极客观点
项目管理
HarmonyOS
45.137.20.150 - - [15/Jul/2021:09:59:29 +0800] "CONNECT icanhazip.com:443 HTTP/1.1" 405 288
175.184.166.193 - - [15/Jul/2021:10:07:58 +0800] "HEAD http://110.242.68.4/ HTTP/1.1" 200 -
220.200.171.91 - - [15/Jul/2021:10:07:59 +0800] "GET http://www.soso.com/ HTTP/1.1" 200 766
123.245.24.124 - - [15/Jul/2021:10:08:01 +0800] "CONNECT cn.bing.com:443 HTTP/1.1" 405 286
118.81.237.204 - - [15/Jul/2021:10:08:01 +0800] "GET http://www.rfa.org/english/ HTTP/1.1" 404 257
171.36.245.195 - - [15/Jul/2021:10:08:02 +0800] "GET http://www.wujieliulan.com/ HTTP/1.1" 200 766
219.143.174.183 - - [15/Jul/2021:10:08:02 +0800] "GET http://dongtaiwang.com/ HTTP/1.1" 200 766
49.113.97.236 - - [15/Jul/2021:10:08:03 +0800] "CONNECT www.baidu.com:443 HTTP/1.1" 405 288
125.72.95.254 - - [15/Jul/2021:10:08:03 +0800] "CONNECT dnspod.qcloud.com:443 HTTP/1.1" 405 292
124.227.31.167 - - [15/Jul/2021:10:08:04 +0800] "GET http://www.minghui.org/ HTTP/1.1" 200 766
221.205.139.8 - - [15/Jul/2021:10:08:05 +0800] "CONNECT dnspod.qcloud.com:443 HTTP/1.1" 405 292
124.227.31.145 - - [15/Jul/2021:10:08:05 +0800] "CONNECT www.voanews.com:443 HTTP/1.1" 405 290
117.14.114.3 - - [15/Jul/2021:10:08:05 +0800] "CONNECT dnspod.qcloud.com:443 HTTP/1.1" 405 292
113.120.15.214 - - [15/Jul/2021:10:08:05 +0800] "CONNECT www.so.com:443 HTTP/1.1" 405 285
113.128.105.60 - - [15/Jul/2021:10:08:06 +0800] "GET http://www.epochtimes.com/ HTTP/1.1" 200 766
123.160.235.32 - - [15/Jul/2021:10:08:07 +0800] "CONNECT dnspod.qcloud.com:443 HTTP/1.1" 405 292
36.5.158.228 - - [15/Jul/2021:10:08:08 +0800] "CONNECT dnspod.qcloud.com:443 HTTP/1.1" 405 292access_log日志中出现www.baidu.com:443等类似的访问请求,这些访客是想干什么?
这是要攻击我吗?
这是在探测你的站点是否开了HTTP代理功能,通过你的站点作为代理访问其他网站。
在 HTTP 协议中,CONNECT 方法可以开启一个客户端与所请求资源之间的双向沟通的通道。它可以用来创建隧道(tunnel)。
例如,CONNECT 可以用来访问采用了 SSL (HTTPS) 协议的站点。客户端要求代理服务器将 TCP 连接作为通往目的主机隧道。之后该服务器会代替客户端与目的主机建立连接。连接建立好之后,代理服务器会面向客户端发送或接收 TCP 消息流。
参考:CONNECT