118.190.15.31 阿里云- - [26/Feb/2017:02:30:48 +0800] "GET / HTTP
117.185.27.114 上海移动- - [26/Feb/2017:02:47:54 +0800] "GET /v1
118.178.227.101 - - [26/Feb/2017:03:29:00 +0800] "GET /manager/h
118.178.227.101 - tomcat [26/Feb/2017:03:29:03 +0800] "GET /mana
118.178.227.101 - - [26/Feb/2017:03:31:27 +0800] "GET /manager/h
118.178.227.101 - tomcat [26/Feb/2017:03:31:27 +0800] "GET /mana
118.178.227.101 - - [26/Feb/2017:03:31:27 +0800] "GET /manager/i
118.178.227.101 - - [26/Feb/2017:03:31:27 +0800] "GET /manager/i
118.178.227.101 - - [26/Feb/2017:03:31:28 +0800] "GET /favicon.i
112.90.82.218 深圳联通- - [26/Feb/2017:04:30:42 +0800] "GET /v10
180.153.212.13 上海电信- - [26/Feb/2017:04:30:51 +0800] "GET /v1
36.34.10.89 安徽合肥- - [26/Feb/2017:04:50:46 +0800] "CONNECT ww
171.37.30.132 - - [26/Feb/2017:04:50:46 +0800] "GET / HTTP/1.1"
125.39.207.33 天津联通 - - [26/Feb/2017:08:46:03 +0800] "GET / H
101.226.64.174 上海电信 - - [26/Feb/2017:09:10:19 +0800] "GET /v
123.151.42.61 - - [26/Feb/2017:09:12:16 +0800] "GET / HTTP/1.1"
101.226.66.177 上海电信- - [26/Feb/2017:15:52:56 +0800] "GET /ma
107.179.126.18 - - [26/Feb/2017:16:38:16 +0800] "GET /manager/ht
139.162.81.62 美国- - [26/Feb/2017:17:45:20 +0800] "GET /echo.ph
101.226.64.174 - - [26/Feb/2017:17:15:19 +0800] "GET /manager/h
112.65.193.14 - - [26/Feb/2017:19:41:59 +0800] "GET /manager/ht
119.5.0.45 - - [26/Feb/2017:19:42:12 +0800] "GET /manager/html/
220.191.238.115 - - [26/Feb/2017:19:56:49 +0800] "GET /phpmyadm
42.51.194.10 河南洛阳BGP多线- - [26/Feb/2017:21:21:37 +0800] "GE
42.51.194.10 - tomcat [26/Feb/2017:21:21:38 +0800] "GET /manager
101.226.102.97 上海电信- - [26/Feb/2017:21:22:19 +0800] "GET /ma
112.28.129.115 - - [26/Feb/2017:21:35:17 +0800] "GET /manager/ht
112.28.129.115 - tomcat [26/Feb/2017:21:35:18 +0800] "GET /manag
112.28.129.115 - - [26/Feb/2017:21:35:18 +0800] "GET /manager/im
112.28.129.115 - - [26/Feb/2017:21:35:18 +0800] "GET /manager/im
112.28.129.115 - - [26/Feb/2017:21:35:18 +0800] "GET /favicon.ic
101.226.33.202 - - [26/Feb/2017:23:54:20 +0800] "GET /manager/ht
应用放在腾讯云上,但是日志莫名其妙有一些陌生的IP,查了一下地址标注在了后面,求大牛指导是什么原因
![[Web front-end] Node.js quick start](https://img.php.cn/upload/course/000/000/067/662b5d34ba7c0227.png)
When an application is published online, in addition to normal access, there are generally three situations:
Crawler access
In this case, when tomcat prints the access log, print out the user-agent and you can see that there will be search engine names, such as baidu, sogou, etc., and the general search engine IP can be reversely checked. IP query (http://www.ip138.com) and check back
Secure site scanning
If you use 360 or other webmaster security scanning tools, there will also be a large number of IPs coming to visit
Malicious Tool Scan
Similar to the second item, the security scan will gradually scan through the previously set scanning points, which will also cause a large number of IP visits
When troubleshooting, we mainly focus on whether the scanned IP is scanned by search engines or safe sites, and the directory points scanned to make a comprehensive judgment. If it is judged to be a malicious IP, it can be blocked in conjunction with firewall rules.
Um, crawled by a reptile...
Please type out the User-Agent too, it will be an eye-opener :-)
The following is probably not a crawler, but a scanning program
220.191.238.115 - - [26/Feb/2017:19:56:49 +0800] "GET /phpmyadm