techhelplist
techhelplist
/ rdp-attackers-7-days-20200427.txt
Created
April 27, 2020 14:05
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 27 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-04-21T08:15:06.474Z 45.141.84.89 administrador | |
| 2020-04-21T08:15:36.462Z 185.209.0.107 ADRAIN | |
| 2020-04-20T14:57:08.655Z 185.209.0.15 ADMINISTRATOR | |
| 2020-04-20T15:49:52.408Z 185.202.1.81 administrator | |
| 2020-04-21T08:15:12.438Z 185.202.1.128 TRACI | |
| 2020-04-20T15:49:54.587Z 185.202.1.128 LACEY | |
| 2020-04-20T14:57:17.255Z 185.209.0.85 ADMINISTRATOR | |
| 2020-04-23T19:40:32.130Z 37.115.185.171 Administrator |
techhelplist
/ rdp-attackers-7-days-20200420.txt
Created
April 20, 2020 14:20
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 20 07:30:01 MDT 2020 | |
| 2020-04-13T13Z 103.25.196.51 ADMINISTRATOR | |
| 2020-04-13T13Z 106.54.233.169 ADMINISTRATOR | |
| 2020-04-13T13Z 109.228.50.55 ADMINISTRATOR | |
| 2020-04-13T13Z 118.218.82.86 ADMINISTRATOR | |
| 2020-04-13T13Z 119.75.44.106 LFOWLER | |
| 2020-04-13T13Z 119.75.44.106 MCUDIAMAT | |
| 2020-04-13T13Z 12.49.43.181 ADMINISTRATOR | |
| 2020-04-13T13Z 12.49.43.182 ADMINISTRATOR |
techhelplist
/ googleapis-phishes-17apr2020.txt
Created
April 17, 2020 15:01
googleapis-phishes-17apr2020.txt
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| 93 phishes, 1 adwind malware | |
| https://firebasestorage.googleapis.com/v0/b/website-36d25.appspot.com/o/PO_RFQ_1407000525xlsx.jar?alt=media&token=bd527770-a983-4990-b45a-d690eef9f3ab | |
| https://firebasestorage.googleapis.com/v0/b/aabb-d6079.appspot.com/o/dio.htm?alt=media&token=23968cac-8f9b-4150-a883-c8cbe30228b6 | |
| https://firebasestorage.googleapis.com/v0/b/aller-92d5b.appspot.com/o/ays.htm?alt=media&token=71382c31-ec6a-4f39-a99a-44cae586639b | |
| https://firebasestorage.googleapis.com/v0/b/app-mic038930020sever.appspot.com/o/index.html?alt=media&token=0c73e36b-9e2c-4aac-95c9-d2c1b444c57a | |
| https://firebasestorage.googleapis.com/v0/b/app00008589.appspot.com/o/index.html?alt=media&token=d330103f-d6bb-415b-a86b-cee8eed4802f | |
| https://firebasestorage.googleapis.com/v0/b/app101-75709.appspot.com/o/en.htm?alt=media&token=d8e9c0ed-cc85-46e0-94e4-8b2e4fc5c14d |
techhelplist
/ rdp-attackers-7-days-20200413.txt
Created
April 13, 2020 14:39
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 13 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-04-06T13:30Z 104.210.56.35 admin | |
| 2020-04-06T13:30Z 104.41.161.238 admin | |
| 2020-04-06T13:30Z 13.76.215.37 administrator— | |
| 2020-04-06T13:30Z 13.92.141.59 admin | |
| 2020-04-06T13:30Z 13.94.241.134 admin | |
| 2020-04-06T13:30Z 145.239.165.131 admin | |
| 2020-04-06T13:30Z 168.63.152.68 administrator— | |
| 2020-04-06T13:30Z 185.104.185.29 YONG |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # these are domains which i ran across that i could find no legit content at, instead either: | |
| # 1 : domain was hosting nothing but phishing sites and/or kits | |
| # 2 : domain was hosting nothing but malware | |
| # 3 : domain was hosting nothing, but has obviously been registered in a series and resolved the same as other | |
| # crime-only domains. (GBA : Guilty by Association) | |
| # in many cases, the information came from other, trusted, friendly counter-cybercrime people | |
| # but was verified by myself. THERE WILL BE DUPLICATES, | deal | with | it > yadig.txt | |
