În timp ce citeam jurnalele noastre, am dat peste mai multe solicitări care par să scaneze pentru vulnerabilități în aplicația noastră web.
2021-09-25T17:32:44.164858+00:00 app[web.1]: 54.39.216.121 - - [25/Sep/2021:17:32:44 +0000] „GET /wp-includes/js/jquery /jquery-migrate.min.js HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, ca Gecko) Chrome/91.0.4472.124 Safari/537.
2021-09-25T17:32:44.385438+00:00 app[web.1]: 54.39.216.121 - - [25/Sep/2021:17:32:44 +0000] „GET /wp-includes/ID3/license .txt HTTP/1.1" 404 136 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, ca Gecko) Chrome/91.0.4472.124 Safari/537.36"
2021-09-25T17:32:44.899962+00:00 heroku[router]: at=info method=GET path="/" fwd="54.39.216.121,172.70.110.92" dyno=web.1 connect=1ms service= 273ms status=200 bytes=179371 protocol=https
2021-09-25T17:32:45.150180+00:00 heroku[router]: at=info method=GET path="/xmlrpc.php" fwd="54.39.216.121,172.70.110.66" dyno=web.1 connect= 0ms serviciu=2ms stare=302 bytes=219 protocol=https
2021-09-25T17:32:45.182297+00:00 aplicație[web.1]: 54.39.216.121 - - [25/Sep/2021:17:32:45 +0000] „GET /about/xmlrpc.php/ 1.1" 404 136 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, ca Gecko) Chrome/91.0.4472.124 Safari/537.36"
Am căutat adresa ip 54.39.216.121, dar nu sunt sigur ce să fac. Adresele URL returnează JSON.
Scriu un e-mail la [email protected]? Si ce scriu?
whois 54.39.216.121
NetRange: 54.39.0.0 - 54.39.255.255
CIDR: 54.39.0.0/16
NetName: HO-2
NetHandle: NET-54-39-0-0-1
Părinte: NET54 (NET-54-0-0-0-0)
NetType: Alocare directă
OrigineAS:
Organizație: OVH Hosting, Inc. (HO-2)
RegDate: 2017-10-16
Actualizat: 2017-10-16
Ref: https://rdap.arin.net/registry/ip/54.39.0.0
Nume organizație: OVH Hosting, Inc.
OrgId: HO-2
Adresa: 800-1801 McGill College
Oraș: Montreal
StateProv: QC
Cod poștal: H3A 2N4
Tara: CA
RegDate: 22-06-2011
Actualizat: 28-01-2017
Ref: https://rdap.arin.net/registry/entity/HO-2
OrgAbuseHandle: ABUSE3956-ARIN
OrgAbuseName: Abuz
OrgAbusePhone: +1-855-684-5463
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3956-ARIN
OrgTechHandle: NOC11876-ARIN
OrgTechName: NOC
OrgTechPhone: +1-855-684-5463
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/NOC11876-ARIN
NetRange: 54.39.216.112 - 54.39.216.127
CIDR: 54.39.216.112/28
NetName: OVH-CUST-13387652
NetHandle: NET-54-39-216-112-1
Părinte: HO-2 (NET-54-39-0-0-1)
NetType: reatribuit
OrigineAS: AS16276
Client: StarkVPS (C07465115)
RegDate: 2019-12-01
Actualizat: 2019-12-01
Ref: https://rdap.arin.net/registry/ip/54.39.216.112
CustName: StarkVPS
Adresa: Kiefernkamp 1
Oraș: Norderstedt
StateProv:
Cod poștal: 22844
Tara: DE
RegDate: 2019-12-01
Actualizat: 2019-12-01
Ref: https://rdap.arin.net/registry/entity/C07465115
OrgAbuseHandle: ABUSE3956-ARIN
OrgAbuseName: Abuz
OrgAbusePhone: +1-855-684-5463
OrgAbuseEmail: [email protected]
OrgAbuseRef: https://rdap.arin.net/registry/entity/ABUSE3956-ARIN
OrgTechHandle: NOC11876-ARIN
OrgTechName: NOC
OrgTechPhone: +1-855-684-5463
OrgTechEmail: [email protected]
OrgTechRef: https://rdap.arin.net/registry/entity/NOC11876-ARIN
