City: unknown
Region: unknown
Country: Viet Nam
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.160.0.138
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 19403
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;14.160.0.138. IN A
;; AUTHORITY SECTION:
. 144 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020700 1800 900 604800 86400
;; Query time: 18 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Mon Feb 07 16:51:32 CST 2022
;; MSG SIZE rcvd: 105138.0.160.14.in-addr.arpa domain name pointer static.vnpt.vn.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
138.0.160.14.in-addr.arpa name = static.vnpt.vn.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 134.209.254.186 | attackspam | Automatic report - Banned IP Access |
2019-09-09 10:39:24 |
| 104.131.185.1 | attack | miraniessen.de 104.131.185.1 \[09/Sep/2019:04:36:51 +0200\] "POST /wp-login.php HTTP/1.1" 200 5972 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" miraniessen.de 104.131.185.1 \[09/Sep/2019:04:36:52 +0200\] "POST /wp-login.php HTTP/1.1" 200 5976 "-" "Mozilla/5.0 \(X11\; Ubuntu\; Linux x86_64\; rv:62.0\) Gecko/20100101 Firefox/62.0" |
2019-09-09 11:22:35 |
| 198.108.66.99 | attackspambots | 8888/tcp 22/tcp 82/tcp... [2019-07-14/09-08]14pkt,6pt.(tcp),2pt.(udp) |
2019-09-09 11:04:46 |
| 51.15.118.122 | attack | Sep 8 21:57:26 vps691689 sshd[12224]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=51.15.118.122 Sep 8 21:57:27 vps691689 sshd[12224]: Failed password for invalid user web from 51.15.118.122 port 54546 ssh2 ... |
2019-09-09 11:00:43 |
| 159.203.177.53 | attack | Sep 9 04:34:31 mail sshd\[1477\]: Invalid user update from 159.203.177.53 port 42322 Sep 9 04:34:31 mail sshd\[1477\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.177.53 Sep 9 04:34:33 mail sshd\[1477\]: Failed password for invalid user update from 159.203.177.53 port 42322 ssh2 Sep 9 04:40:31 mail sshd\[2757\]: Invalid user systest from 159.203.177.53 port 47106 Sep 9 04:40:31 mail sshd\[2757\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=159.203.177.53 |
2019-09-09 10:55:57 |
| 68.232.62.69 | attack | Unauthorised access (Sep 8) SRC=68.232.62.69 LEN=40 TOS=0x10 PREC=0x40 TTL=55 ID=52607 TCP DPT=8080 WINDOW=44313 SYN Unauthorised access (Sep 8) SRC=68.232.62.69 LEN=40 TOS=0x10 PREC=0x40 TTL=55 ID=39580 TCP DPT=8080 WINDOW=61760 SYN |
2019-09-09 10:46:35 |
| 189.188.137.54 | attack | port scan/probe/communication attempt |
2019-09-09 10:39:06 |
| 14.63.223.226 | attackspambots | Sep 9 00:00:40 saschabauer sshd[14711]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=14.63.223.226 Sep 9 00:00:42 saschabauer sshd[14711]: Failed password for invalid user admin from 14.63.223.226 port 49526 ssh2 |
2019-09-09 11:18:07 |
| 159.203.199.142 | attackspam | 2525/tcp 43521/tcp 1400/tcp... [2019-09-06/08]4pkt,4pt.(tcp) |
2019-09-09 11:25:53 |
| 200.157.34.171 | attackspam | Sep 9 04:58:03 eventyay sshd[17307]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.157.34.171 Sep 9 04:58:05 eventyay sshd[17307]: Failed password for invalid user qwerty123 from 200.157.34.171 port 56270 ssh2 Sep 9 05:03:21 eventyay sshd[17420]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=200.157.34.171 ... |
2019-09-09 11:18:38 |
| 198.108.66.164 | attackbotsspam | 591/tcp 1521/tcp 1911/tcp... [2019-07-18/09-08]15pkt,8pt.(tcp),1pt.(udp) |
2019-09-09 11:08:00 |
| 174.127.16.113 | attackbotsspam | Sep 8 16:45:20 hiderm sshd\[27672\]: Invalid user server1 from 174.127.16.113 Sep 8 16:45:20 hiderm sshd\[27672\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174-127-16-113.static-ip.telepacific.net Sep 8 16:45:22 hiderm sshd\[27672\]: Failed password for invalid user server1 from 174.127.16.113 port 45050 ssh2 Sep 8 16:52:55 hiderm sshd\[28466\]: Invalid user upload from 174.127.16.113 Sep 8 16:52:55 hiderm sshd\[28466\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=174-127-16-113.static-ip.telepacific.net |
2019-09-09 11:05:18 |
| 5.55.90.222 | attack | [Sun Sep 08 16:27:19.065600 2019] [:error] [pid 229221] [client 5.55.90.222:46922] [client 5.55.90.222] ModSecurity: Access denied with code 403 (phase 2). Operator GE matched 5 at TX:anomaly_score. [file "/usr/share/modsecurity-crs/rules/REQUEST-949-BLOCKING-EVALUATION.conf"] [line "91"] [id "949110"] [msg "Inbound Anomaly Score Exceeded (Total Score: 18)"] [severity "CRITICAL"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-generic"] [hostname "127.0.0.1"] [uri "/cgi-bin/ViewLog.asp"] [unique_id "XXVWF8Oko6IxncScSWaZ@gAAAAY"] ... |
2019-09-09 10:42:14 |
| 80.211.35.16 | attackbotsspam | Sep 9 05:35:00 pkdns2 sshd\[13386\]: Address 80.211.35.16 maps to dns1.arubacloud.fr, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 9 05:35:00 pkdns2 sshd\[13386\]: Invalid user bots from 80.211.35.16Sep 9 05:35:02 pkdns2 sshd\[13386\]: Failed password for invalid user bots from 80.211.35.16 port 40492 ssh2Sep 9 05:40:41 pkdns2 sshd\[13682\]: Address 80.211.35.16 maps to dns1.cloud.it, but this does not map back to the address - POSSIBLE BREAK-IN ATTEMPT!Sep 9 05:40:41 pkdns2 sshd\[13682\]: Invalid user ftpuser from 80.211.35.16Sep 9 05:40:43 pkdns2 sshd\[13682\]: Failed password for invalid user ftpuser from 80.211.35.16 port 45908 ssh2 ... |
2019-09-09 10:47:41 |
| 114.32.153.15 | attack | [Aegis] @ 2019-09-08 23:19:24 0100 -> Attempted Administrator Privilege Gain: ET SCAN LibSSH Based Frequent SSH Connections Likely BruteForce Attack |
2019-09-09 11:12:34 |