城市(city): unknown
省份(region): unknown
国家(country): United States
运营商(isp): unknown
主机名(hostname): unknown
机构(organization): unknown
使用类型(Usage Type): unknown
| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 173.252.95.36 | attack | [Sun Sep 06 23:53:43.920622 2020] [:error] [pid 31433:tid 140397593237248] [client 173.252.95.36:54642] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v62.js"] [unique_id "X1UUF3Jrmc0na8dwfwZeEAAAZgo"] ... |
2020-09-07 21:40:00 |
| 173.252.95.35 | attack | Port Scan: TCP/80 |
2020-09-07 21:32:14 |
| 173.252.95.36 | attackbots | [Sun Sep 06 23:53:43.920622 2020] [:error] [pid 31433:tid 140397593237248] [client 173.252.95.36:54642] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v62.js"] [unique_id "X1UUF3Jrmc0na8dwfwZeEAAAZgo"] ... |
2020-09-07 13:25:14 |
| 173.252.95.35 | attack | Port Scan: TCP/80 |
2020-09-07 13:17:20 |
| 173.252.95.36 | attack | [Sun Sep 06 23:53:43.920622 2020] [:error] [pid 31433:tid 140397593237248] [client 173.252.95.36:54642] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/total-v62.js"] [unique_id "X1UUF3Jrmc0na8dwfwZeEAAAZgo"] ... |
2020-09-07 05:59:58 |
| 173.252.95.35 | attack | [Sun Sep 06 23:53:54.625273 2020] [:error] [pid 31435:tid 140397542881024] [client 173.252.95.35:42156] [client 173.252.95.35] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/depan/service-worker-v4.js"] [unique_id "X1UUIqKFltyTD6lc4lcewAAAOwQ"], referer: https://karangploso.jatim.bmkg.go.id/depan/service-worker-v4.js ... |
2020-09-07 05:53:17 |
| 173.252.95.35 | attackspambots | [Sat Aug 15 19:25:50.690691 2020] [:error] [pid 3316:tid 140592583423744] [client 173.252.95.35:45702] [client 173.252.95.35] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/index.php/prakiraan-iklim/prakiraan-bulanan/prakiraan-daerah-potensi-banjir-di-provinsi-jawa-timur/555558208-prakiraan-bulanan-daerah-potensi-banjir-di-provinsi-jawa-timur-untuk-bulan-september-tahun-2020-update-10-agustus-2020"] [unique_id "XzfUTua0Xgxjnrgkau-8LgACeAM"] ... |
2020-08-15 20:38:36 |
| 173.252.95.112 | attackbotsspam | [Sat Aug 15 19:25:56.354856 2020] [:error] [pid 1165:tid 140592558245632] [client 173.252.95.112:49236] [client 173.252.95.112] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/image-loader-worker-v3.js"] [unique_id "XzfUVOniW-eKEEIJLUNKMQABwwA"] ... |
2020-08-15 20:32:24 |
| 173.252.95.21 | attackspam | [Sat Aug 15 19:25:57.336250 2020] [:error] [pid 1165:tid 140592558245632] [client 173.252.95.21:64936] [client 173.252.95.21] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v116.css"] [unique_id "XzfUVeniW-eKEEIJLUNKMwABxAA"] ... |
2020-08-15 20:31:58 |
