🎯 Exemplos recomendados

Balanced sample collections from various categories for you to explore

← Voltar às ferramentas ← Voltar aos exemplos

Amostras de Logs do Servidor

Arquivos de log do servidor com endereços IP para testar extração

📝 Logs de Acesso Apache

🟢 simple

Formato de log de acesso do servidor web Apache padrão com endereços IPv4

# Apache Access Logs Sample
# Copy any section below to test the IP Address Extractor

# Standard Apache Combined Log Format
192.168.1.100 - - [10/Oct/2024:13:55:36 +0000] "GET /api/users HTTP/1.1" 200 2326 "-" "Mozilla/5.0"
10.0.0.45 - - [10/Oct/2024:13:55:37 +0000] "POST /login HTTP/1.1" 200 1234 "https://example.com/login" "Mozilla/5.0"
172.16.0.23 - admin [10/Oct/2024:13:55:38 +0000] "GET /admin/dashboard HTTP/1.1" 200 5678 "-" "Chrome/120.0.0.0"
203.0.113.42 - - [10/Oct/2024:13:55:39 +0000] "GET /images/logo.png HTTP/1.1" 200 15342 "https://example.com/" "Safari/537.36"
198.51.100.99 - - [10/Oct/2024:13:55:40 +0000] "POST /api/data HTTP/1.1" 400 56 "-" "curl/7.68.0"

# Bot traffic
66.249.66.1 - - [10/Oct/2024:13:55:41 +0000] "GET /robots.txt HTTP/1.1" 200 78 "-" "Googlebot/2.1"
93.184.216.34 - - [10/Oct/2024:13:55:42 +0000] "GET /sitemap.xml HTTP/1.1" 200 4096 "-" "Bingbot/2.0"

# Error responses
192.0.2.54 - - [10/Oct/2024:13:55:43 +0000] "GET /nonexistent HTTP/1.1" 404 1234 "-" "Mozilla/5.0"
198.18.0.22 - - [10/Oct/2024:13:55:44 +0000] "POST /api/error HTTP/1.1" 500 890 "-" "PostmanRuntime/7.29.2"

# Multiple requests from same IP
192.168.1.100 - - [10/Oct/2024:13:55:45 +0000] "GET /api/products HTTP/1.1" 200 4567 "-" "Mozilla/5.0"
192.168.1.100 - - [10/Oct/2024:13:55:46 +0000] "GET /api/products/123 HTTP/1.1" 200 890 "-" "Mozilla/5.0"
192.168.1.100 - - [10/Oct/2024:13:55:47 +0000] "POST /api/cart HTTP/1.1" 201 234 "-" "Mozilla/5.0"

# IPv6 addresses
2001:0db8:85a3::8a2e:0370:7334 - - [10/Oct/2024:13:55:48 +0000] "GET /api/v2/data HTTP/1.1" 200 1234 "-" "curl/7.68.0"
fe80::1 - - [10/Oct/2024:13:55:49 +0000] "GET /status HTTP/1.1" 200 45 "-" "localhost"
2001:4860:4860::8888 - - [10/Oct/2024:13:55:50 +0000] "GET /dns-query HTTP/1.1" 200 789 "-" "Mozilla/5.0"

# Private IP ranges
10.20.30.40 - - [10/Oct/2024:13:55:51 +0000] "GET /internal HTTP/1.1" 200 123 "-" "Internal-Scanner/1.0"
172.31.255.255 - - [10/Oct/2024:13:55:52 +0000] "GET /health HTTP/1.1" 200 23 "-" "AWS-HealthCheck/1.0"
192.168.255.254 - - [10/Oct/2024:13:55:53 +0000] "GET /metrics HTTP/1.1" 200 567 "-" "Prometheus/2.0"

