City: unknown
Region: unknown
Country: None
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
| IP | Type | Details | Datetime |
|---|---|---|---|
| 45.95.97.247 | attack | (From jessika.bean@yahoo.com) This Google doc exposes how this scamdemic is part of a bigger plan to crush your business and keep it closed or semi-operational (with heavy rescritions) while big corporations remain open without consequences. This Covid lie has ruined many peoples lives and businesses and is all done on purpose to bring about the One World Order. It goes much deeper than this but the purpose of this doc is to expose the evil and wickedness that works in the background to ruin peoples lives. So feel free to share this message with friends and family. No need to reply to the email i provided above as its not registered. But this information will tell you everything you need to know. https://docs.google.com/document/d/14MuVe_anmrcDQl4sZhDqzhQy0Pbhrx9A/edit. In case the document is taken down, here is a backup source https://fakecovidscam.com |
2020-07-23 23:26:58 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 45.95.97.108
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 31027
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;45.95.97.108. IN A
;; AUTHORITY SECTION:
. 218 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022061501 1800 900 604800 86400
;; Query time: 25 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Thu Jun 16 01:06:23 CST 2022
;; MSG SIZE rcvd: 105Host 108.97.95.45.in-addr.arpa not found: 2(SERVFAIL)
server can't find 45.95.97.108.in-addr.arpa: SERVFAIL| IP | Type | Details | Datetime |
|---|---|---|---|
| 158.79.1.11 | attackbotsspam | ICMP MH Probe, Scan /Distributed - |
2020-07-31 01:36:15 |
| 49.233.148.2 | attackbotsspam | Jul 30 23:08:40 itv-usvr-01 sshd[23357]: Invalid user qiuliuyang from 49.233.148.2 Jul 30 23:08:40 itv-usvr-01 sshd[23357]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.233.148.2 Jul 30 23:08:40 itv-usvr-01 sshd[23357]: Invalid user qiuliuyang from 49.233.148.2 Jul 30 23:08:42 itv-usvr-01 sshd[23357]: Failed password for invalid user qiuliuyang from 49.233.148.2 port 51764 ssh2 Jul 30 23:15:18 itv-usvr-01 sshd[23893]: Invalid user jiandunwen from 49.233.148.2 |
2020-07-31 01:32:54 |
| 162.14.10.158 | attackbots | ICMP MH Probe, Scan /Distributed - |
2020-07-31 00:56:59 |
| 117.232.127.51 | attackbotsspam | Jul 30 17:49:16 ajax sshd[27058]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.232.127.51 Jul 30 17:49:18 ajax sshd[27058]: Failed password for invalid user ranchenyang from 117.232.127.51 port 44848 ssh2 |
2020-07-31 01:14:40 |
| 194.33.74.73 | attackbotsspam | (smtpauth) Failed SMTP AUTH login from 194.33.74.73 (PL/Poland/74-73.frinet.pl): 1 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_TRIGGER; Logs: 2020-07-30 18:35:48 plain authenticator failed for ([194.33.74.73]) [194.33.74.73]: 535 Incorrect authentication data (set_id=ab-heidary@safanicu.com) |
2020-07-31 01:16:30 |
| 200.194.14.79 | attackbots | Automatic report - Port Scan Attack |
2020-07-31 01:25:34 |
| 37.224.61.146 | attack | Unauthorised access (Jul 30) SRC=37.224.61.146 LEN=52 TTL=117 ID=16519 DF TCP DPT=445 WINDOW=8192 SYN |
2020-07-31 01:18:22 |
| 200.111.120.180 | attackbotsspam | Jul 30 14:58:22 XXX sshd[55496]: Invalid user gitlab from 200.111.120.180 port 37988 |
2020-07-31 01:01:21 |
