techhelplist
techhelplist
/ rdp-attackers-7-days-20200413.txt
Created
April 13, 2020 14:39
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 13 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-04-06T13:30Z 104.210.56.35 admin | |
| 2020-04-06T13:30Z 104.41.161.238 admin | |
| 2020-04-06T13:30Z 13.76.215.37 administrator— | |
| 2020-04-06T13:30Z 13.92.141.59 admin | |
| 2020-04-06T13:30Z 13.94.241.134 admin | |
| 2020-04-06T13:30Z 145.239.165.131 admin | |
| 2020-04-06T13:30Z 168.63.152.68 administrator— | |
| 2020-04-06T13:30Z 185.104.185.29 YONG |
techhelplist
/ rdp-attackers-7-days-20200406.txt
Created
April 6, 2020 14:08
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 6 07:30:01 MDT 2020 | |
| #timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-30T13:30Z 115.21.79.16 ADMINISTRATOR | |
| 2020-03-30T13:30Z 139.178.67.83 ADMINISTRATOR | |
| 2020-03-30T13:30Z 14.34.194.98 30101 | |
| 2020-03-30T13:30Z 14.34.194.98 30301 | |
| 2020-03-30T13:30Z 176.113.115.11 JCCADMIN | |
| 2020-03-30T13:30Z 176.113.115.150 RUYADMIN | |
| 2020-03-30T13:30Z 176.113.115.15 TKADM |
techhelplist
/ rdp-attackers-7-days-20200330.txt
Created
March 30, 2020 14:32
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 30 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-23T23:05:32.224Z 46.119.160.160 Administrator | |
| 2020-03-26T09:03:09.339Z 103.120.28.252 ADMINISTRATOR | |
| 2020-03-26T14:43:02.285Z 185.202.1.81 admin | |
| 2020-03-23T13:38:20.551Z 121.241.7.34 Scan | |
| 2020-03-26T09:03:11.619Z 5.183.93.57 YRJADMIN | |
| 2020-03-26T22:12:52.861Z 185.153.196.64 USER5 | |
| 2020-03-23T23:05:40.231Z 209.45.61.241 ADMINISTRATOR | |
| 2020-03-26T14:43:07.191Z 46.119.184.167 Administrator |
techhelplist
/ rdp-attackers-7-days-20200323.txt
Created
March 23, 2020 14:12
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 23 07:30:02 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-20T04:10:15.765Z 110.235.202.182 Scanner | |
| 2020-03-20T07:12:32.515Z 212.92.108.234 RX1 | |
| 2020-03-17T21:16:30.676Z 61.128.178.227 ADMINISTRATOR | |
| 2020-03-20T07:11:46.879Z 185.202.2.72 NICK | |
| 2020-03-20T04:12:16.613Z 45.141.84.90 administrator | |
| 2020-03-20T04:12:21.497Z 45.141.84.90 administrator | |
| 2020-03-20T04:12:25.948Z 185.202.1.122 Administrator | |
| 2020-03-17T21:17:18.485Z 212.92.121.247 OFFICE |
techhelplist
/ rdp-attackers-7-days-20200316.txt
Created
March 16, 2020 13:52
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 16 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-10T03:41:55.964Z 185.202.1.201 DCADMIN | |
| 2020-03-14T01:29:10.080Z 212.92.120.208 SOS | |
| 2020-03-10T03:42:15.033Z 68.183.87.191 Administrator | |
| 2020-03-14T01:30:03.745Z 51.91.129.59 ADMIN | |
| 2020-03-10T14:01:34.664Z 64.225.113.28 Administrator | |
| 2020-03-14T01:30:12.626Z 212.92.120.208 ANA | |
| 2020-03-10T20:41:43.981Z 104.254.245.51 ADMINISTRATOR | |
| 2020-03-14T01:30:14.324Z 185.184.24.244 ADMINISTRATOR |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # these are domains which i ran across that i could find no legit content at, instead either: | |