📝 Logs de Erro Nginx

🟢 simple

Formato de log de erro Nginx com vários endereços IP

# Nginx Error Logs Sample
# Copy any section below to test the IP Address Extractor

# Client connection errors
2024/10/10 13:55:36 [error] 12345#0: *123 client denied by server configuration: client: 192.168.1.50, server: example.com, request: "GET /admin HTTP/1.1"
2024/10/10 13:55:37 [error] 12345#0: *124 access forbidden by rule: client: 10.0.0.100, server: api.example.com
2024/10/10 13:55:38 [error] 12345#0: *125 client 172.16.0.200 closed connection prematurely

# Upstream connection issues
2024/10/10 13:55:39 [error] 12345#0: *126 upstream timed out (110: Connection timed out) while connecting to upstream, client: 203.0.113.45, upstream: "http://10.0.1.50:8080/api"
2024/10/10 13:55:40 [error] 12345#0: *127 connect() failed (113: No route to host) while connecting to upstream, client: 198.51.100.88

# Rate limiting
2024/10/10 13:55:41 [error] 12345#0: *128 limiting requests, excess: 20.102 by zone "addr", client: 192.0.2.77
2024/10/10 13:55:42 [warn] 12345#0: *129 request limit exceeded, client: 198.18.0.55

# SSL/TLS errors
2024/10/10 13:55:43 [error] 12345#0: *130 SSL_do_handshake() failed (SSL: error:14094416:SSL routines:ssl3_read_bytes:sslv3 alert certificate unknown) while SSL handshaking, client: 10.20.30.40
2024/10/10 13:55:44 [error] 12345#0: *131 client 172.31.0.100 reported invalid SSL certificate

# IPv6 client errors
2024/10/10 13:55:45 [error] 12345#0: *132 client 2001:0db8::1 denied by server configuration
2024/10/10 13:55:46 [error] 12345#0: *133 upstream timed out, client: fe80::2a1:cbff:fe80:1d2, upstream: "[2001:db8::2]:8080"
2024/10/10 13:55:47 [error] 12345#0: *134 connection refused from client: 2001:4860::1

# Spam/bot blocking
2024/10/10 13:55:48 [error] 12345#0: *135 blocking client 66.249.66.1 (Googlebot bypassed)
2024/10/10 13:55:49 [error] 12345#0: *136 suspicious activity from 93.184.216.34, blocking

# API errors
2024/10/10 13:55:50 [error] 12345#0: *137 FastCGI sent in stderr: "PHP message: API key invalid for client 192.168.100.50"
2024/10/10 13:55:51 [error] 12345#0: *138 API rate limit exceeded for client 10.255.255.255

📝 Logs de Firewall

🟢 simple

Logs de firewall e segurança com endereços IP

# Firewall Logs Sample
# Copy any section below to test the IP Address Extractor

# Blocked connections
Oct 10 13:55:36 firewall kernel: [UFW BLOCK] IN=eth0 SRC=192.168.1.100 DST=10.0.0.1 PROTO=TCP
Oct 10 13:55:37 firewall kernel: [UFW BLOCK] IN=eth0 SRC=203.0.113.50 DST=172.16.0.1 PROTO=UDP
Oct 10 13:55:38 firewall kernel: [UFW BLOCK] IN=eth0 SRC=198.51.100.75 DST=192.0.2.1 PROTO=TCP DPT=22

# Allowed connections
Oct 10 13:55:39 firewall kernel: [UFW ALLOW] IN=eth0 SRC=10.0.0.50 DST=10.0.0.1 PROTO=TCP
Oct 10 13:55:40 firewall kernel: [UFW ALLOW] IN=eth0 SRC=172.31.0.100 DST=172.31.255.1 PROTO=TCP

# Port scan detection
Oct 10 13:55:41 firewall kernel: Port scan detected from 192.0.2.99 - 50 connection attempts
Oct 10 13:55:42 firewall kernel: Multiple failed login attempts from 198.18.0.55

