City: unknown
Region: unknown
Country: Canada
Internet Service Provider: B2 Net Solutions Inc.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attackbots | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:10:58 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 104.144.30.170
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 36819
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;104.144.30.170. IN A
;; AUTHORITY SECTION:
. 572 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020072400 1800 900 604800 86400
;; Query time: 66 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 23:10:53 CST 2020
;; MSG SIZE rcvd: 118Host 170.30.144.104.in-addr.arpa. not found: 3(NXDOMAIN)
Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 170.30.144.104.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 180.250.115.121 | attackbots | Dec 25 09:10:21 thevastnessof sshd[1588]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=180.250.115.121 ... |
2019-12-25 18:35:02 |
| 78.165.65.72 | attackspam | 1577255085 - 12/25/2019 07:24:45 Host: 78.165.65.72/78.165.65.72 Port: 445 TCP Blocked |
2019-12-25 18:31:08 |
| 123.231.121.50 | attack | www.handydirektreparatur.de 123.231.121.50 [25/Dec/2019:07:24:28 +0100] "POST /wp-login.php HTTP/1.1" 200 6299 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" www.handydirektreparatur.de 123.231.121.50 [25/Dec/2019:07:24:30 +0100] "POST /wp-login.php HTTP/1.1" 200 6259 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-12-25 18:40:34 |
| 14.18.189.68 | attackbotsspam | Automatic report - Banned IP Access |
2019-12-25 18:51:15 |
| 114.38.142.222 | attackbotsspam | Fail2Ban - FTP Abuse Attempt |
2019-12-25 18:43:20 |
| 172.105.76.69 | attackbotsspam | Unauthorized connection attempt detected from IP address 172.105.76.69 to port 1167 |
2019-12-25 18:32:16 |
| 149.202.206.206 | attackspam | Dec 25 10:38:23 herz-der-gamer sshd[12256]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=149.202.206.206 user=server Dec 25 10:38:25 herz-der-gamer sshd[12256]: Failed password for server from 149.202.206.206 port 56208 ssh2 Dec 25 10:49:43 herz-der-gamer sshd[12405]: Invalid user ny from 149.202.206.206 port 46021 ... |
2019-12-25 18:37:37 |
| 203.205.28.116 | attack | 1577255082 - 12/25/2019 07:24:42 Host: 203.205.28.116/203.205.28.116 Port: 445 TCP Blocked |
2019-12-25 18:31:54 |
| 222.186.175.212 | attack | Dec 25 10:08:15 hcbbdb sshd\[29687\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root Dec 25 10:08:17 hcbbdb sshd\[29687\]: Failed password for root from 222.186.175.212 port 22140 ssh2 Dec 25 10:08:27 hcbbdb sshd\[29687\]: Failed password for root from 222.186.175.212 port 22140 ssh2 Dec 25 10:08:31 hcbbdb sshd\[29687\]: Failed password for root from 222.186.175.212 port 22140 ssh2 Dec 25 10:08:35 hcbbdb sshd\[29719\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.175.212 user=root |
2019-12-25 18:42:57 |
| 119.29.152.172 | attackbots | Repeated failed SSH attempt |
2019-12-25 18:49:46 |
| 115.214.201.159 | attackbots | Scanning |
2019-12-25 18:52:20 |
| 106.13.81.18 | attack | Dec 25 10:56:39 lnxweb61 sshd[18043]: Failed password for root from 106.13.81.18 port 53734 ssh2 Dec 25 10:58:38 lnxweb61 sshd[19502]: Failed password for root from 106.13.81.18 port 41426 ssh2 Dec 25 11:00:33 lnxweb61 sshd[22740]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=106.13.81.18 |
2019-12-25 18:26:19 |
| 51.91.8.222 | attack | Dec 25 10:58:27 SilenceServices sshd[11071]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.91.8.222 Dec 25 10:58:29 SilenceServices sshd[11071]: Failed password for invalid user kornek from 51.91.8.222 port 53800 ssh2 Dec 25 11:01:25 SilenceServices sshd[11899]: Failed password for root from 51.91.8.222 port 56540 ssh2 |
2019-12-25 18:15:36 |
| 103.232.120.109 | attackbotsspam | Dec 25 14:09:25 vibhu-HP-Z238-Microtower-Workstation sshd\[24706\]: Invalid user b2 from 103.232.120.109 Dec 25 14:09:25 vibhu-HP-Z238-Microtower-Workstation sshd\[24706\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 Dec 25 14:09:27 vibhu-HP-Z238-Microtower-Workstation sshd\[24706\]: Failed password for invalid user b2 from 103.232.120.109 port 54250 ssh2 Dec 25 14:13:18 vibhu-HP-Z238-Microtower-Workstation sshd\[24868\]: Invalid user calomiti from 103.232.120.109 Dec 25 14:13:18 vibhu-HP-Z238-Microtower-Workstation sshd\[24868\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=103.232.120.109 ... |
2019-12-25 18:38:59 |
| 223.199.191.232 | attackspambots | FTP Brute Force |
2019-12-25 18:46:28 |