V2EX = way to explore
V2EX 是一个关于分享和探索的地方
现在注册
已注册用户请  登录
ladyv2
V2EX  ›  服务器

服务器莫名奇妙来了很多请求,有人知道这些 Ip 是哪里的么, 183 113 开头

  •  
  •   ladyv2 · 2017-02-21 11:59:39 +08:00 · 4658 次点击
    这是一个创建于 2866 天前的主题,其中的信息可能已经有所发展或是发生改变。

    如题,服务器最近几天日志暴增,从以前的一天 5G 左右变成 100 多 G 查了下全是类似的请求

    113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:35 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-" 113.99.136.153 - - [21/Feb/2017:07:22:36 +0800] "GET / HTTP/1.1" 302 154 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.81 Safari/537.36" "-"

    分析了下 log 来源 IP 都是下面 183 和 113 的地址,查了下来源都说是 中国广东广州 电信,该 IP 段为 IDC 机房使用,可能包括部分骨干网数据。

    搞的我这是屏蔽也不是,不屏蔽也不是。

    183.61.106.145 183.60.82.140 113.99.136.152 183.60.118.48 113.99.136.141 183.60.74.139 113.99.136.53 113.99.136.144 113.99.136.146 183.60.65.140 113.99.136.120 183.61.106.40 113.99.136.87 113.99.136.40 183.61.106.39 113.99.136.153 183.60.74.12 113.99.136.29 183.60.77.139 113.99.136.125 183.61.106.41 183.60.118.84 183.61.106.32 113.99.136.124 183.60.118.99 183.60.67.12 113.99.136.80 183.60.83.10 113.99.136.123 113.99.136.151 183.60.118.92 183.60.118.83 183.60.240.167 183.61.106.34 113.99.136.41 183.60.118.98 183.61.106.33 113.99.136.83 183.60.118.60 183.61.106.35 183.61.106.43 113.99.136.36 183.60.118.79 183.61.106.42 183.60.76.245 113.99.136.66 4 113.99.136.86 4 113.99.136.69 0 113.99.136.147 2 113.99.136.85 3 113.99.136.148 4 183.60.240.151 0 183.61.106.44 7 183.61.106.37 2 183.61.106.36 0 113.99.136.60 5 183.60.74.11 0 113.99.136.143 2 113.99.136.145 6 113.99.136.118 7 113.99.136.37 8 113.99.136.149 9 113.99.136.119 6 113.99.136.12 1 113.99.136.126 8 113.99.136.63 3 183.60.76.248 1 183.60.118.31 4 183.60.118.80 3 183.60.118.100 5 113.99.136.106 8 183.60.118.87 4 183.60.118.93 1 183.60.240.159 0 183.60.118.91 5 113.99.136.140

    2 条回复    2017-04-04 11:09:35 +08:00
    ZachChan
        1
    ZachChan  
       2017-03-12 00:29:02 +08:00 via Android
    会不会是盗链
    d754903977
        2
    d754903977  
       2017-04-04 11:09:35 +08:00
    懒得仔细看,但是 106.39.的段妥妥封掉, 106.39.189.0/24 、 106.39.190.0/24 、 106.39.191.0/24 这三个每小时都能给我请求几万次。
    关于   ·   帮助文档   ·   博客   ·   API   ·   FAQ   ·   实用小工具   ·   3581 人在线   最高记录 6679   ·     Select Language
    创意工作者们的社区
    World is powered by solitude
    VERSION: 3.9.8.5 · 48ms · UTC 10:26 · PVG 18:26 · LAX 02:26 · JFK 05:26
    Developed with CodeLauncher
    ♥ Do have faith in what you're doing.