City: unknown
Region: unknown
Country: Netherlands
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 139.162.220.142
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 57617
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;139.162.220.142. IN A
;; AUTHORITY SECTION:
. 312 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021702 1800 900 604800 86400
;; Query time: 56 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Fri Feb 18 12:01:01 CST 2022
;; MSG SIZE rcvd: 108142.220.162.139.in-addr.arpa domain name pointer li1383-142.members.linode.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
142.220.162.139.in-addr.arpa name = li1383-142.members.linode.com.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 218.250.90.164 | attack | Honeypot attack, port: 5555, PTR: n218250090164.netvigator.com. |
2020-03-06 10:03:52 |
| 88.202.190.152 | attackspambots | MultiHost/MultiPort Probe, Scan, Hack - |
2020-03-06 09:36:28 |
| 61.158.167.184 | attack | port scan and connect, tcp 1433 (ms-sql-s) |
2020-03-06 09:32:55 |
| 36.227.3.134 | attack | k+ssh-bruteforce |
2020-03-06 09:58:43 |
| 216.198.66.11 | attackbots | DATE:2020-03-05 22:55:14, IP:216.198.66.11, PORT:telnet Telnet brute force auth on honeypot server (honey-neo-dc) |
2020-03-06 09:59:24 |
| 109.94.120.191 | attackbots | ** MIRAI HOST ** Thu Mar 5 14:55:53 2020 - Child process 260894 handling connection Thu Mar 5 14:55:53 2020 - New connection from: 109.94.120.191:60013 Thu Mar 5 14:55:53 2020 - Sending data to client: [Login: ] Thu Mar 5 14:55:53 2020 - Got data: guest Thu Mar 5 14:55:54 2020 - Sending data to client: [Password: ] Thu Mar 5 14:55:55 2020 - Got data: 12345 Thu Mar 5 14:55:57 2020 - Child 260900 granting shell Thu Mar 5 14:55:57 2020 - Child 260894 exiting Thu Mar 5 14:55:57 2020 - Sending data to client: [Logged in] Thu Mar 5 14:55:57 2020 - Sending data to client: [Welcome to MX990 Embedded Linux] Thu Mar 5 14:55:57 2020 - Sending data to client: [[root@dvrdvs /]# ] Thu Mar 5 14:55:57 2020 - Got data: enable system shell sh Thu Mar 5 14:55:57 2020 - Sending data to client: [Command not found] Thu Mar 5 14:55:57 2020 - Sending data to client: [[root@dvrdvs /]# ] Thu Mar 5 14:55:57 2020 - Got data: cat /proc/mounts; /bin/busybox JJIHW Thu Mar 5 14:55:57 2020 - Sending data to clie |
2020-03-06 09:38:50 |
| 51.91.8.222 | attack | $f2bV_matches |
2020-03-06 09:54:49 |
| 81.133.189.239 | attackspambots | 2020-03-05T23:31:08.639329shield sshd\[2433\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-133-189-239.in-addr.btopenworld.com user=root 2020-03-05T23:31:09.831445shield sshd\[2433\]: Failed password for root from 81.133.189.239 port 59582 ssh2 2020-03-05T23:36:33.114335shield sshd\[3187\]: Invalid user act-ftp from 81.133.189.239 port 33027 2020-03-05T23:36:33.119852shield sshd\[3187\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=host81-133-189-239.in-addr.btopenworld.com 2020-03-05T23:36:34.931979shield sshd\[3187\]: Failed password for invalid user act-ftp from 81.133.189.239 port 33027 ssh2 |
2020-03-06 09:49:23 |
| 88.202.190.140 | attack | Metasploit VxWorks WDB Agent Scanner Detection, PTR: scanners.labs.rapid7.com. |
2020-03-06 09:58:18 |
| 222.186.180.130 | attack | Mar 5 22:37:31 firewall sshd[12090]: Failed password for root from 222.186.180.130 port 40003 ssh2 Mar 5 22:37:34 firewall sshd[12090]: Failed password for root from 222.186.180.130 port 40003 ssh2 Mar 5 22:37:36 firewall sshd[12090]: Failed password for root from 222.186.180.130 port 40003 ssh2 ... |
2020-03-06 09:47:57 |
| 88.202.190.147 | attack | 139/tcp 2379/tcp 111/udp... [2020-01-06/03-05]10pkt,8pt.(tcp),2pt.(udp) |
2020-03-06 09:46:43 |
| 123.20.247.7 | attackspam | 2020-03-0522:54:221j9yRh-0002Rr-R7\<=verena@rs-solution.chH=\(localhost\)[14.187.34.129]:39995P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2375id=8386306368BC9221FDF8B109FD23A871@rs-solution.chT="Wouldliketogetacquaintedwithyou"forzakdaddy000041@gmail.com107bgautam@gmail.com2020-03-0522:54:471j9yS6-0002Uw-4D\<=verena@rs-solution.chH=\(localhost\)[14.231.61.171]:33023P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2253id=A7A214474C98B605D9DC952DD92F7CAA@rs-solution.chT="Onlyrequireatinyamountofyourattention"forrivercena1@gmail.combigbucks1389@gmail.com2020-03-0522:54:591j9ySI-0002WC-PI\<=verena@rs-solution.chH=\(localhost\)[123.20.112.37]:59411P=esmtpsaX=TLS1.2:ECDHE-RSA-AES256-GCM-SHA384:256CV=noA=dovecot_login:verena@rs-solution.chS=2240id=EFEA5C0F04D0FE4D9194DD659136D51C@rs-solution.chT="Justneedalittlebitofyourattention"forangelvegagarcia31@gmail.comabdulnurumusa076@gmail.com2020-03-0522:54:381j9yRx-0002UG-KY |
2020-03-06 10:04:42 |
| 139.5.159.62 | attackspambots | (sshd) Failed SSH login from 139.5.159.62 (LA/Laos/-): 5 in the last 3600 secs; Ports: *; Direction: inout; Trigger: LF_SSHD; Logs: Mar 6 00:32:57 amsweb01 sshd[20717]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root Mar 6 00:33:00 amsweb01 sshd[20717]: Failed password for root from 139.5.159.62 port 46198 ssh2 Mar 6 00:40:47 amsweb01 sshd[21515]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root Mar 6 00:40:49 amsweb01 sshd[21515]: Failed password for root from 139.5.159.62 port 41492 ssh2 Mar 6 00:44:46 amsweb01 sshd[21935]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=139.5.159.62 user=root |
2020-03-06 09:31:49 |
| 211.199.7.164 | attackbots | Honeypot attack, port: 5555, PTR: PTR record not found |
2020-03-06 09:31:20 |
| 14.239.57.216 | attackspambots | Honeypot attack, port: 445, PTR: static.vnpt.vn. |
2020-03-06 09:45:36 |