City: unknown
Region: unknown
Country: Canada
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 107.152.192.145 | attackspambots | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:07:28 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 107.152.192.31
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 52424
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;107.152.192.31. IN A
;; AUTHORITY SECTION:
. 600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022022800 1800 900 604800 86400
;; Query time: 19 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 28 14:49:47 CST 2022
;; MSG SIZE rcvd: 10731.192.152.107.in-addr.arpa domain name pointer a4a32fa.westemberg.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
31.192.152.107.in-addr.arpa name = a4a32fa.westemberg.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 184.105.139.84 | attackbots | 50070/tcp 548/tcp 8443/tcp... [2019-08-25/10-25]21pkt,12pt.(tcp),1pt.(udp) |
2019-10-25 14:36:35 |
| 106.12.205.48 | attack | 2019-10-25T03:53:39.289225abusebot-5.cloudsearch.cf sshd\[30330\]: Invalid user home from 106.12.205.48 port 46612 |
2019-10-25 15:08:15 |
| 124.207.17.66 | attackbots | web-1 [ssh_2] SSH Attack |
2019-10-25 15:06:25 |
| 58.215.64.173 | attackbots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/58.215.64.173/ CN - 1H : (1872) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 58.215.64.173 CIDR : 58.215.64.0/21 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 9 3H - 24 6H - 53 12H - 108 24H - 273 DateTime : 2019-10-25 05:53:52 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-25 14:55:43 |
| 122.226.41.106 | attack | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/122.226.41.106/ CN - 1H : (1872) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN4134 IP : 122.226.41.106 CIDR : 122.226.40.0/22 PREFIX COUNT : 5430 UNIQUE IP COUNT : 106919680 ATTACKS DETECTED ASN4134 : 1H - 9 3H - 24 6H - 53 12H - 108 24H - 273 DateTime : 2019-10-25 05:53:56 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-25 14:49:39 |
| 111.231.162.181 | attackbotsspam | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/111.231.162.181/ JP - 1H : (35) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : JP NAME ASN : ASN45090 IP : 111.231.162.181 CIDR : 111.231.162.0/23 PREFIX COUNT : 1788 UNIQUE IP COUNT : 2600192 ATTACKS DETECTED ASN45090 : 1H - 8 3H - 26 6H - 43 12H - 56 24H - 64 DateTime : 2019-10-25 05:53:57 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-25 14:48:27 |
| 167.71.60.50 | attackspambots | WordPress wp-login brute force :: 167.71.60.50 0.056 BYPASS [25/Oct/2019:14:54:06 1100] [censored_4] "POST /wp-login.php HTTP/1.1" 200 3989 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" |
2019-10-25 14:44:26 |
| 182.18.146.201 | attackbotsspam | SSH Bruteforce |
2019-10-25 14:59:12 |
| 185.176.27.246 | attackspam | 10/25/2019-08:20:49.494203 185.176.27.246 Protocol: 6 ET DROP Dshield Block Listed Source group 1 |
2019-10-25 14:32:42 |
| 113.10.173.99 | attackspam | 1433/tcp [2019-10-25]1pkt |
2019-10-25 14:51:08 |
| 58.248.224.19 | attackbots | IP Ban Report : https://help-dysk.pl/wordpress-firewall-plugins/ip/58.248.224.19/ CN - 1H : (1872) Protection Against DDoS WordPress plugin : "odzyskiwanie danych help-dysk" IP Address Ranges by Country : CN NAME ASN : ASN17622 IP : 58.248.224.19 CIDR : 58.248.224.0/21 PREFIX COUNT : 322 UNIQUE IP COUNT : 811520 ATTACKS DETECTED ASN17622 : 1H - 2 3H - 3 6H - 7 12H - 9 24H - 9 DateTime : 2019-10-25 05:53:55 INFO : HACK ! - Looking for resource vulnerabilities Scan Detected and Blocked by ADMIN - data recovery |
2019-10-25 14:52:12 |
| 185.175.93.105 | attackspambots | Scanning (more than 2 packets) random ports - tries to find possible vulnerable services |
2019-10-25 14:58:51 |
| 36.224.87.165 | attackspam | Unauthorised access (Oct 25) SRC=36.224.87.165 LEN=56 PREC=0x20 TTL=20 ID=26214 DF TCP DPT=445 WINDOW=8192 SYN |
2019-10-25 14:36:57 |
| 203.109.126.108 | attackbots | 2323/tcp [2019-10-24]1pkt |
2019-10-25 14:42:28 |
| 190.13.14.125 | attackbotsspam | 23/tcp [2019-10-25]1pkt |
2019-10-25 15:01:35 |