| 173.252.95.117 | attackbots | [Thu Aug 13 04:03:06.401428 2020] [:error] [pid 3529:tid 140197992204032] [client 173.252.95.117:50316] [client 173.252.95.117] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/OneSignalSDKWorker-v3.js"] [unique_id "XzRZCoqBmYA0JFMXc6nlYgACSgM"], referer: https://karangploso.jatim.bmkg.go.id/OneSignalSDKWorker-v3.js ... |
2020-08-13 06:03:44 |
| 173.252.95.36 | attackbots | [Wed Jul 15 01:28:22.702077 2020] [:error] [pid 13074:tid 140254315534080] [client 173.252.95.36:64308] [client 173.252.95.36] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/script-v49.js"] [unique_id "Xw35Rp6BljNWiMsO2yWGSwABwwM"] ... |
2020-07-15 02:54:47 |
| 173.252.95.11 | attackbotsspam | [Tue May 12 10:50:34.541334 2020] [:error] [pid 5113:tid 140143871072000] [client 173.252.95.11:35676] [client 173.252.95.11] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/TableFilter/system-v116.css"] [unique_id "XrodCpwLuor3aXL5YyIHIAACHAA"] ... |
2020-05-12 16:18:21 |
| 173.252.95.17 | attackbots | [Tue May 12 10:50:34.938882 2020] [:error] [pid 4767:tid 140143879464704] [client 173.252.95.17:33180] [client 173.252.95.17] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/timeout-worker-v1.js"] [unique_id "XrodCu0L6urHhe@iJKLGrQAB8QE"] ... |
2020-05-12 16:16:46 |
| 173.252.95.23 | attackbots | [Tue May 12 10:50:36.509570 2020] [:error] [pid 4667:tid 140143871072000] [client 173.252.95.23:60624] [client 173.252.95.23] ModSecurity: Access denied with code 403 (phase 2). Match of "eq 0" against "&REQUEST_HEADERS:Transfer-Encoding" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.2.0/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "202"] [id "920171"] [msg "GET or HEAD Request with Transfer-Encoding."] [data "1"] [severity "CRITICAL"] [ver "OWASP_CRS/3.2.0"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS"] [tag "OWASP_CRS/PROTOCOL_VIOLATION/INVALID_HREQ"] [tag "CAPEC-272"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/disquss-v2.js"] [unique_id "XrodDHfX6Pwr632XfqBBPgAAtgA"] ... |
2020-05-12 16:15:02 |
| 173.252.95.16 | attackspambots | (mod_security) mod_security (id:20000006) triggered by 173.252.95.16 (US/United States/fwdproxy-atn-016.fbsv.net): 5 in the last 300 secs |
2020-05-09 13:37:25 |
b; <<>> DiG 9.10.3-P4-Ubuntu <<>> 173.252.95.4
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 1298
;; flags: qr rd ra; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 0
;; QUESTION SECTION:
;173.252.95.4. IN A
;; AUTHORITY SECTION:
. 185 IN SOA a.root-servers.net. nstld.verisign-grs.com. 2022020702 1800 900 604800 86400
;; Query time: 22 msec
;; SERVER: 183.60.83.19#53(183.60.83.19)
;; WHEN: Tue Feb 08 10:21:34 CST 2022
;; MSG SIZE rcvd: 1054.95.252.173.in-addr.arpa domain name pointer fwdproxy-atn-004.fbsv.net.Server: 183.60.83.19
Address: 183.60.83.19#53
Non-authoritative answer:
4.95.252.173.in-addr.arpa name = fwdproxy-atn-004.fbsv.net.
