Jump to content

fasezero.com 104.24.106.86 104.24.107.86 suspicious activity


grahamperrin

Recommended Posts

https://redd.it/6kdr6s refers to:

http://fasezero.com/lastnotice.html

In the Wayback Machine, from when the site was popular and reputable: https://web.archive.org/web/20171011021748/http://fasezero.com/lastnotice.html

The site changed hands. Now, lastnotice.html appears to be a 95.4 MB application.

grahamperrin@momh167-gjp4-8570p:/tmp % date ; uname
Sun Oct 27 10:11:02 GMT 2019
FreeBSD
grahamperrin@momh167-gjp4-8570p:/tmp % pwd
/tmp
grahamperrin@momh167-gjp4-8570p:/tmp % wget --tries=5 http://fasezero.com/lastnotice.html
--2019-10-27 10:11:08--  http://fasezero.com/lastnotice.html
Resolving fasezero.com (fasezero.com)... 104.24.106.86, 104.24.107.86, 2606:4700:30::6818:6b56, ...
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:80... connected.
HTTP request sent, awaiting response... 301 Moved Permanently
Location: https://fasezero.com/lastnotice.html [following]
--2019-10-27 10:11:08--  https://fasezero.com/lastnotice.html
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100000000 (95M) [application/octet-stream]
Saving to: 'lastnotice.html.3'

lastnotice.html.3           0%[                                     ]      24  --.-KB/s    in 4.8s    

2019-10-27 10:11:14 (4.98 B/s) - Connection closed at byte 24. Retrying.

--2019-10-27 10:11:15--  (try: 2)  https://fasezero.com/lastnotice.html
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100000000 (95M) [application/octet-stream]
Saving to: 'lastnotice.html.3'

lastnotice.html.3           0%[                                     ]      24  --.-KB/s    in 4.8s    

2019-10-27 10:11:20 (5.00 B/s) - Connection closed at byte 24. Retrying.

--2019-10-27 10:11:22--  (try: 3)  https://fasezero.com/lastnotice.html
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100000000 (95M) [application/octet-stream]
Saving to: 'lastnotice.html.3'

lastnotice.html.3           0%[                                     ]      24  --.-KB/s    in 4.8s    

2019-10-27 10:11:27 (5.01 B/s) - Connection closed at byte 24. Retrying.

--2019-10-27 10:11:30--  (try: 4)  https://fasezero.com/lastnotice.html
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100000000 (95M) [application/octet-stream]
Saving to: 'lastnotice.html.3'

lastnotice.html.3           0%[                                     ]      24  --.-KB/s    in 4.8s    

2019-10-27 10:11:35 (5.01 B/s) - Connection closed at byte 24. Retrying.

--2019-10-27 10:11:39--  (try: 5)  https://fasezero.com/lastnotice.html
Connecting to fasezero.com (fasezero.com)|104.24.106.86|:443... connected.
HTTP request sent, awaiting response... 200 OK
Length: 100000000 (95M) [application/octet-stream]
Saving to: 'lastnotice.html.3'

lastnotice.html.3           0%[                                     ]      24  --.-KB/s    in 4.8s    

2019-10-27 10:11:44 (5.03 B/s) - Connection closed at byte 24. Giving up.

grahamperrin@momh167-gjp4-8570p:/tmp % 
$ drill -V 5 fasezero.com
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; flags: rd ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; fasezero.com.        IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; WHEN: Sun Oct 27 10:15:43 2019
;; MSG SIZE  rcvd: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 48511
;; flags: qr rd ra ; QUERY: 1, ANSWER: 2, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; fasezero.com.        IN      A

;; ANSWER SECTION:
fasezero.com.   280     IN      A       104.24.106.86
fasezero.com.   280     IN      A       104.24.107.86

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 4 msec
;; SERVER: 192.168.1.1
;; WHEN: Sun Oct 27 10:15:43 2019
;; MSG SIZE  rcvd: 62
$ drill -V 5 104.24.106.86
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; flags: rd ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 104.24.106.86.       IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; WHEN: Sun Oct 27 10:16:03 2019
;; MSG SIZE  rcvd: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 11746
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 104.24.106.86.       IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
.       6109    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; ADDITIONAL SECTION:

;; Query time: 15 msec
;; SERVER: 192.168.1.1
;; WHEN: Sun Oct 27 10:16:03 2019
;; MSG SIZE  rcvd: 106
$ drill -V 5 104.24.107.86
;; ->>HEADER<<- opcode: QUERY, rcode: NOERROR, id: 0
;; flags: rd ; QUERY: 1, ANSWER: 0, AUTHORITY: 0, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 104.24.107.86.       IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:

;; ADDITIONAL SECTION:

;; Query time: 0 msec
;; WHEN: Sun Oct 27 10:16:12 2019
;; MSG SIZE  rcvd: 0
;; ->>HEADER<<- opcode: QUERY, rcode: NXDOMAIN, id: 11062
;; flags: qr rd ra ; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0 
;; QUESTION SECTION:
;; 104.24.107.86.       IN      A

;; ANSWER SECTION:

;; AUTHORITY SECTION:
.       6100    IN      SOA     a.root-servers.net. nstld.verisign-grs.com. 2019102700 1800 900 604800 86400

;; ADDITIONAL SECTION:

;; Query time: 15 msec
;; SERVER: 192.168.1.1
;; WHEN: Sun Oct 27 10:16:12 2019
;; MSG SIZE  rcvd: 106
$ 

 

Link to post
  • 4 weeks later...

Create an account or sign in to comment

You need to be a member in order to leave a comment

Create an account

Sign up for a new account in our community. It's easy!

Register a new account

Sign in

Already have an account? Sign in here.

Sign In Now
  • Recently Browsing   0 members

    No registered users viewing this page.

Back to top
×
×
  • Create New...

Important Information

This site uses cookies - We have placed cookies on your device to help make this website better. You can adjust your cookie settings, otherwise we'll assume you're okay to continue.