城市(city): unknown
省份(region): unknown
国家(country): Indonesia
运营商(isp): PT Indosat
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): Mobile ISP
| 类型 | 评论内容 | 时间 |
|---|---|---|
| attack | Unauthorized connection attempt from IP address 114.5.221.85 on Port 445(SMB) |
2019-07-28 19:56:36 |
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 114.5.221.142 | attackbots | [Wed Oct 30 10:48:27.264476 2019] [:error] [pid 7559:tid 140145034290944] [client 114.5.221.142:6521] [client 114.5.221.142] ModSecurity: Access denied with code 403 (phase 4). Pattern match "^5\\\\d{2}$" at RESPONSE_STATUS. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/RESPONSE-950-DATA-LEAKAGES.conf"] [line "118"] [id "950100"] [msg "The Application Returned a 500-Level Status Code"] [data "Matched Data: 503 found within RESPONSE_STATUS: 503"] [severity "ERROR"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-disclosure"] [tag "WASCTC/WASC-13"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.6"] [tag "paranoia-level/2"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/profil/peta-instrumentasi"] [unique_id "XbkIC48ZrE8Gf@6lZT6dTQAAAAE"], referer: https://karangploso.jatim.bmkg.go.id/
... |
2019-10-30 18:28:28 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 114.5.221.85
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 54325
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;114.5.221.85. IN A
;; AUTHORITY SECTION:
. 3600 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2019072800 1800 900 604800 86400
;; Query time: 2 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sun Jul 28 19:56:17 CST 2019
;; MSG SIZE rcvd: 11685.221.5.114.in-addr.arpa domain name pointer 114-5-221-85.resources.indosat.com.Server: 67.207.67.2
Address: 67.207.67.2#53
Non-authoritative answer:
85.221.5.114.in-addr.arpa name = 114-5-221-85.resources.indosat.com.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 181.65.149.69 | botsattack | Scan port |
2023-09-13 12:38:22 |
| 5.34.180.208 | attack | Tries to get unauthorized network access |
2023-09-05 19:14:47 |
| 107.170.51.199 | attack | Scan port |
2023-09-15 20:17:19 |
| 163.171.180.242 | attack | Scan port |
2023-09-13 21:31:11 |
| 212.64.217.227 | attack | NTP DDoS |
2023-09-19 12:33:23 |
| 217.66.156.224 | attack | 2023-09-12 14:15:49 | |
| 198.199.113.105 | attack | Scam ports possibly some US government agency, cia, or fbi |
2023-09-18 06:46:39 |
| 185.224.128.193 | attack | Scan port |
2023-09-11 12:27:39 |
| 45.143.200.54 | botsattack | Scan port |
2023-09-07 12:36:46 |
| 62.217.160.2 | botsattack | Scan port |
2023-09-20 21:22:05 |
| 35.201.77.50 | attack | Scan port |
2023-09-08 12:36:01 |
| 217.20.147.7 | attack | Scan port |
2023-09-11 12:31:37 |
| 197.211.53.124 | proxynormal | Want to check device details |
2023-09-13 10:44:55 |
| 2001:DB8:0:0:8:800:200C:417A | proxy | 2001:DB8:0:0:8:800:200C:417A |
2023-09-07 18:13:47 |
| 178.212.97.71 | spam | In addition, I was secretly monitoring all your activities and watching you for several months. The thing is your computer was infected with harmful spyware due to the fact that you had visited a website with porn content previously. ╰-⋃-╯ |
2023-09-07 03:54:21 |