博客的访问量,独立 IP 每天只有几十,但是恶意请求近千。
不知道这些脚本小子是哪里来的博客列表,全都按照 WP 来攻击…实在搞不懂是什么情况…
我这只是一个 GitHub Pages 的反代服务器…
突然有一个想法,能不能把这些恶意请求跳转到广告链接,赚钱(
求 V 友支招(万分感谢😅
恶意请求例子如下:
47.99.196.234 - - [26/Oct/2020:22:41:14 +0800] "HEAD /chen/login.php HTTP/1.1" 301 0 "-" "-"
47.99.196.234 - - [26/Oct/2020:22:41:14 +0800] "HEAD /admin/login.php HTTP/1.1" 301 0 "-" "-"
89.248.172.196 - - [26/Oct/2020:23:08:45 +0800] "\x03\x00\x00\x13\x0E\xE0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x00\x00\x00\x00" 400 150 "-" "-"
41.216.186.89 - - [26/Oct/2020:15:20:56 +0800] "\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" 400 150 "-" "-"
192.35.168.16 - - [26/Oct/2020:15:49:00 +0800] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 zgrab/0.x"
95.0.30.16 - - [26/Oct/2020:15:55:29 +0800] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
45.146.164.159 - - [26/Oct/2020:16:11:12 +0800] "HEAD / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
185.202.1.187 - - [26/Oct/2020:16:16:24 +0800] "\x12\x01\x00^\x00\x00\x01\x00\x00\x00$\x00\x06\x01\x00*\x00\x01\x02\x00+\x00\x01\x03\x00,\x00\x04\x04\x000\x00\x01\x05\x001\x00$\x06\x00U\x00\x01\xFF\x04\x07\x0C\xBC\x00\x00\x00\x00\x00\x00\x15\xD0\x00\x90\xF6\xC9zj\x00\x00\x008yL\xB5\xF7\x7F\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFE\xFF\xFF\xFF\x01" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x01\x22\x01\x00\x01\x1E\x03\x036\x9D\xBB\xE2n\xBDmV\xCB\xA5v3[\x8C\x94/;\xB4\xD8\xCD\xBD" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x01\x22\x01\x00\x01\x1E\x03\x03\xB5\x00~7\xF4\x8A8\x8Eh\xCE\xFCR\x1B\xA1\xE2^\x9B\xA83 \xDC\xC9_\x0B]\xC3C&!\x88\x8C\xFE\x00\x00\x88\xC00\xC0,\xC0(\xC0$\xC0\x14\xC0" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x00\xC6\x01\x00\x00\xC2\x03\x02'\xF1\xF6z%\xB0\x95\xF1]\x0C\xB8\xDF\x0E\xC4\x17\xB0\xFB\x14\x15\xA1\xCA_}c<YN\xFDO\xDB\x99\xEF\x00\x00P\xC0\x14\xC0" 400 150 "-" "-"
103.100.208.29 - - [26/Oct/2020:12:09:24 +0800] "POST /ruyi.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0"
103.100.208.29 - - [26/Oct/2020:12:09:24 +0800] "POST /51314.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0"
不知道这些脚本小子是哪里来的博客列表,全都按照 WP 来攻击…实在搞不懂是什么情况…
我这只是一个 GitHub Pages 的反代服务器…
突然有一个想法,能不能把这些恶意请求跳转到广告链接,赚钱(
求 V 友支招(万分感谢😅
恶意请求例子如下:
47.99.196.234 - - [26/Oct/2020:22:41:14 +0800] "HEAD /chen/login.php HTTP/1.1" 301 0 "-" "-"
47.99.196.234 - - [26/Oct/2020:22:41:14 +0800] "HEAD /admin/login.php HTTP/1.1" 301 0 "-" "-"
89.248.172.196 - - [26/Oct/2020:23:08:45 +0800] "\x03\x00\x00\x13\x0E\xE0\x00\x00\x00\x00\x00\x01\x00\x08\x00\x00\x00\x00\x00" 400 150 "-" "-"
41.216.186.89 - - [26/Oct/2020:15:20:56 +0800] "\x03\x00\x00/*\xE0\x00\x00\x00\x00\x00Cookie: mstshash=Administr" 400 150 "-" "-"
192.35.168.16 - - [26/Oct/2020:15:49:00 +0800] "GET / HTTP/1.1" 444 0 "-" "Mozilla/5.0 zgrab/0.x"
95.0.30.16 - - [26/Oct/2020:15:55:29 +0800] "GET / HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
45.146.164.159 - - [26/Oct/2020:16:11:12 +0800] "HEAD / HTTP/1.1" 444 0 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36"
185.202.1.187 - - [26/Oct/2020:16:16:24 +0800] "\x12\x01\x00^\x00\x00\x01\x00\x00\x00$\x00\x06\x01\x00*\x00\x01\x02\x00+\x00\x01\x03\x00,\x00\x04\x04\x000\x00\x01\x05\x001\x00$\x06\x00U\x00\x01\xFF\x04\x07\x0C\xBC\x00\x00\x00\x00\x00\x00\x15\xD0\x00\x90\xF6\xC9zj\x00\x00\x008yL\xB5\xF7\x7F\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\xFE\xFF\xFF\xFF\x01" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x01\x22\x01\x00\x01\x1E\x03\x036\x9D\xBB\xE2n\xBDmV\xCB\xA5v3[\x8C\x94/;\xB4\xD8\xCD\xBD" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x01\x22\x01\x00\x01\x1E\x03\x03\xB5\x00~7\xF4\x8A8\x8Eh\xCE\xFCR\x1B\xA1\xE2^\x9B\xA83 \xDC\xC9_\x0B]\xC3C&!\x88\x8C\xFE\x00\x00\x88\xC00\xC0,\xC0(\xC0$\xC0\x14\xC0" 400 150 "-" "-"
164.52.24.163 - - [26/Oct/2020:16:31:11 +0800] "\x16\x03\x01\x00\xC6\x01\x00\x00\xC2\x03\x02'\xF1\xF6z%\xB0\x95\xF1]\x0C\xB8\xDF\x0E\xC4\x17\xB0\xFB\x14\x15\xA1\xCA_}c<YN\xFDO\xDB\x99\xEF\x00\x00P\xC0\x14\xC0" 400 150 "-" "-"
103.100.208.29 - - [26/Oct/2020:12:09:24 +0800] "POST /ruyi.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0"
103.100.208.29 - - [26/Oct/2020:12:09:24 +0800] "POST /51314.php HTTP/1.1" 301 162 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:60.0) Gecko/20100101 Firefox/60.0"
1
Select Language