Authoritative answers can be found from:| IP | 类型 | 评论内容 | 时间 |
|---|---|---|---|
| 107.173.51.220 | attackbots | (From celiatownsend811@gmail.com) Hi! First impressions are important to engage potential clients. Your website is the first thing people see when they'd like to know about your business as they're browsing online. Therefore, the look and feel of your website can undoubtedly affect your business. Have you ever considered upgrading or redesign the user-interface of your site and make it more aesthetically pleasing and functional? I'm a freelancer who renovates and makes amazing websites that would ideally address your business needs. I also guarantee that for a cheap cost, I will be able to upgrade your current website or build you a brand-new one. If you'd like to know more about what design and features best suit your site, I would love to speak with you. If you want to learn more, I can give you a free consultation over the phone at a time you'd prefer. Just kindly let me know when. Talk soon! - Celia Townsend |
2019-10-26 13:48:27 |
| 51.68.123.192 | attack | $f2bV_matches |
2019-10-26 13:08:45 |
| 139.162.86.84 | attackspam | 8001/tcp 8001/tcp 8001/tcp... [2019-08-25/10-26]77pkt,1pt.(tcp) |
2019-10-26 13:51:05 |
| 117.48.208.71 | attackspambots | 2019-10-26T04:42:50.441670abusebot-5.cloudsearch.cf sshd\[12883\]: Invalid user user from 117.48.208.71 port 47160 2019-10-26T04:42:50.447290abusebot-5.cloudsearch.cf sshd\[12883\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=117.48.208.71 |
2019-10-26 13:09:16 |
| 112.175.124.154 | attackbots | slow and persistent scanner |
2019-10-26 13:00:02 |
| 45.55.158.8 | attack | Oct 25 19:03:10 kapalua sshd\[23295\]: Invalid user 1234 from 45.55.158.8 Oct 25 19:03:10 kapalua sshd\[23295\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 Oct 25 19:03:11 kapalua sshd\[23295\]: Failed password for invalid user 1234 from 45.55.158.8 port 56824 ssh2 Oct 25 19:10:16 kapalua sshd\[24071\]: Invalid user ghghjklg from 45.55.158.8 Oct 25 19:10:16 kapalua sshd\[24071\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=45.55.158.8 |
2019-10-26 13:23:21 |
| 23.92.225.228 | attack | Invalid user reza from 23.92.225.228 port 39537 |
2019-10-26 13:50:35 |
| 77.247.110.216 | attackspam | 10/26/2019-05:52:43.376978 77.247.110.216 Protocol: 17 ET CINS Active Threat Intelligence Poor Reputation IP group 75 |
2019-10-26 13:19:29 |
| 68.183.178.162 | attack | Oct 25 23:51:45 Tower sshd[32901]: Connection from 68.183.178.162 port 37140 on 192.168.10.220 port 22 Oct 25 23:51:46 Tower sshd[32901]: Failed password for root from 68.183.178.162 port 37140 ssh2 Oct 25 23:51:47 Tower sshd[32901]: Received disconnect from 68.183.178.162 port 37140:11: Bye Bye [preauth] Oct 25 23:51:47 Tower sshd[32901]: Disconnected from authenticating user root 68.183.178.162 port 37140 [preauth] |
2019-10-26 13:47:08 |
| 219.143.174.207 | attackbotsspam | 219.143.174.207 - - \[26/Oct/2019:05:52:43 +0200\] "GET http://www.wujieliulan.com/ HTTP/1.1" 200 381 "-" "Mozilla/5.0 \(Windows NT 10.0\; WOW64\) AppleWebKit/537.36 \(KHTML, like Gecko\) Chrome/45.0.2454.101 Safari/537.36" |
2019-10-26 13:16:51 |
| 165.227.13.226 | attackbots | Hit on /wp-login.php |
2019-10-26 13:29:38 |
| 97.74.237.196 | attackbotsspam | Oct 26 05:52:55 serwer sshd\[2596\]: pam_unix\(sshd:auth\): authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=97.74.237.196 user=root Oct 26 05:52:58 serwer sshd\[2596\]: Failed password for root from 97.74.237.196 port 40651 ssh2 Oct 26 05:53:01 serwer sshd\[2596\]: Failed password for root from 97.74.237.196 port 40651 ssh2 ... |
2019-10-26 13:07:28 |
| 128.199.157.28 | attackbots | Oct 26 06:59:30 SilenceServices sshd[17158]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.157.28 Oct 26 06:59:32 SilenceServices sshd[17158]: Failed password for invalid user user from 128.199.157.28 port 48282 ssh2 Oct 26 07:00:37 SilenceServices sshd[17853]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=128.199.157.28 |
2019-10-26 13:13:50 |
| 91.214.220.148 | attackbotsspam | Chat Spam |
2019-10-26 13:24:48 |
| 125.213.224.250 | attackspam | SMB Server BruteForce Attack |
2019-10-26 13:14:20 |