这是不是被攻击了?网站在这个时间点宕机了,大神帮忙看看日志,谢谢

238 天前
 1dian01
125.36.255.55 - - [15/Sep/2023:09:06:47 +0800] " GET /52hacker.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
110.177.179.164 - - [15/Sep/2023:09:06:47 +0800] " GET /junior.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
119.48.134.74 - - [15/Sep/2023:09:06:47 +0800] " GET /HACKED.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
123.245.25.51 - - [15/Sep/2023:09:06:47 +0800] " GET /hackway.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.31.107.168 - - [15/Sep/2023:09:06:47 +0800] " GET /myup2.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
122.96.28.64 - - [15/Sep/2023:09:06:47 +0800] " GET /king.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
58.19.57.155 - - [15/Sep/2023:09:06:47 +0800] " GET /gddff.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
43.248.108.195 - - [15/Sep/2023:09:06:47 +0800] " GET /hacker.php HTTP/1.1 " 404 162 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
139.170.203.51 - - [15/Sep/2023:09:06:47 +0800] " GET /net.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.117.193.3 - - [15/Sep/2023:09:06:47 +0800] " GET /jza.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
59.173.181.252 - - [15/Sep/2023:09:06:47 +0800] " GET /admin/Default.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
144.255.18.156 - - [15/Sep/2023:09:06:47 +0800] " GET /jyhack.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.235.138.251 - - [15/Sep/2023:09:06:47 +0800] " GET /kai.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
182.242.168.177 - - [15/Sep/2023:09:06:47 +0800] " GET /windis.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
222.181.11.33 - - [15/Sep/2023:09:06:47 +0800] " GET /NewsType.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
1.202.112.127 - - [15/Sep/2023:09:06:47 +0800] " GET /av.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
125.84.239.11 - - [15/Sep/2023:09:06:47 +0800] " GET /dsf.jsp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
222.181.11.112 - - [15/Sep/2023:09:06:48 +0800] " GET /kangzai.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
27.47.26.176 - - [15/Sep/2023:09:06:48 +0800] " GET /madman.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
101.68.126.126 - - [15/Sep/2023:09:06:48 +0800] " GET /xxoo.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
114.100.176.226 - - [15/Sep/2023:09:06:48 +0800] " GET /hc.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
123.245.25.204 - - [15/Sep/2023:09:06:48 +0800] " GET /kid.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
112.193.163.119 - - [15/Sep/2023:09:06:48 +0800] " GET /kest.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
220.200.170.252 - - [15/Sep/2023:09:06:48 +0800] " GET /safe86.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
60.13.7.63 - - [15/Sep/2023:09:06:48 +0800] " GET /BlackOdometer/Editor.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
123.191.142.151 - - [15/Sep/2023:09:06:48 +0800] " GET /xsd.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
222.94.140.12 - - [15/Sep/2023:09:06:48 +0800] " GET /52.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
121.29.178.104 - - [15/Sep/2023:09:06:48 +0800] " GET /t2ck.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
220.250.11.131 - - [15/Sep/2023:09:06:49 +0800] " GET /kim.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
139.170.202.22 - - [15/Sep/2023:09:06:49 +0800] " GET /20071215173556171.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
58.18.161.195 - - [15/Sep/2023:09:06:49 +0800] " GET /logo.php HTTP/1.1 " 404 162 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.160.236.124 - - [15/Sep/2023:09:06:49 +0800] " GET /suluoli.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
150.255.97.94 - - [15/Sep/2023:09:06:49 +0800] " GET /christ.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
60.13.7.61 - - [15/Sep/2023:09:06:49 +0800] " GET /myung.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
220.173.208.121 - - [15/Sep/2023:09:06:49 +0800] " GET /kim.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
58.18.161.79 - - [15/Sep/2023:09:06:49 +0800] " GET /xiaozi.asa HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
180.95.238.131 - - [15/Sep/2023:09:06:50 +0800] " GET /dhthacker.com.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
175.17.182.239 - - [15/Sep/2023:09:06:50 +0800] " GET /xenon.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
122.96.28.43 - - [15/Sep/2023:09:06:50 +0800] " GET /fuck-china.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