| # hey, if this is helpful at all or if you want something removed, lemme know. twitter.com/JayTHL or j@techhelplist.com | |
techhelplist
/ rdp-attackers-7-days-20200406.txt
Created
April 6, 2020 14:08
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Apr 6 07:30:01 MDT 2020 | |
| #timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-30T13:30Z 115.21.79.16 ADMINISTRATOR | |
| 2020-03-30T13:30Z 139.178.67.83 ADMINISTRATOR | |
| 2020-03-30T13:30Z 14.34.194.98 30101 | |
| 2020-03-30T13:30Z 14.34.194.98 30301 | |
| 2020-03-30T13:30Z 176.113.115.11 JCCADMIN | |
| 2020-03-30T13:30Z 176.113.115.150 RUYADMIN | |
| 2020-03-30T13:30Z 176.113.115.15 TKADM |
techhelplist
/ rdp-attackers-7-days-20200323.txt
Created
March 23, 2020 14:12
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 23 07:30:02 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-20T04:10:15.765Z 110.235.202.182 Scanner | |
| 2020-03-20T07:12:32.515Z 212.92.108.234 RX1 | |
| 2020-03-17T21:16:30.676Z 61.128.178.227 ADMINISTRATOR | |
| 2020-03-20T07:11:46.879Z 185.202.2.72 NICK | |
| 2020-03-20T04:12:16.613Z 45.141.84.90 administrator | |
| 2020-03-20T04:12:21.497Z 45.141.84.90 administrator | |
| 2020-03-20T04:12:25.948Z 185.202.1.122 Administrator | |
| 2020-03-17T21:17:18.485Z 212.92.121.247 OFFICE |
techhelplist
/ rdp-attackers-7-days-20200316.txt
Created
March 16, 2020 13:52
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 16 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-10T03:41:55.964Z 185.202.1.201 DCADMIN | |
| 2020-03-14T01:29:10.080Z 212.92.120.208 SOS | |
| 2020-03-10T03:42:15.033Z 68.183.87.191 Administrator | |
| 2020-03-14T01:30:03.745Z 51.91.129.59 ADMIN | |
| 2020-03-10T14:01:34.664Z 64.225.113.28 Administrator | |
| 2020-03-14T01:30:12.626Z 212.92.120.208 ANA | |
| 2020-03-10T20:41:43.981Z 104.254.245.51 ADMINISTRATOR | |
| 2020-03-14T01:30:14.324Z 185.184.24.244 ADMINISTRATOR |
techhelplist
/ rdp-attackers-7-days-20200309.txt
Created
March 9, 2020 14:07
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 9 07:30:01 MDT 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-03-06T22:29:01.294Z 185.202.1.120 LTCPDC | |
| 2020-03-03T22:51:04.686Z 99.79.50.107 ADMINISTRATOR | |
| 2020-03-03T22:51:04.180Z 204.12.234.82 PRINTER | |
| 2020-03-06T23:01:10.400Z 185.153.199.132 SAURIN | |
| 2020-03-07T02:28:52.642Z 185.202.1.158 BOZHIDARB | |
| 2020-03-03T22:50:21.188Z 185.202.1.244 MAYCOSAZ | |
| 2020-03-07T02:29:33.438Z 212.92.115.127 BILLY | |
| 2020-03-06T23:01:17.182Z 146.0.35.56 administrator |
techhelplist
/ rdp-attackers-7-days-20200302.txt
Created
March 2, 2020 15:28
This file has been truncated, but you can view the full file.
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #report generated Mon Mar 2 07:30:01 MST 2020 | |
| timestamp winlogbeat_winlog_event_data_IpAddress winlogbeat_winlog_event_data_TargetUserName | |
| 2020-02-28T20:05:16.997Z 80.211.141.243 ADMINISTRATOR | |
| 2020-02-28T23:53:06.955Z 85.14.245.157 matthew | |
| 2020-02-28T23:53:06.726Z 190.24.45.89 ADMINISTRATOR | |
| 2020-02-28T18:12:16.889Z 46.161.27.121 STAFF | |
| 2020-02-28T20:05:13.599Z 210.245.90.7 ADMINISTRATOR | |
| 2020-02-28T19:13:25.861Z 185.234.218.25 ADMINISTRATOR | |
| 2020-02-28T18:12:09.712Z 80.211.141.243 ADMINISTRATOR | |
| 2020-02-24T22:43:55.189Z 185.209.0.88 ADMINISTRATOR |