# DDOS protection
Oct 10 13:55:43 firewall kernel: Rate limit exceeded for 66.249.66.1 (1000 req/min)
Oct 10 13:55:44 firewall kernel: Blocking subnet 203.0.113.0/24 due to suspicious activity

# IPv6 firewall events
Oct 10 13:55:45 firewall kernel: [UFW BLOCK] SRC=2001:0db8::100 DST=2001:0db8::1 PROTO=TCP
Oct 10 13:55:46 firewall kernel: [UFW ALLOW] SRC=fe80::1 DST=fe80::2 PROTO=ICMPv6
Oct 10 13:55:47 firewall kernel: Blocking 2001:4860::/32 - potential botnet

# VPN connections
Oct 10 13:55:48 firewall vpn[1234]: User john connected from 198.51.100.50
Oct 10 13:55:49 firewall vpn[1234]: User jane connected from 192.168.88.99
Oct 10 13:55:50 firewall vpn[1234]: User admin connected from 10.20.30.40

# Intrusion detection
Oct 10 13:55:51 firewall ids: SQL injection attempt from 93.184.216.34
Oct 10 13:55:52 firewall ids: XSS attack detected from 172.16.0.200
Oct 10 13:55:53 firewall ids: Brute force detected from 192.0.2.150 (1000 attempts)

# GeoIP blocks
Oct 10 13:55:54 firewall geoip: Blocked connection from 5.188.62.128 (RU)
Oct 10 13:55:55 firewall geoip: Blocked connection from 45.142.212.70 (DE)
Oct 10 13:55:56 firewall geoip: Blocked connection from 103.230.104.50 (IN)

📝 Logs de Contêiner Docker

🟢 simple

Logs de contêiner Docker com informações de rede

# Docker Container Logs Sample
# Copy any section below to test the IP Address Extractor

# Web server container
docker-app-1 | 2024-10-10 13:55:36 INFO Starting server on 0.0.0.0:8000
docker-app-1 | 2024-10-10 13:55:37 INFO Request from 192.168.1.50: GET /api/health
docker-app-1 | 2024-10-10 13:55:38 INFO Request from 10.0.0.100: GET /api/users
docker-app-1 | 2024-10-10 13:55:39 INFO Request from 172.16.0.200: POST /api/login
docker-app-1 | 2024-10-10 13:55:40 INFO Response 200 to 203.0.113.75

# Database container
docker-db-1 | 2024-10-10 13:55:41 INFO Connection from 192.168.1.100:5432 accepted
docker-db-1 | 2024-10-10 13:55:42 INFO Query from 10.0.0.50 completed in 5ms
docker-db-1 | 2024-10-10 13:55:43 WARNING Slow query from 198.51.100.88 (1500ms)
docker-db-1 | 2024-10-10 13:55:44 INFO Connection from 172.31.0.100 closed

# Redis container
docker-redis-1 | 2024-10-10 13:55:45 INFO Accepted 192.0.2.55:6379
docker-redis-1 | 2024-10-10 13:55:46 INFO Command from 198.18.0.100: GET cache:key
docker-redis-1 | 2024-10-10 13:55:47 INFO Expired 1000 keys requested by 10.255.255.255

# NGINX reverse proxy
docker-nginx-1 | 2024-10-10 13:55:48 INFO Upstream response from 192.168.100.50: 200
docker-nginx-1 | 2024-10-10 13:55:49 INFO Forwarding request from 203.0.113.99 to backend
docker-nginx-1 | 2024-10-10 13:55:50 INFO Client 198.51.100.200 requested /api/v2/data
docker-nginx-1 | 2024-10-10 13:55:51 INFO Rate limiting applied to 66.249.66.1

# Docker network events
docker-network | 2024-10-10 13:55:52 INFO Container app-1 joined network bridge (IP: 172.17.0.5)
docker-network | 2024-10-10 13:55:53 INFO Container db-1 joined network bridge (IP: 172.17.0.6)
docker-network | 2024-10-10 13:55:54 INFO Container redis-1 joined network bridge (IP: 172.17.0.7)

