City: unknown
Region: unknown
Country: Viet Nam
Internet Service Provider: unknown
Hostname: unknown
Organization: unknown
Usage Type: unknown
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.237.102.129
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 63991
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;14.237.102.129. IN A
;; AUTHORITY SECTION:
. 191 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022021200 1800 900 604800 86400
;; Query time: 52 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Sat Feb 12 16:29:51 CST 2022
;; MSG SIZE rcvd: 107129.102.237.14.in-addr.arpa domain name pointer static.vnpt.vn.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
129.102.237.14.in-addr.arpa name = static.vnpt.vn.
Authoritative answers can be found from:| IP | Type | Details | Datetime |
|---|---|---|---|
| 178.154.200.34 | attackbots | [Thu Apr 09 20:03:06.739210 2020] [:error] [pid 21760:tid 140306501166848] [client 178.154.200.34:44962] [client 178.154.200.34] ModSecurity: Access denied with code 403 (phase 2). Pattern match "^[\\\\d.:]+$" at REQUEST_HEADERS:Host. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "696"] [id "920350"] [msg "Host header is a numeric IP address"] [data "103.27.207.197"] [severity "WARNING"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/IP_HOST"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A7"] [tag "PCI/6.5.10"] [hostname "103.27.207.197"] [uri "/"] [unique_id "Xo8dCkCN8tZJGf@uvAOw-AAAA1g"] ... |
2020-04-09 22:26:18 |
| 84.1.30.70 | attackbotsspam | web-1 [ssh] SSH Attack |
2020-04-09 21:28:55 |
| 119.96.175.244 | attackbotsspam | $f2bV_matches |
2020-04-09 22:23:19 |
| 213.42.147.134 | attackbots | SMB Server BruteForce Attack |
2020-04-09 22:25:16 |
| 101.231.154.154 | attack | SSH Bruteforce attack |
2020-04-09 21:46:28 |
| 187.162.250.205 | attackspam | Automatic report - Port Scan Attack |
2020-04-09 21:28:39 |
| 80.82.78.100 | attackbotsspam | 80.82.78.100 was recorded 20 times by 12 hosts attempting to connect to the following ports: 50323,3,49161. Incident counter (4h, 24h, all-time): 20, 124, 23940 |
2020-04-09 21:30:48 |
| 67.220.126.196 | attackbots | Apr 9 15:16:33 OPSO sshd\[14092\]: Invalid user nagios from 67.220.126.196 port 34085 Apr 9 15:16:33 OPSO sshd\[14092\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.220.126.196 Apr 9 15:16:35 OPSO sshd\[14092\]: Failed password for invalid user nagios from 67.220.126.196 port 34085 ssh2 Apr 9 15:20:51 OPSO sshd\[15280\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=67.220.126.196 user=admin Apr 9 15:20:53 OPSO sshd\[15280\]: Failed password for admin from 67.220.126.196 port 24829 ssh2 |
2020-04-09 21:25:59 |
| 106.12.207.236 | attack | Apr 9 14:55:01 server sshd[26266]: Failed password for invalid user stack from 106.12.207.236 port 59596 ssh2 Apr 9 14:59:17 server sshd[18121]: Failed password for invalid user test1 from 106.12.207.236 port 57902 ssh2 Apr 9 15:03:22 server sshd[8900]: Failed password for invalid user kibana from 106.12.207.236 port 56206 ssh2 |
2020-04-09 22:10:19 |
| 104.243.22.179 | attackspam | Apr 9 14:58:49 DAAP sshd[6829]: Invalid user student01 from 104.243.22.179 port 47102 Apr 9 14:58:49 DAAP sshd[6829]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=104.243.22.179 Apr 9 14:58:49 DAAP sshd[6829]: Invalid user student01 from 104.243.22.179 port 47102 Apr 9 14:58:52 DAAP sshd[6829]: Failed password for invalid user student01 from 104.243.22.179 port 47102 ssh2 Apr 9 15:05:39 DAAP sshd[6955]: Invalid user postgres from 104.243.22.179 port 48736 ... |
2020-04-09 21:33:28 |
| 162.243.233.102 | attackspambots | Apr 9 15:31:50 OPSO sshd\[17714\]: Invalid user git from 162.243.233.102 port 47161 Apr 9 15:31:50 OPSO sshd\[17714\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.233.102 Apr 9 15:31:52 OPSO sshd\[17714\]: Failed password for invalid user git from 162.243.233.102 port 47161 ssh2 Apr 9 15:36:06 OPSO sshd\[18463\]: Invalid user teste from 162.243.233.102 port 52092 Apr 9 15:36:06 OPSO sshd\[18463\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=162.243.233.102 |
2020-04-09 22:08:13 |
| 180.153.28.115 | attack | SSH authentication failure x 6 reported by Fail2Ban ... |
2020-04-09 21:41:08 |
| 159.89.114.40 | attackspambots | Apr 9 14:59:51 v22018086721571380 sshd[23482]: Failed password for invalid user product from 159.89.114.40 port 42354 ssh2 |
2020-04-09 21:30:25 |
| 86.245.25.253 | attackbotsspam | Apr 9 15:04:00 vps339862 kernel: \[5656355.930484\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=66 TOS=0x00 PREC=0x00 TTL=51 ID=16134 DF PROTO=UDP SPT=5874 DPT=53 LEN=46 Apr 9 15:04:00 vps339862 kernel: \[5656356.060190\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=71 TOS=0x00 PREC=0x00 TTL=51 ID=16398 DF PROTO=UDP SPT=33763 DPT=53 LEN=51 Apr 9 15:04:02 vps339862 kernel: \[5656358.009954\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=66 TOS=0x00 PREC=0x00 TTL=51 ID=18997 DF PROTO=UDP SPT=2340 DPT=53 LEN=46 Apr 9 15:04:04 vps339862 kernel: \[5656360.249951\] \[iptables\] PORT DENIED: IN=eth0 OUT= MAC=fa:16:3e:65:a1:f6:06:39:8f:aa:3b:a2:08:00 SRC=86.245.25.253 DST=51.254.206.43 LEN=64 TOS=0x00 PREC=0x00 TTL=51 ID=13026 DF PROTO=UDP SPT=57440 D ... |
2020-04-09 21:17:35 |
| 202.168.205.181 | attackspambots | Unauthorised connection attempt detected at AUO MAIN. System is sshd. Protected by AUO Stack Web Application Firewall (WAF) |
2020-04-09 21:45:00 |