我的随想

近期幽默web日志选摘

20231226185817 184.168.108.253 www.drinlovegao.xyz /xmlrpc.php 1583 1176 -1 404 NULL 1178 “Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0” “(null)” POST HTTPS miss 48679
20231226185557 103.90.225.215 www.drinlovegao.xyz /xmlrpc.php 1583 144 -1 404 NULL 433 “Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0” “(null)” POST HTTPS miss 58794
20231226185253 132.148.120.15 www.drinlovegao.xyz /xmlrpc.php 1584 669 -1 404 NULL 356 “Mozilla/5.0 (X11; Fedora; Linux x86_64; rv:94.0) Gecko/20100101 Firefox/95.0” “(null)” POST HTTPS miss 62361

抱歉,本服务器xmlrpc已屏蔽,各位黑客再扫下去只会被404喷一脸;

2023-12-25 00:16:31 10.0.16.13 GET / – 443 – 35.203.211.162 Expanse,+a+Palo+Alto+Networks+company,+searches+across+the+global+IPv4+space+multiple+times+per+day+to+identify+customers’+presences+on+the+Internet.+If+you+would+like+to+be+excluded+from+our+scans,+please+send+IP+addresses/domains+to:+scaninfo@paloaltonetworks.com – 401 503 5 272

一边扫还一边在UA里打广告可真太乐了,然而你确定要越过CDN直接访问服务器?401回去吧你;

2023-12-25 00:26:50 10.0.16.13 GET /ab2g – 443 – 68.183.3.84 Mozilla/5.0+zgrab/0.x – 401 503 5 246
2023-12-25 00:26:51 10.0.16.13 GET /ab2h – 443 – 68.183.3.84 Mozilla/5.0+zgrab/0.x – 401 503 5 247

举着个zgrab要越过CDN在我的服务器上尝试寻找你那亲爱的的母亲吗?抱歉她已经被我判处了死刑;

2023-12-25 06:16:12 10.0.16.13 GET /aaaaaaaaaaaaaaaaaaaaaaaaaqr – 80 – 180.101.245.248 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/118.0.0.0+Safari/537.36 – 401 503 5 30

嗯?你打这么一串到底要找什么?

2023-12-25 06:59:01 10.0.16.13 POST /wsman – 80 – 134.209.15.145 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 171
2023-12-25 06:59:05 10.0.16.13 GET / – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 171
2023-12-25 06:59:05 10.0.16.13 GET /auth.html – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 170
2023-12-25 06:59:05 10.0.16.13 GET /sslvpnLogin.html – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 173
2023-12-25 06:59:05 10.0.16.13 GET /api/sonicos/tfa – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 171
2023-12-25 06:59:05 10.0.16.13 GET /api/sonicos/auth – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 182
2023-12-25 06:59:05 10.0.16.13 GET /auth1.html – 80 – 134.209.63.118 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/92.0.4515.159+Safari/537.36 – 401 503 5 718

建议你在发送让我的服务器不知所云的请求之前,打开浏览器查看一下我的网站,这样你就可以知道这应该是一个使用WordPress搭建的博客,而不是什么别的;

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:28 10.0.16.13 GET /phpmyadmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 45

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.4/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.3/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 46

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.10.0.2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 45

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.10.3/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 41

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.8.0.2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 47

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.10.2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 40

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.9.2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 41

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.0/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 44

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.7/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 40

2023-12-25 10:26:28 10.0.16.13 GET /phpMyAdmin-2.11.1.2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 45

2023-12-25 10:26:30 10.0.16.13 GET /pma/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 46

2023-12-25 10:26:30 10.0.16.13 GET /phpMyAdmin3/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 39

2023-12-25 10:26:30 10.0.16.13 GET /myadmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 49

2023-12-25 10:26:30 10.0.16.13 GET /MyAdmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 39

2023-12-25 10:26:30 10.0.16.13 GET /PHPMYADMIN/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 54

2023-12-25 10:26:30 10.0.16.13 GET /mysqladmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:30 10.0.16.13 GET /SQL/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:30 10.0.16.13 GET /phpMyAdmin-2.5.5-pl1/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:30 10.0.16.13 GET /phpMyAdmin-2.5.5/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 47

2023-12-25 10:26:30 10.0.16.13 GET /phpMyAdmin-2.5.4/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 39

2023-12-25 10:26:30 10.0.16.13 GET /phpMyAdmin-2.5.7-pl1/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 39

2023-12-25 10:26:30 10.0.16.13 GET /admin/pma/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:31 10.0.16.13 GET /phpMyAdmin-2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 45

2023-12-25 10:26:31 10.0.16.13 GET /web/phpMyAdmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 48 2023-12-25 10:26:31 10.0.16.13 GET /webadmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 48

2023-12-25 10:26:31 10.0.16.13 GET /admin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 50

2023-12-25 10:26:31 10.0.16.13 GET /dbadmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 43

2023-12-25 10:26:31 10.0.16.13 GET /mysql/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 40

2023-12-25 10:26:31 10.0.16.13 GET /phpMyAdmin2/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 39

2023-12-25 10:26:31 10.0.16.13 GET /phpma/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 47

2023-12-25 10:26:31 10.0.16.13 GET /sqlweb/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 46

2023-12-25 10:26:31 10.0.16.13 GET /webdb/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 49

2023-12-25 10:26:31 10.0.16.13 GET /websql/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 44

2023-12-25 10:26:31 10.0.16.13 GET /_phpMyAdmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:32 10.0.16.13 GET /php/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 41

2023-12-25 10:26:32 10.0.16.13 GET /admin/phpmyadmin/scripts/setup.txt – 80 – 39.108.98.55 – – 401 503 5 48

2023-12-25 10:26:32 10.0.16.13 GET /db/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:32 10.0.16.13 GET /sqlmanager/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 47

2023-12-25 10:26:32 10.0.16.13 GET /mysqlmanager/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 54

2023-12-25 10:26:32 10.0.16.13 GET /phpmanager/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 41

2023-12-25 10:26:32 10.0.16.13 GET /php-myadmin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 47

2023-12-25 10:26:32 10.0.16.13 GET /phpmy-admin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 42

2023-12-25 10:26:32 10.0.16.13 GET /mysql-admin/scripts/setup.php – 80 – 39.108.98.55 – – 401 503 5 48

该具有明显恶意的IP经查系同一云服务商,已举报,另外我的服务器上没有安装phpMyAdmin。

(本文同步发布于知乎

已发布

分类

来自

Drin-love Gao

标签:

,