| # 1 : domain was hosting nothing but phishing sites and/or kits | |
| # 2 : domain was hosting nothing but malware | |
| # 3 : domain was hosting nothing, but has obviously been registered in a series and resolved the same as other | |
| # crime-only domains. (GBA : Guilty by Association) | |
| # in many cases, the information came from other, trusted, friendly counter-cybercrime people | |
| # but was verified by myself. THERE WILL BE DUPLICATES, | deal | with | it > yadig.txt | |
| # hey, if this is helpful at all or if you want something removed, lemme know. twitter.com/JayTHL or j@techhelplist.com | |
techhelplist
/ rdp-attackers-7-days-20200309.txt
Created
March 9, 2020 14:07
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 9 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-06T22:29:01.294Z 185.202.1.120 LTCPDC | |
| 2020-03-03T22:51:04.686Z 99.79.50.107 ADMINISTRATOR | |
| 2020-03-03T22:51:04.180Z 204.12.234.82 PRINTER | |
| 2020-03-06T23:01:10.400Z 185.153.199.132 SAURIN | |
| 2020-03-07T02:28:52.642Z 185.202.1.158 BOZHIDARB | |
| 2020-03-03T22:50:21.188Z 185.202.1.244 MAYCOSAZ | |
| 2020-03-07T02:29:33.438Z 212.92.115.127 BILLY | |
| 2020-03-06T23:01:17.182Z 146.0.35.56 administrator |
techhelplist
/ rdp-attackers-7-days-20200302.txt
Created
March 2, 2020 15:28
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 2 07:30:01 MST 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-02-28T20:05:16.997Z 80.211.141.243 ADMINISTRATOR | |
| 2020-02-28T23:53:06.955Z 85.14.245.157 matthew | |
| 2020-02-28T23:53:06.726Z 190.24.45.89 ADMINISTRATOR | |
| 2020-02-28T18:12:16.889Z 46.161.27.121 STAFF | |
| 2020-02-28T20:05:13.599Z 210.245.90.7 ADMINISTRATOR | |
| 2020-02-28T19:13:25.861Z 185.234.218.25 ADMINISTRATOR | |
| 2020-02-28T18:12:09.712Z 80.211.141.243 ADMINISTRATOR | |
| 2020-02-24T22:43:55.189Z 185.209.0.88 ADMINISTRATOR |
techhelplist
/ rdp-attackers-7-days-20200224.txt
Created
February 24, 2020 15:20
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Feb 24 07:30:01 MST 2020 | |
| #timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-02-17T14:30Z 103.119.71.4 ADMINISTRATOR | |
| 2020-02-17T14:30Z 107.191.55.157 ADMINISTRATOR | |
| 2020-02-17T14:30Z 146.0.78.26 BALCAO | |
| 2020-02-17T14:30Z 169.57.207.244 SERVICE | |
| 2020-02-17T14:30Z 185.202.2.69 PRICE | |
| 2020-02-17T14:30Z 185.209.0.108 ADMIN | |
| 2020-02-17T14:30Z 185.209.0.112 BUSINESS | |
| 2020-02-17T14:30Z 185.209.0.87 MAXIMUM |
techhelplist
/ rdp-attackers-7-days-20200217.txt
Created
February 18, 2020 16:27
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Feb 17 07:30:02 MST 2020 | |
| #timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-02-10T14:30Z 124.158.9.38 ADMINISTRATOR | |
| 2020-02-10T14:30Z 185.209.0.40 RESMAC | |
| 2020-02-10T14:30Z 185.209.0.57 MSWORDUSER | |
| 2020-02-10T14:30Z 185.209.0.57 WINDOWS | |
| 2020-02-10T14:30Z 185.209.0.85 NPS | |
| 2020-02-10T14:30Z 185.209.0.85 PESTAMACH | |
| 2020-02-10T14:30Z 185.209.0.96 ADMIN |