye Bye [preauth] May 13 20:59:58 ns sshd[3515]: Disconnected from 104.239.136.8 port 37264 [preauth] May 13 21:07:10 ns sshd[23139]: Connection from 104.239.136.8 port 40782 on 134.119.39.98 port 22 May 13 21:07:17 ns sshd[23139]: Connection closed by 104.239.136.8 port 40782 [preauth] May 13 21:09:28 ns sshd[19026]: Connection from 104.239.136.8 port 32796 on 134.119.39.98 port 22 May 13 21:09:33 ns sshd[19026]: Invalid user eom from 104.239.136.8 port 32796 May 13 21:09:33 ns sshd[19026]: Failed password for invalid user eom from 104.239.136.8 port 32796 ssh2 May 13 21:09:33 ns sshd[19026]: Received d........ ------------------------------- |
2020-05-15 20:17:30 |
| 118.126.88.254 | attackspambots | May 14 23:37:38 rudra sshd[273491]: Invalid user superstage from 118.126.88.254 May 14 23:37:38 rudra sshd[273491]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.88.254 May 14 23:37:40 rudra sshd[273491]: Failed password for invalid user superstage from 118.126.88.254 port 54200 ssh2 May 14 23:37:40 rudra sshd[273491]: Received disconnect from 118.126.88.254: 11: Bye Bye [preauth] May 14 23:56:47 rudra sshd[277504]: Invalid user xxxxxxn78 from 118.126.88.254 May 14 23:56:47 rudra sshd[277504]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=118.126.88.254 May 14 23:56:49 rudra sshd[277504]: Failed password for invalid user xxxxxxn78 from 118.126.88.254 port 55394 ssh2 May 14 23:56:50 rudra sshd[277504]: Received disconnect from 118.126.88.254: 11: Bye Bye [preauth] May 15 00:02:21 rudra sshd[284871]: Invalid user hou from 118.126.88.254 May 15 00:02:21 rudra sshd[284871]: pam_uni........ ------------------------------- |
2020-05-15 20:09:27 |
| 198.20.103.178 | attack | HTTP/80/443/8080 Probe, BF, WP, Hack - |
2020-05-15 20:27:06 |
| 216.218.206.111 | attackbots | May 15 14:28:54 debian-2gb-nbg1-2 kernel: \[11804583.038772\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=216.218.206.111 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=243 ID=54321 PROTO=TCP SPT=45891 DPT=389 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-05-15 20:37:25 |
| 180.76.173.75 | attack | May 15 13:35:27 163-172-32-151 sshd[21764]: Invalid user admin from 180.76.173.75 port 51098 ... |
2020-05-15 20:13:48 |