城市(city): unknown
省份(region): unknown
国家(country): Viet Nam
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 14.232.41.146 | attackbots | "XSS Attack Detected via libinjection - Matched Data: XSS data found within ARGS_NAMES: |
2020-07-21 04:16:34 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 14.232.41.75
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 12134
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;14.232.41.75. IN A
;; AUTHORITY SECTION:
. 582 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022030803 1800 900 604800 86400
;; Query time: 63 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Wed Mar 09 08:55:54 CST 2022
;; MSG SIZE rcvd: 10575.41.232.14.in-addr.arpa domain name pointer static.vnpt.vn.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
75.41.232.14.in-addr.arpa name = static.vnpt.vn.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 182.189.89.96 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-16 20:01:02 |
| 200.60.60.84 | attack | Automatic report - Port Scan |
2020-03-16 20:02:32 |
| 95.57.215.9 | attack | Honeypot attack, port: 445, PTR: PTR record not found |
2020-03-16 20:19:25 |
| 80.20.125.243 | attack | $f2bV_matches |
2020-03-16 20:00:16 |
| 173.252.95.41 | attack | [Mon Mar 16 12:10:52.357190 2020] [:error] [pid 24460:tid 140077925463808] [client 173.252.95.41:38262] [client 173.252.95.41] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Potensi_Banjir/Provinsi_Jawa_Timur/2020/03_Maret_2020/Das-I/01-Prakiraan_Dasarian_Daerah_Potensi_Banjir_di_Provinsi_Jawa_Timur_DASARIAN-II-Bulan-MARET-Tahun-2020_update_10_Maret_2020.webp"] [unique_id "Xm8KXEmSGE@N2IIak8L-nwAAAAE"] ... |
2020-03-16 19:49:51 |
| 14.161.2.93 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 16-03-2020 05:10:10. |
2020-03-16 20:32:31 |
| 37.59.55.14 | attackbots | 5x Failed Password |
2020-03-16 19:56:10 |
| 103.125.189.155 | attack | $f2bV_matches |
2020-03-16 20:06:41 |
| 27.74.192.168 | attack | Automatic report - Port Scan Attack |
2020-03-16 20:13:49 |
| 202.51.117.211 | attackbots | Honeypot attack, port: 445, PTR: ns1.transjakarta.id. |
2020-03-16 20:05:07 |
| 173.252.95.5 | attack | [Mon Mar 16 12:10:52.357831 2020] [:error] [pid 24581:tid 140077925463808] [client 173.252.95.5:50996] [client 173.252.95.5] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/images/Klimatologi/Prakiraan/02-Prakiraan-Dasarian/Potensi_Banjir/Provinsi_Jawa_Timur/2020/03_Maret_2020/Das-I/01-Prakiraan_Dasarian_Daerah_Potensi_Banjir_di_Provinsi_Jawa_Timur_DASARIAN-II-Bulan-MARET-Tahun-2020_update_10_Maret_2020.webp"] [unique_id "Xm8KXLImVGRyvw8688ve5wAAAAE"] ... |
2020-03-16 19:52:20 |
| 92.63.97.3 | attack | Attempted connection to port 12850. |
2020-03-16 20:24:18 |
| 185.200.118.56 | attackspambots | Mar 16 06:41:08 debian-2gb-nbg1-2 kernel: \[6596389.982026\] \[UFW BLOCK\] IN=eth0 OUT= MAC=96:00:00:0e:18:f4:d2:74:7f:6e:37:e3:08:00 SRC=185.200.118.56 DST=195.201.40.59 LEN=40 TOS=0x00 PREC=0x00 TTL=244 ID=54321 PROTO=TCP SPT=48464 DPT=3128 WINDOW=65535 RES=0x00 SYN URGP=0 |
2020-03-16 20:29:44 |
| 91.186.114.122 | attackbots | Attempt to attack host OS, exploiting network vulnerabilities, on 16-03-2020 05:10:11. |
2020-03-16 20:30:36 |
| 222.186.173.142 | attackbots | pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=222.186.173.142 user=root Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 Failed password for root from 222.186.173.142 port 36300 ssh2 |
2020-03-16 20:16:46 |