93.225.196.16 - IPInfo

基本信息:

城市(city): Bad Segeberg

省份(region): Schleswig-Holstein

国家(country): Germany

运营商(isp): Deutsche Telekom AG

主机名(hostname): unknown

机构(organization): Deutsche Telekom AG

使用类型(Usage Type): unknown

用户上报:

点此参与IP信息讨论

类型	评论内容	时间
attack	[Sat Jul 06 01:10:28.268300 2019] [:error] [pid 23183:tid 139845326296832] [client 93.225.196.16:2781] [client 93.225.196.16] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1075"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XR@SlNrevyWqBtxWkW3iFAAAABE"] ...	2019-07-06 03:03:34

类型

评论内容

时间

attack

[Sat Jul 06 01:10:28.268300 2019] [:error] [pid 23183:tid 139845326296832] [client 93.225.196.16:2781] [client 93.225.196.16] ModSecurity: Access denied with code 403 (phase 1). Match of "within %{tx.allowed_http_versions}" against "REQUEST_PROTOCOL" required. [file "/etc/modsecurity/owasp-modsecurity-crs-3.1.1/rules/REQUEST-920-PROTOCOL-ENFORCEMENT.conf"] [line "1075"] [id "920430"] [msg "HTTP protocol version is not allowed by policy"] [data "HTTP/1.0"] [severity "CRITICAL"] [ver "OWASP_CRS/3.1.1"] [tag "application-multi"] [tag "language-multi"] [tag "platform-multi"] [tag "attack-protocol"] [tag "OWASP_CRS/POLICY/PROTOCOL_NOT_ALLOWED"] [tag "WASCTC/WASC-21"] [tag "OWASP_TOP_10/A6"] [tag "PCI/6.5.10"] [hostname "karangploso.jatim.bmkg.go.id"] [uri "/"] [unique_id "XR@SlNrevyWqBtxWkW3iFAAAABE"]
...

2019-07-06 03:03:34

相同子网IP讨论:

暂无关于此IP所属子网相关IP的讨论.

WHOIS信息:

DIG信息:

; <<>> DiG 9.10.3-P4-Ubuntu <<>> 93.225.196.16
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NXDOMAIN, id: 62945
;; flags: qr rd ra ad; QUERY: 1, ANSWER: 0, AUTHORITY: 1, ADDITIONAL: 1

;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 4096
;; QUESTION SECTION:
;93.225.196.16.			IN	A

;; AUTHORITY SECTION:
.			2513	IN	SOA	a.root-servers.net. nstld.verisign-grs.com. 2019070501 1800 900 604800 86400

;; Query time: 0 msec
;; SERVER: 67.207.67.2#53(67.207.67.2)
;; WHEN: Sat Jul 06 03:03:27 CST 2019
;; MSG SIZE  rcvd: 117

HOST信息:

16.196.225.93.in-addr.arpa domain name pointer p5DE1C410.dip0.t-ipconnect.de.

NSLOOKUP信息:

Server:		183.60.83.19
Address:	183.60.83.19#53

Non-authoritative answer:
*** Can't find 16.196.225.93.in-addr.arpa.: No answer

Authoritative answers can be found from:

最新评论:

IP	类型	评论内容	时间
178.16.175.146	attackbotsspam	$f2bV_matches	2020-01-10 07:15:34
118.112.185.253	attack	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-10 07:46:36
5.9.115.30	attackbots	Unauthorized connection attempt detected from IP address 5.9.115.30 to port 3389 [T]	2020-01-10 07:31:27
104.206.128.54	attackbots	Unauthorized connection attempt detected from IP address 104.206.128.54 to port 8444	2020-01-10 07:36:32
106.54.189.93	attackspam	ssh intrusion attempt	2020-01-10 07:23:56
202.137.10.186	attack	$f2bV_matches	2020-01-10 07:19:07
49.88.112.113	attack	Jan 9 18:16:04 plusreed sshd[23592]: pam_unix(sshd:auth): authentication failure; logname= uid=0 euid=0 tty=ssh ruser= rhost=49.88.112.113 user=root Jan 9 18:16:06 plusreed sshd[23592]: Failed password for root from 49.88.112.113 port 18855 ssh2 ...	2020-01-10 07:18:12
201.90.54.240	attackbotsspam	Honeypot attack, port: 445, PTR: PTR record not found	2020-01-10 07:28:46
51.75.200.210	attackbotsspam	xmlrpc attack	2020-01-10 07:27:35
35.225.211.131	attackspambots	35.225.211.131 - - [09/Jan/2020:22:24:06 +0100] "POST /wp-login.php HTTP/1.1" 200 3121 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" 35.225.211.131 - - [09/Jan/2020:22:24:07 +0100] "POST /wp-login.php HTTP/1.1" 200 3123 "-" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:62.0) Gecko/20100101 Firefox/62.0" ...	2020-01-10 07:33:59
189.180.171.6	attackspam	Honeypot attack, port: 5555, PTR: dsl-189-180-171-6-dyn.prod-infinitum.com.mx.	2020-01-10 07:51:32
186.92.63.83	attackbotsspam	Honeypot attack, port: 445, PTR: 186-92-63-83.genericrev.cantv.net.	2020-01-10 07:44:15
12.186.82.166	attack	port pkt tpc 8291	2020-01-10 07:22:41
18.222.232.15	attackbots	Automatic report - SSH Brute-Force Attack	2020-01-10 07:41:22
182.209.86.10	attack	Jan 10 00:04:42 nextcloud sshd\[32538\]: Invalid user admin from 182.209.86.10 Jan 10 00:04:42 nextcloud sshd\[32538\]: pam_unix$sshd:auth$: authentication failure\; logname= uid=0 euid=0 tty=ssh ruser= rhost=182.209.86.10 Jan 10 00:04:45 nextcloud sshd\[32538\]: Failed password for invalid user admin from 182.209.86.10 port 37699 ssh2 ...	2020-01-10 07:25:24

最近上报的IP列表

36.136.191.64	67.235.153.41	167.191.162.79	220.219.179.226
88.190.227.45	190.81.31.97	115.230.32.210	211.7.175.134
123.55.68.209	114.225.220.18	76.150.220.105	116.203.46.252
78.198.135.173	62.131.228.23	131.107.61.159	63.167.136.48
37.111.226.153	74.187.133.162	69.35.40.37	107.147.169.124