城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): Verizon
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 166.169.66.80
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 58530
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;166.169.66.80. IN A
;; AUTHORITY SECTION:
. 150 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2020051101 1800 900 604800 86400
;; Query time: 117 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue May 12 07:39:05 CST 2020
;; MSG SIZE rcvd: 11780.66.169.166.in-addr.arpa domain name pointer 80.sub-166-169-66.myvzw.com.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
80.66.169.166.in-addr.arpa name = 80.sub-166-169-66.myvzw.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 187.45.123.147 | attackbots | DATE:2020-02-21 22:26:32, IP:187.45.123.147, PORT:telnet Telnet brute force auth on honeypot server (epe-honey1-hq) |
2020-02-22 08:29:52 |
| 109.195.21.86 | attackbots | ** MIRAI HOST ** Fri Feb 21 14:28:48 2020 - Child process 137628 handling connection Fri Feb 21 14:28:48 2020 - New connection from: 109.195.21.86:51806 Fri Feb 21 14:28:48 2020 - Sending data to client: [Login: ] Fri Feb 21 14:28:48 2020 - Got data: admin Fri Feb 21 14:28:49 2020 - Sending data to client: [Password: ] Fri Feb 21 14:28:49 2020 - Got data: 54321 Fri Feb 21 14:28:51 2020 - Child 137629 granting shell Fri Feb 21 14:28:51 2020 - Child 137628 exiting Fri Feb 21 14:28:51 2020 - Sending data to client: [Logged in] Fri Feb 21 14:28:51 2020 - Sending data to client: [Welcome to MX990 Embedded Linux] Fri Feb 21 14:28:51 2020 - Sending data to client: [[root@dvrdvs /]# ] Fri Feb 21 14:28:52 2020 - Got data: enable system shell sh Fri Feb 21 14:28:52 2020 - Sending data to client: [Command not found] Fri Feb 21 14:28:52 2020 - Sending data to client: [[root@dvrdvs /]# ] Fri Feb 21 14:28:52 2020 - Got data: cat /proc/mounts; /bin/busybox PCOHJ Fri Feb 21 14:28:52 2020 - Sending data to clien |
2020-02-22 08:23:07 |
| 14.227.100.126 | attackspambots | Feb 21 22:19:38 mxgate1 postfix/postscreen[22965]: CONNECT from [14.227.100.126]:50838 to [176.31.12.44]:25 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23007]: addr 14.227.100.126 listed by domain ix.dnsbl.xxxxxx.net as 127.0.0.2 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23011]: addr 14.227.100.126 listed by domain cbl.abuseat.org as 127.0.0.2 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23009]: addr 14.227.100.126 listed by domain bl.spamcop.net as 127.0.0.2 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23010]: addr 14.227.100.126 listed by domain zen.spamhaus.org as 127.0.0.3 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23010]: addr 14.227.100.126 listed by domain zen.spamhaus.org as 127.0.0.11 Feb 21 22:19:38 mxgate1 postfix/dnsblog[23010]: addr 14.227.100.126 listed by domain zen.spamhaus.org as 127.0.0.4 Feb 21 22:19:39 mxgate1 postfix/dnsblog[23008]: addr 14.227.100.126 listed by domain b.barracudacentral.org as 127.0.0.2 Feb 21 22:19:39 mxgate1 postfix/postscreen[22965]: PREGREET 20 a........ ------------------------------- |
2020-02-22 08:36:05 |
| 178.62.117.106 | attack | Ssh brute force |
2020-02-22 08:21:31 |
| 128.90.59.82 | attack | Lines containing failures of 128.90.59.82 2020-02-21 x@x ........ ----------------------------------------------- https://www.blocklist.de/en/view.html?ip=128.90.59.82 |
2020-02-22 08:24:12 |
| 195.78.43.179 | attack | firewall-block, port(s): 33405/tcp |
2020-02-22 08:39:51 |
| 218.92.0.191 | attack | Feb 22 01:02:32 dcd-gentoo sshd[15801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 22 01:02:34 dcd-gentoo sshd[15801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 22 01:02:32 dcd-gentoo sshd[15801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 22 01:02:34 dcd-gentoo sshd[15801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 22 01:02:32 dcd-gentoo sshd[15801]: User root from 218.92.0.191 not allowed because none of user's groups are listed in AllowGroups Feb 22 01:02:34 dcd-gentoo sshd[15801]: error: PAM: Authentication failure for illegal user root from 218.92.0.191 Feb 22 01:02:34 dcd-gentoo sshd[15801]: Failed keyboard-interactive/pam for invalid user root from 218.92.0.191 port 55414 ssh2 ... |
2020-02-22 08:19:32 |
| 45.184.24.5 | attackspam | $f2bV_matches |
2020-02-22 08:15:52 |
| 5.94.203.205 | attack | Invalid user guest from 5.94.203.205 port 60262 |
2020-02-22 08:38:28 |
| 220.88.1.208 | attackspam | Feb 21 14:36:06 php1 sshd\[24497\]: Invalid user password123 from 220.88.1.208 Feb 21 14:36:06 php1 sshd\[24497\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.88.1.208 Feb 21 14:36:08 php1 sshd\[24497\]: Failed password for invalid user password123 from 220.88.1.208 port 33591 ssh2 Feb 21 14:39:37 php1 sshd\[24945\]: Invalid user 123456789 from 220.88.1.208 Feb 21 14:39:37 php1 sshd\[24945\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=220.88.1.208 |
2020-02-22 08:41:34 |
| 182.76.141.185 | attackspambots | port scan and connect, tcp 23 (telnet) |
2020-02-22 08:51:04 |
| 122.114.109.112 | attackbots | port scan and connect, tcp 80 (http) |
2020-02-22 08:26:18 |
| 74.108.153.8 | attack | Automatic report - Port Scan Attack |
2020-02-22 08:52:10 |
| 218.92.0.189 | attack | Feb 22 01:12:25 legacy sshd[5639]: Failed password for root from 218.92.0.189 port 12546 ssh2 Feb 22 01:12:28 legacy sshd[5639]: Failed password for root from 218.92.0.189 port 12546 ssh2 Feb 22 01:12:30 legacy sshd[5639]: Failed password for root from 218.92.0.189 port 12546 ssh2 ... |
2020-02-22 08:34:55 |
| 132.232.90.20 | attackbotsspam | Feb 22 00:30:53 host sshd[24289]: Invalid user steve from 132.232.90.20 port 34464 ... |
2020-02-22 08:22:22 |