| 105.184.27.95 | attack | eintrachtkultkellerfulda.de 105.184.27.95 [30/Jul/2020:14:05:36 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" eintrachtkultkellerfulda.de 105.184.27.95 [30/Jul/2020:14:05:40 +0200] "POST /xmlrpc.php HTTP/1.1" 200 408 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/59.0.3071.109 Safari/537.36" |
2020-07-31 01:19:20 |
| 162.14.0.46 | attack | ICMP MH Probe, Scan /Distributed - |
2020-07-31 01:09:58 |
| 193.35.51.13 | attack | 2020-07-30 19:24:17 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data \(set_id=info@yt.gl\) 2020-07-30 19:24:25 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:24:34 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:24:40 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:24:52 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:24:58 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:25:04 dovecot_login authenticator failed for \(\[193.35.51.13\]\) \[193.35.51.13\]: 535 Incorrect authentication data 2020-07-30 19:25:09 dovecot_login authenticator failed ... |
2020-07-31 01:32:04 |
| 112.80.35.2 | attackspambots | Jul 30 15:43:13 plex-server sshd[2628646]: Invalid user rongzhengqin from 112.80.35.2 port 65534 Jul 30 15:43:13 plex-server sshd[2628646]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=112.80.35.2 Jul 30 15:43:13 plex-server sshd[2628646]: Invalid user rongzhengqin from 112.80.35.2 port 65534 Jul 30 15:43:15 plex-server sshd[2628646]: Failed password for invalid user rongzhengqin from 112.80.35.2 port 65534 ssh2 Jul 30 15:47:14 plex-server sshd[2630956]: Invalid user siyamalan from 112.80.35.2 port 65534 ... |
2020-07-31 01:23:19 |
| 179.108.245.129 | attackspam | failed_logins |
2020-07-31 01:22:31 |
| 149.72.94.135 | attackbots | Jul 29 12:01:29 mxgate1 postfix/postscreen[9294]: CONNECT from [149.72.94.135]:52878 to [176.31.12.44]:25 Jul 29 12:01:29 mxgate1 postfix/dnsblog[9331]: addr 149.72.94.135 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Jul 29 12:01:35 mxgate1 postfix/postscreen[9294]: PASS NEW [149.72.94.135]:52878 Jul 29 12:01:35 mxgate1 postfix/smtpd[9395]: connect from wrqvrzvt.outbound-mail.sendgrid.net[149.72.94.135] Jul 29 12:01:37 mxgate1 postfix/smtpd[9395]: 42FAEA0241: client=wrqvrzvt.outbound-mail.sendgrid.net[149.72.94.135] Jul 29 12:01:39 mxgate1 postfix/smtpd[9395]: disconnect from wrqvrzvt.outbound-mail.sendgrid.net[149.72.94.135] ehlo=2 starttls=1 mail=1 rcpt=1 data=1 quhostname=1 commands=7 Jul 29 12:01:45 mxgate1 postfix/smtpd[9325]: 8590CA026F: client=localhost.localdomain[127.0.0.1], orig_client=wrqvrzvt.outbound-mail.sendgrid.net[149.72.94.135] Jul 29 15:05:14 mxgate1 postfix/postscreen[14742]: CONNECT from [149.72.94.135]:2839 to [176.31.12.44]:25 Jul 29 15:05:15........ ------------------------------- |
2020-07-31 01:10:26 |
| 179.124.49.11 | attackbotsspam | Jul 30 13:59:23 mail.srvfarm.net postfix/smtpd[3877011]: warning: unknown[179.124.49.11]: SASL PLAIN authentication failed: Jul 30 13:59:23 mail.srvfarm.net postfix/smtpd[3877011]: lost connection after AUTH from unknown[179.124.49.11] Jul 30 14:02:01 mail.srvfarm.net postfix/smtps/smtpd[3877941]: warning: unknown[179.124.49.11]: SASL PLAIN authentication failed: Jul 30 14:02:03 mail.srvfarm.net postfix/smtps/smtpd[3877941]: lost connection after AUTH from unknown[179.124.49.11] Jul 30 14:02:10 mail.srvfarm.net postfix/smtpd[3874686]: warning: unknown[179.124.49.11]: SASL PLAIN authentication failed: |
2020-07-31 01:08:33 |