City: unknown
Region: unknown
Country: Canada
Internet Service Provider: B2 Net Solutions Inc.
Hostname: unknown
Organization: unknown
Usage Type: Data Center/Web Hosting/Transit
| Type | Details | Datetime |
|---|---|---|
| attack | (From whitlow.retha@gmail.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-24 23:17:19 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 209.127.143.79
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58137
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;209.127.143.79. IN A
;; AUTHORITY SECTION:
. 191 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020072400 1800 900 604800 86400
;; Query time: 51 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Jul 24 23:17:14 CST 2020
;; MSG SIZE rcvd: 118Host 79.143.127.209.in-addr.arpa. not found: 3(NXDOMAIN)Server: 183.60.83.19
Address: 183.60.83.19#53
** server can't find 79.143.127.209.in-addr.arpa: NXDOMAIN| IP | Type | Details | Datetime |
|---|---|---|---|
| 2001:41d0:a:4582:: | attack | 2001:41d0:a:4582:: - - [06/Aug/2020:04:55:19 +0100] "POST /wp-login.php HTTP/1.1" 200 2345 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2001:41d0:a:4582:: - - [06/Aug/2020:04:55:20 +0100] "POST /wp-login.php HTTP/1.1" 200 2350 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 2001:41d0:a:4582:: - - [06/Aug/2020:04:55:21 +0100] "POST /xmlrpc.php HTTP/1.1" 200 247 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ... |
2020-08-06 12:28:59 |
| 106.53.2.93 | attackbotsspam | Aug 5 23:17:49 cosmoit sshd[30488]: Failed password for root from 106.53.2.93 port 59994 ssh2 |
2020-08-06 08:55:47 |
| 222.186.180.41 | attackspam | Aug 6 09:22:48 gw1 sshd[13008]: Failed password for root from 222.186.180.41 port 47464 ssh2 Aug 6 09:22:52 gw1 sshd[13008]: Failed password for root from 222.186.180.41 port 47464 ssh2 ... |
2020-08-06 12:26:36 |
| 218.92.0.220 | attack | Aug 5 23:56:34 NPSTNNYC01T sshd[6195]: Failed password for root from 218.92.0.220 port 60659 ssh2 Aug 5 23:56:49 NPSTNNYC01T sshd[6220]: Failed password for root from 218.92.0.220 port 57431 ssh2 ... |
2020-08-06 12:01:09 |
| 36.89.81.175 | attackspambots | Unauthorised access (Aug 5) SRC=36.89.81.175 LEN=52 TOS=0x10 PREC=0x40 TTL=118 ID=23784 DF TCP DPT=445 WINDOW=8192 SYN |
2020-08-06 08:59:25 |
| 178.128.217.135 | attackbotsspam | Multiple SSH authentication failures from 178.128.217.135 |
2020-08-06 12:18:21 |
| 190.145.81.37 | attack | SSH brutforce |
2020-08-06 12:16:04 |
| 14.172.49.151 | attackspam | Unauthorized connection attempt detected from IP address 14.172.49.151 to port 23 |
2020-08-06 12:07:02 |
| 109.94.115.20 | attackspam | 1596686124 - 08/06/2020 10:55:24 Host: 109.94.115.20/109.94.115.20 Port: 23 TCP Blocked ... |
2020-08-06 12:24:16 |
| 51.178.86.49 | attackbotsspam | Aug 6 05:51:54 *hidden* sshd[18504]: Failed password for *hidden* from 51.178.86.49 port 56838 ssh2 Aug 6 05:55:24 *hidden* sshd[19122]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.178.86.49 user=root Aug 6 05:55:26 *hidden* sshd[19122]: Failed password for *hidden* from 51.178.86.49 port 34296 ssh2 |
2020-08-06 12:23:53 |
| 180.76.111.242 | attackbots | SSH Bruteforce |
2020-08-06 08:57:20 |
| 54.37.157.88 | attack | Aug 6 10:51:40 webhost01 sshd[7093]: Failed password for root from 54.37.157.88 port 43413 ssh2 ... |
2020-08-06 12:13:07 |
| 94.79.55.192 | attackspambots | 2020-08-06T03:47:19.187497shield sshd\[26698\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.79.55.192 user=root 2020-08-06T03:47:21.475165shield sshd\[26698\]: Failed password for root from 94.79.55.192 port 44928 ssh2 2020-08-06T03:51:43.874417shield sshd\[27056\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.79.55.192 user=root 2020-08-06T03:51:45.742262shield sshd\[27056\]: Failed password for root from 94.79.55.192 port 49702 ssh2 2020-08-06T03:55:52.885096shield sshd\[27363\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=94.79.55.192 user=root |
2020-08-06 12:02:05 |
| 163.177.97.2 | attackspam | Aug 6 05:55:33 cosmoit sshd[11554]: Failed password for root from 163.177.97.2 port 53154 ssh2 |
2020-08-06 12:21:04 |
| 124.83.34.38 | attackspambots | Attempts against non-existent wp-login |
2020-08-06 08:51:34 |