# IPv6 in Docker
docker-app-1 | 2024-10-10 13:55:55 INFO Request from fe80::1: GET /api/status
docker-app-1 | 2024-10-10 13:55:56 INFO Request from 2001:db8::100: POST /api/data
docker-app-1 | 2024-10-10 13:55:57 INFO Response to 2001:4860::1: 200 OK

# Docker health checks
docker-health | 2024-10-10 13:55:58 INFO Checking 127.0.0.1:8080/health
docker-health | 2024-10-10 13:55:59 INFO Checking 192.168.1.1:3306/ping
docker-health | 2024-10-10 13:56:00 INFO All containers healthy

📝 Logs de Infraestrutura em Nuvem

🟢 simple

Logs de nuvem AWS/Azure/GCP com endereços IP

# Cloud Infrastructure Logs Sample
# Copy any section below to test the IP Address Extractor

# AWS CloudFront
2024-10-10T13:55:36 EDGE123 123456789012 2001:0db8:85a3::8a2e GET /video/stream.m3u8 200 123456789 https://example.com/ Mozilla/5.0
2024-10-10T13:55:37 EDGE456 123456789012 203.0.113.50 GET /api/data 200 987654321 https://app.example.com/ curl/7.68.0
2024-10-10T13:55:38 EDGE789 123456789012 198.51.100.75 POST /api/submit 201 456123789 https://example.com/form Mozilla/5.0

# AWS ELB Access Logs
2024-10-10T13:55:39 ELB-APP 10.0.1.100:80 192.168.1.50:54321 0.000025 200 200 0 1234 "GET /api HTTP/1.1"
2024-10-10T13:55:40 ELB-APP 10.0.1.100:80 172.16.0.200:54322 0.000030 200 200 0 5678 "POST /login HTTP/1.1"
2024-10-10T13:55:41 ELB-APP 10.0.1.100:80 198.18.0.55:54323 0.000028 503 503 0 890 "GET /api HTTP/1.1"

# AWS VPC Flow Logs
2 123456789012 eni-12345678 10.0.0.100 192.168.1.50 443 54321 6 1234 1623456732 ACCEPT OK
2 123456789012 eni-12345678 172.16.0.200 10.0.0.100 80 54322 6 5678 1623456733 ACCEPT OK
2 123456789012 eni-12345678 198.51.100.75 10.0.0.100 22 54323 6 890 1623456734 REJECT OK

# Azure Application Gateway
2024-10-10T13:55:42 WSG_v1 APP_GW 10.1.0.100 203.0.113.99 - 80 - GET /api/v2/data HTTP/1.1 200 0 1234 5678 Mozilla/5.0
2024-10-10T13:55:43 WSG_v1 APP_GW 10.1.0.100 198.51.100.200 - 443 - POST /api/submit HTTP/1.1 201 0 5678 8901 curl/7.68.0
2024-10-10T13:55:44 WSG_v1 APP_GW 10.1.0.100 66.249.66.1 - 80 - GET /robots.txt HTTP/1.1 200 0 78 901 Googlebot/2.1

# GCP Cloud Load Balancing
2024-10-10T13:55:45 10.150.0.1 2001:0db8::100 - - 443 GET /api/resource HTTP/2 200 0 0.001 1234 "Mozilla/5.0"
2024-10-10T13:55:46 10.150.0.1 192.0.2.55 - - 443 POST /api/upload HTTP/2 201 0 0.002 5678 "curl/7.68.0"
2024-10-10T13:55:47 10.150.0.1 fe80::2a1:cbff:fe80:1d2 - - 80 GET /health HTTP/1.1 200 0 0.000 45 "kube-probe/1.0"

