访问日志:
140.205.201.35 - 1 [12/Apr/2017:16:52:08 +0800] "GET /admin/ HTTP/1.1" 404 564 "http://123.56.101.23/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;Alibaba.Security.Heimdall.5448812)"
140.205.201.35 - 1 [12/Apr/2017:16:52:13 +0800] "GET / HTTP/1.1" 302 16 "http://123.56.101.23/" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1;Alibaba.Security.Heimdall.5448812)"
221.222.55.62 - - [12/Apr/2017:17:03:45 +0800] "GET /favicon.ico HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
107.151.148.193 - - [12/Apr/2017:17:21:12 +0800] "GET http://www.luisaranguren.com/azenv.php HTTP/1.1" 404 564 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
107.151.148.193 - - [12/Apr/2017:17:21:12 +0800] "CONNECT www.baidu.com:443 HTTP/1.1" 400 166 "-" "-"
171.120.27.117 - - [12/Apr/2017:17:21:41 +0800] "CONNECT www.baidu.com HTTP/1.1" 400 166 "-" "-"
116.113.51.148 - - [12/Apr/2017:17:21:41 +0800] "GET http://www.123cha.com HTTP/1.1" 302 16 "-" "Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/43.0.2357.132 Safari/537.36"
116.113.51.148 - - [12/Apr/2017:17:21:44 +0800] "" 400 0 "-" "-"
23.251.55.159 - - [12/Apr/2017:17:37:30 +0800] "GET http://fr.cyberpods.net/ HTTP/1.1" 302 16 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
23.251.55.159 - - [12/Apr/2017:17:37:31 +0800] "CONNECT www.alipay.com:443 HTTP/1.1" 400 166 "-" "-"
123.57.10.148 - - [12/Apr/2017:17:49:19 +0800] "GET / HTTP/1.1" 302 16 "-" "-"
221.222.55.62 - - [12/Apr/2017:17:50:41 +0800] "GET /favicon.ico HTTP/1.1" 404 564 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/45.0.2454.101 Safari/537.36"
这些访问是啥意思???这个是nginx的access.log
我的疑问是CONNECT www.baidu.com这个是咋做到的?
还有
23.251.55.159 - - [12/Apr/2017:17:37:30 +0800] "GET http://fr.cyberpods.net/ HTTP/1.1" 302 16 "-" "Mozilla/5.0 (compatible; MSIE 6.0; Windows NT 5.1; Trident/5.0)"
23.251.55.159 - - [12/Apr/2017:17:37:31 +0800] "CONNECT www.alipay.com:443 HTTP/1.1" 400 166 "-" "-"
这些是怎么做到的?
检查代理的。你去搜一下「爬虫代理」,里边一大堆免费或者收费的代理服务器地址,就是这么扫出来的。
就是日志的格式 http://blog.chinaunix.net/uid...
GET、POST为请求方式
/admin/ 请求的资源地址
HTTP/1.1 HTTP协议版本
404 为HTTP状态码
Mozilla/4.0开头的user-agent浏览器信息
可以对照设置的 log_format进行解释