hi, i also got today after i check on my access_log:
71.6.165.200 - - [05/Jun/2016:14:02:16 -0400] "" 400 0 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:17 -0400] "" 400 0 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:17 -0400] "" 400 0 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:17 -0400] "" 400 0 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:18 -0400] "GET /robots.txt HTTP/1.1" 200 5771 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:18 -0400] "GET /sitemap.xml HTTP/1.1" 200 54227 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:21 -0400] "quit" 400 166 "-" "-" 71.6.165.200 - - [05/Jun/2016:14:02:22 -0400] "" 400 0 "-" "-" i have check this IP, its based on shodan, where shodan is? IP: 71.6.165.200 Decimal: 1191617992 Hostname: census12.shodan.io ASN: 10439 ISP: CariNet Organization: CariNet Services: None detected how i protect my site: https://www.whydocs.net/ form this IP |
Anonymous |
Quote |
Jun 5th 2016 4 years ago |
I also can confirm the bs of this Shodan reply. I have built Unix servers since 1997. These people claim they are just randomly scanning. No. Every single time I bring a server online and open up services, they get hit. SSL email attempts, FTP attemps the list is endless. Sometimes from Universities like in MN. Lately it's been from Carinet. I have blocked over 15 subnets and found a new one in a log this morning. If you dig around, you can find more interesting information on Carinet itself. Just my 2 cents - and I did not check the date of this comment - so who knows - could be years late :)
|
Anonymous |
Quote |
Oct 18th 2016 4 years ago |
Sign Up for Free or Log In to start participating in the conversation!