27.98.228.11 - - [15/Sep/2023:09:06:50 +0800] " GET /town.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
58.18.161.62 - - [15/Sep/2023:09:06:50 +0800] " GET /zongg/daima.asp?id = 65 HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
175.17.183.108 - - [15/Sep/2023:09:06:50 +0800] " GET /kuang.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.31.107.232 - - [15/Sep/2023:09:06:50 +0800] " GET /kk.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
150.255.44.242 - - [15/Sep/2023:09:06:51 +0800] " GET /20085160619797.cer HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
221.212.178.188 - - [15/Sep/2023:09:06:51 +0800] " GET /bubai.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
120.0.52.226 - - [15/Sep/2023:09:06:52 +0800] " GET /S.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
221.14.171.21 - - [15/Sep/2023:09:06:52 +0800] " GET /c.php HTTP/1.1 " 404 162 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
221.14.170.243 - - [15/Sep/2023:09:06:52 +0800] " GET /tr.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
112.193.160.131 - - [15/Sep/2023:09:06:53 +0800] " GET /ouran.php HTTP/1.1 " 404 162 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
125.84.236.118 - - [15/Sep/2023:09:06:53 +0800] " GET /Soul.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
40.77.167.26 - - [15/Sep/2023:09:06:54 +0800] " GET /nfc-phone-can-not-read-or-write-nfc-tag-problem.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; bingbot/2.0; +http://www.bing.com/bingbot.htm) Chrome/103.0.5060.134 Safari/537.36 "
180.95.238.134 - - [15/Sep/2023:09:06:54 +0800] " GET /kk.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
183.191.29.212 - - [15/Sep/2023:09:06:55 +0800] " GET /752.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
27.184.93.90 - - [15/Sep/2023:09:06:55 +0800] " GET /albums/userpics/robots.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
101.68.5.85 - - [15/Sep/2023:09:06:56 +0800] " GET /winSec.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
223.166.22.1 - - [15/Sep/2023:09:06:56 +0800] " GET /updue.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
123.245.25.112 - - [15/Sep/2023:09:06:56 +0800] " GET /bin.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
222.94.140.237 - - [15/Sep/2023:09:06:56 +0800] " GET /kyo.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
8.129.66.111 - - [15/Sep/2023:09:06:56 +0800] " POST /wp-cron.php?doing_wp_cron = 1694740012.4412710666656494140625 HTTP/1.1 " 444 0 " http://www.nfchome.org/wp-cron.php?doing_wp_cron = 1694740012.4412710666656494140625 " " WordPress/5.0.19; http://www.nfchome.org
113.200.72.205 - - [15/Sep/2023:09:06:56 +0800] " GET /jedy.asa HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
124.235.138.17 - - [15/Sep/2023:09:06:57 +0800] " GET /l0rd.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
117.13.171.10 - - [15/Sep/2023:09:06:57 +0800] " GET /ChuMeng.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
36.32.2.63 - - [15/Sep/2023:09:06:57 +0800] " GET /robots.txt HTTP/1.1 " 200 203 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
182.242.168.156 - - [15/Sep/2023:09:06:57 +0800] " GET /heici.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
110.177.179.164 - - [15/Sep/2023:09:06:59 +0800] " GET /AnonGuy.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
58.18.161.222 - - [15/Sep/2023:09:07:00 +0800] " GET /kz.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
36.32.2.248 - - [15/Sep/2023:09:07:00 +0800] " GET /hacker-kof97.php HTTP/1.1 " 404 162 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
36.32.2.120 - - [15/Sep/2023:09:07:01 +0800] " GET /gui.asp HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
59.173.181.7 - - [15/Sep/2023:09:07:01 +0800] " GET /sec.html HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
220.250.11.196 - - [15/Sep/2023:09:07:01 +0800] " GET /xiaofeng.txt HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
110.177.182.81 - - [15/Sep/2023:09:07:01 +0800] " GET /kz.htm HTTP/1.1 " 499 0 "-" " Mozilla/5.0 (Windows NT 6.1; WOW64; rv:7.0.1) Gecko/20100101 Firefox/7.0.1 "
845 次点击
所在节点    然而并没有
4 条回复
goodname
238 天前
扫描器而已,宕机是因为扫描器请求太多处理不过来了?
1dian01
238 天前
@goodname 估计是,请教一般有啥好办法处理
forvvvv123
237 天前
这才几个 QPS ,楼主先看看自己服务配置的是不是有问题,不应该这点量都承载不了。

然后就没别的好办法了,想拦截扫描器最正常的是前面套 waf ,让 waf 帮你拦截掉,但 waf 也比较贵。
1dian01
237 天前
@forvvvv123 确实不多,一分钟才 300 个,等下次宕机,再看看是不是也是被扫的时候

这是一个专为移动设备优化的页面(即为了让你能够在 Google 搜索结果里秒开这个页面),如果你希望参与 V2EX 社区的讨论,你可以继续到 V2EX 上打开本讨论主题的完整版本。

https://www.v2ex.com/t/974012

V2EX 是创意工作者们的社区,是一个分享自己正在做的有趣事物、交流想法,可以遇见新朋友甚至新机会的地方。

V2EX is a community of developers, designers and creative people.

© 2021 V2EX