0

我是新手,但我无法确定这个请求是否是恶意的。它始终来自外部 IP 地址。我进行了多次搜索,但还没有找到解码方法。谢谢你的帮助!

GET /?fp=QxBK9zIO8R%2BFqpUYXxBCsf/2d/VCb1UzUK/uJ1EMlO56LPORLsISePHmk%2Bh6iibCdtyls6EqlvlYNkjOtWf1xQ==&prvtof=4yrnquW2HYSkfIrzg%2BVYOgjMe3DUqpFReQ%2BpfOitLMw=&poru=ZcSu57I11wpvJIeprbkvODx9vwNZIIrWZSULp2Eu1j6rtx2flIgbe1T%2BHF4UJ7AqYgWE4MY9f%2B0Dck7AH1e45g==& HTTP/1.1

4

1 回答 1

2

Looks like some spam or scraper robot. The originator hopes that a previous attack has planted the file or code that will read those variables and send back whatever information it was looking for. It might use common fields that submit to posts and message boards.

Search for the fp prtov poru and you'll find many similar things.

ex: https://gist.github.com/superfeedr/806076

If you have no such page to receive the url and process it, then you can ignore the post. If it bothers you much, drop all packets from the originating ip with your firewall. Or do like this fellow making a mean reply to the one who posts such things: http://auracms.org

于 2013-04-27T16:14:18.913 回答