【疑惑】小鸡莫名其妙被日本人举报封了,这是啥情况?

[复制链接]
查看: 9577   回复: 9
发表于 2024-5-9 14:49:26 | 显示全部楼层 |阅读模式

有MJJ知道什么原理导致的吗?日常只是挂点梯子,没做别的事情。
登录也是用证书登录,ssh端口也改过了,运行用户都是nobody。
443端口开放,跑的是fake tls,没有站点。
小鸡也是跑了半年了,难道是这个IP半年前干过的事情,现在才被举报?
或者说这是什么新型攻击方式吗?

本帖子中包含更多资源

您需要 登录 才可以下载或查看,没有帐号?立即注册

x
回复

使用道具 举报

发表于 2024-5-9 14:49:42 | 显示全部楼层
说你io指向的一个域名里有泄露了日本人的地址和姓名等个人信息
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:50:23 | 显示全部楼层
就说你小鸡上面跑着一个网站涉及侵犯日本人的公民信息了,至于是不是小鸡上个用户干的就不知道了。
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:51:07 | 显示全部楼层
想知道是啥原因:Q
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:52:07 | 显示全部楼层
把原文和翻译贴上来,大伙瞧瞧

尊敬的员工,我希望您了解使用具有以下 IP 地址的服务器的站点。 [IP地址] 小鸡IP 经过我的调查,这个IP地址的服务器似乎被以下域名的站点使用。 [域名] DAIHANREI.COM 该域名网站发布居住在日本的人的姓名和地址。正在实施违反日本个人信息保**的行为。该法律等同于欧盟通用数据保护条例。 “=E5=80=8B=E4=BA=BA=E6=83=85=E5=A0=B1=E4=BF=9D=E8=AD=B7=E5=A7=94=E5=93=下页所述的A1=E4=BC=9A=E4=BA=8B=E5=8B=99=E5=B1=80(个人信息保护委员会秘书处)”是继发证法院之后具有第二权限的组织对违反日本个人信息保**的公司的改善令。 https://daihanrei.com/statement.php 具有此域名的站点通过 Cloudflare 公开,无法通过 DIG 命令检查。但是,由于可以推断它是我前几天被举报滥用的域名“HASANNEWS.ORG”的相关站点,所以我怀疑它存储在同一台服务器上。结果,我从具有上述 IP 地址的服务器收到了相同的数据。此电子邮件附有使用 curl 命令的证据材料。因为"File3"~"File6"担心邮件大小所以请从下列URL的页取得PDF文件。 http://miwa850125.starfree.jp/daihanrei_com/ “File2”是从上述IP地址的服务器接收到的数据和通信记录。当我通过浏览器访问它时等效的东西是“File1”。两份文件都有第二页的通讯记录。 “File1”连接的服务器如下: Info: Connected to daihanrei.com (172.67.170.96) port 443 (#0) “File2”连接的服务器如下: Info: Connected to daihanrei.com (小鸡IP) 端口 443 (#0) 连接的服务器不同,但接收到的数据不一样。除了 robots.txt 以外,也以同样的方式接收数据。 “File3”和“File4”是首页的数据。 “File3”是从 Cloudflare 接收的,“File4”是从具有上述 IP 地址的服务器接收的。同样在这种情况下,连接的服务器不同,但接收到的数据没有不同。 “File5”和“File6”是他们在顶部引入的 URL 的页面。 “File5”是从 Cloudflare 接收的,“File6”是从具有上述 IP 地址的服务器接收的。同样在这种情况下,连接的服务器不同,但接收到的数据没有不同。从上面可以看出,上面IP地址的服务器正在被使用。如果该域名的站点使用如上所示IP地址的服务器,请取消服务器合同。最好的祝福。白崎美羽(女士)

Dear Staff, I would like you to find out about the sites that use the server with the following IP address. [IP Address] 小鸡IP As a result of my investigation, it seems that the server with this IP address is used by the site with the following domain name. [Domain Name] DAIHANREI.COM This domain name site publishes the names and addresses of people living in Japan. Acts that violate the Japanese Personal Information Protection Law are being carried out. This law is equivalent to the EU General Data Protection Regulation. The "=E5=80=8B=E4=BA=BA=E6=83=85=E5=A0=B1=E4=BF=9D=E8=AD=B7=E5=A7=94=E5=93= =A1=E4=BC=9A=E4=BA=8B=E5=8B=99=E5=B1=80 (Personal Information Protection Commission Secretariat)" described on the following page is the organization with the second authority after the court that issues improvement orders to companies that violate the Personal Information Protection Law of Japan. https://daihanrei.com/statement.php Sites with this domain name are exposed through Cloudflare and cannot be examined by the DIG command. However, since it can be inferred that it is a related site of the domain name "HASANNEWS.ORG" that I reported abuse the other day, I suspected that it was stored on the same server. As a result, I received the same data from the server with the above IP address. Evidence materials using the curl command is attached for this email. As "File3" ... "File6" is anxious about email size, please obtain a PDF file from the page of the following URLs. http://miwa850125.starfree.jp/daihanrei_com/ "File2" is data and the communications record that I received from the server of the IP address mentioned above. The thing which is equivalent when I  access it by a browser is "File1". Both documents have a communications record to the second page. The server connected in "File1" is as follows: Info: Connected to daihanrei.com (172.67.170.96) port 443 (#0) The server connected in "File2" is as follows: Info: Connected to daihanrei.com (小鸡IP) port 443 (#0) The connected servers are different, but the data received is not different . Other than robots.txt received data in the same way, too. "File3" and "File4" are the data of the top page. "File3" was received from Cloudflare, and "File4" was received from the server with the above IP address. In this case as well, the connected servers are different, but the data received is not different. "File5" and "File6" are the pages of the URL that they introduced at the top. "File5" was received from Cloudflare, and "File6" was received from the server with the above IP address. In this case as well, the connected servers are different, but the data received is not different. From the above, it is expected that the server with the above IP address is  being used. If the site with this domain name uses the server with the IP address shown above, please cancel the server contract. Best regards. SHIRASAKI, Miwa (Ms.)
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:52:35 | 显示全部楼层
是的,她是这个意思,但是怎么做到的呢?
邮件原文看楼下。
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:52:59 | 显示全部楼层
没遇到过,帮顶一下
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:53:55 | 显示全部楼层
谢谢MJJ
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:54:02 | 显示全部楼层
没遇到过,帮顶一下
回复 支持 反对

使用道具 举报

发表于 2024-5-9 14:54:45 | 显示全部楼层
谢谢MJJ
回复 支持 反对

使用道具 举报

您需要登录后才可以回帖 登录 | 立即注册

本版积分规则