# CloudWatch Logs
2024/10/10 13:55:48 [INFO] Lambda function invoked from IP: 192.168.1.100
2024/10/10 13:55:49 [INFO] S3 event from 10.0.0.50 - PutObject bucket:data/file.txt
2024/10/10 13:55:50 [ERROR] Connection timeout to 172.31.0.100:5432
2024/10/10 13:55:51 [WARN] Unusual traffic from 198.18.0.200 - 1000 requests/minute

# Kubernetes logs
kube-system 2024-10-10T13:55:52.123456789Z pod/nginx-ingress-controller Request from 10.244.0.5: GET /api
kube-system 2024-10-10T13:55:53.123456789Z pod/nginx-ingress-controller Forwarding to 10.244.1.50:8080
kube-system 2024-10-10T13:55:54.123456789Z pod/coredns Response to 192.168.100.50: A example.com -> 1.2.3.4

# EC2 instance metadata
2024-10-10 13:55:55 [ec2-instance] Public IP: 54.123.45.67, Private IP: 10.0.1.100
2024-10-10 13:55:56 [ec2-instance] Public IP: 203.0.113.99, Private IP: 172.31.0.50
2024-10-10 13:55:57 [ec2-instance] Public IP: 198.51.100.200, Private IP: 10.255.255.255

📝 Formatos de IP Mistas

🟡 intermediate

Vários formatos de endereços IP incluindo casos extremos

# Mixed IP Formats Sample
# Copy any section below to test the IP Address Extractor

# Standard IPv4 addresses
192.168.1.1
10.0.0.1
172.16.0.1
203.0.113.42
198.51.100.99

# IPv4 with port numbers
192.168.1.1:8080
10.0.0.1:443
172.16.0.1:22
localhost:3000

# IPv6 addresses
2001:0db8:85a3::8a2e:0370:7334
fe80::1
2001:4860:4860::8888
::1
2001:db8::8a2e:370:7334

# IPv6 with port numbers
[2001:0db8::1]:80
[fe80::1]:443
[::1]:3000
[2001:4860::8888]:8080

# IP ranges in CIDR notation
192.168.1.0/24
10.0.0.0/8
172.16.0.0/12
203.0.113.0/24

# IPv6 CIDR
2001:db8::/32
fe80::/10
::1/128

# Private IP ranges
10.0.0.1
10.255.255.255
172.16.0.1
172.31.255.255
192.168.0.1
192.168.255.255

# Reserved/documentation IPs
192.0.2.1
198.51.100.1
203.0.113.1
198.18.0.1

# Loopback addresses
127.0.0.1
127.0.0.1:8080
::1

# Broadcast addresses
192.168.1.255
10.255.255.255

# Network addresses
192.168.1.0
10.0.0.0

# Compressed IPv6
2001:db8::1
2001:db8:85a3::8a2e:370:7334
fe80::2a1:cbff:fe80:1d2

# IPv6 with IPv4 embedded (not recommended but exists)
::ffff:192.168.1.1
::ffff:10.0.0.1

# IP in URLs
https://192.168.1.1/admin
http://10.0.0.1:8080/api
https://[2001:db8::1]:443/secure
ftp://172.16.0.1/files

# IPs in text content
Server running on 192.168.1.100, please connect from your local machine at 10.0.0.50
Database available at 172.31.0.100:5432, username: admin
API endpoint: https://api.example.com (resolves to 1.2.3.4)

# IPs with unusual formatting
192 .168.1.1
192.168. 1.1
192.168.1.1
192.168.001.001

# Edge cases - not valid IPs but may appear
999.999.999.999
256.256.256.256
192.168.1
192.168.1.1.1

# IPs in JSON
{"server_ip": "192.168.1.100", "port": 8080}
{"client_ip": "10.0.0.50", "allowed": true}
{"ipv6": "2001:db8::1"}

# IPs in key-value pairs
server_address=192.168.1.100
client_ip=10.0.0.50
database_host=172.16.0.1

# Log timestamps that look like IPs (edge case)
2024.10.10.13.55.36
10/Oct/2024:13:55:37