个人博客自 2021 年 5 月底开始,一直有 OPPO A33 的访问记录,访问内容也极其不堪入目。他通常通过博客的搜索接口 /search?kw=
来搜索各种 不堪入目 的关键词,大多为 yue 泡 相关。
我觉得这位神秘访客,非常有意思,所以发到 V 站一起聊着,就是玩儿。也不知道有 V 友同样遇到这类问题没有?
个人猜测目的为:通过不停请求各种奇葩关键词,以便达到被搜索引擎收录。这样有 yue 泡 需求的人,可以非常方便地通过百度搜索到联系方式。由于其搜索结果嫁接在其他网站上,以至于他自己的网站不会被查封。由于遍布非常广泛,也不至于广告一时间被清理掉。
有兴趣的 V 友可以通过 urldecode 方式解码内容,即可知道有多不堪入目
0.000 - IP:124.71.91.20 - RealIP:171.109.217.136(171.109.217.136, 222.217.95.84) - [03/Jul/2021:01:26:35 +0800] GET /search?kw=%E6%88%90%E9%83%BD%E9%9D%92%E7%BE%8A%E5%8C%BA%E5%A6%B9%E5%AD%90%E6%A1%91%E6%8B%BF116.93.371VX%E5%9C%BA%E8%82%89 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.3 - RealIP:171.109.216.180(171.109.216.180, 113.17.168.3) - [03/Jul/2021:01:26:36 +0800] GET /search?kw=%E5%A8%84%E5%BA%95%E5%A8%84%E6%98%9F%E5%8C%BA%E5%A4%A7%E5%AD%A6%E7%94%9F%E5%8F%91%E5%BB%8A769%E2%92%901%E2%92%9023VX%E5%8E%8B%E9%82%A3 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.3 - RealIP:171.109.216.180(171.109.216.180, 113.17.168.3) - [03/Jul/2021:01:26:36 +0800] GET /search?kw=%E5%A8%84%E5%BA%95%E5%A8%84%E6%98%9F%E5%8C%BA%E5%A4%A7%E5%AD%A6%E7%94%9F%E5%8F%91%E5%BB%8A769%E2%92%901%E2%92%9023VX%E5%8E%8B%E9%82%A3 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.72 - RealIP:171.111.63.55(171.111.63.55, 113.17.168.48) - [03/Jul/2021:01:26:39 +0800] GET /search?kw=%E6%94%80%E6%9E%9D%E8%8A%B1%E4%B8%9C%E5%8C%BA%E6%B4%97%E6%B5%B4%E5%A6%B9%E5%AD%9063%E2%92%907%E2%92%8E539VX%E7%83%A7%E8%B5%B7 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.72 - RealIP:116.9.31.107(116.9.31.107, 222.217.95.72) - [03/Jul/2021:01:26:39 +0800] GET /search?kw=%E5%92%8C%E7%94%B0%E5%A4%A7%E5%AD%A6%E7%94%9F%E5%8C%85%E5%A4%9C7135%E2%92%901%E2%92%8F9%E8%96%87%E6%9D%82%E4%B8%80 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.72 - RealIP:171.111.63.55(171.111.63.55, 113.17.168.48) - [03/Jul/2021:01:26:39 +0800] GET /search?kw=%E6%94%80%E6%9E%9D%E8%8A%B1%E4%B8%9C%E5%8C%BA%E6%B4%97%E6%B5%B4%E5%A6%B9%E5%AD%9063%E2%92%907%E2%92%8E539VX%E7%83%A7%E8%B5%B7 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.72 - RealIP:116.9.31.107(116.9.31.107, 222.217.95.72) - [03/Jul/2021:01:26:39 +0800] GET /search?kw=%E5%92%8C%E7%94%B0%E5%A4%A7%E5%AD%A6%E7%94%9F%E5%8C%85%E5%A4%9C7135%E2%92%901%E2%92%8F9%E8%96%87%E6%9D%82%E4%B8%80 HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.93 - RealIP:171.109.218.9(171.109.218.9, 113.17.168.24) - [03/Jul/2021:01:26:44 +0800] GET /search?kw=%E9%9D%92%E5%B2%9B%E5%B4%82%E5%B1%B1%E5%8C%BA%E5%A6%B9%E5%AD%90%E6%97%A5%E5%BC%8F6%E2%92%8A787939VX%E5%9D%A0%E8%BF%9B HTTP/1.1 - 444 - Mozilla/5.0(Linux;U;Android 5.1.1;zh-CN;OPPO A33 Build/LMY47V) AppleWebKit/537.36(KHTML,like Gecko) Version/4.0 Chrome/40.0.2214.89 UCBrowser/11.7.0.953 Mobile Safari/537.36
0.000 - IP:124.71.91.93 - RealIP:171.109.218.9(171.109.218.9, 113.17.168.24) - [03/Jul/2021:01:26:44 +0800] GET /search?kw=%E9%9D%92%E5%B2%9B%E5%B4%82%E5%B1%B1%E5%8C%BA%E5%A6%B9%E5%AD%90%E6%97%A5%E5%BC%8F6%E2%92%8A787939VX%E5%9D%A0%E8%BF%9B HTTP/1.1 - 444 - Mozilla/5.0(Linux;U;Android 5.1.1;zh-CN;OPPO A33 Build/LMY47V) AppleWebKit/537.36(KHTML,like Gecko) Version/4.0 Chrome/40.0.2214.89 UCBrowser/11.7.0.953 Mobile Safari/537.36
0.000 - IP:124.71.91.66 - RealIP:171.111.62.99(171.111.62.99, 113.17.168.9) - [03/Jul/2021:01:26:47 +0800] GET /search?kw=%E4%B9%A0%E6%B0%B4%E5%8E%BF%E7%81%AB%E8%BD%A6%E7%AB%99%E5%A6%B9%E5%AD%90%286397.7539VX%29%E6%81%AC%E6%81%AC%E5%A6%B9%E5%AD%90...rcc.htm HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
0.000 - IP:124.71.91.66 - RealIP:171.111.62.99(171.111.62.99, 113.17.168.9) - [03/Jul/2021:01:26:47 +0800] GET /search?kw=%E4%B9%A0%E6%B0%B4%E5%8E%BF%E7%81%AB%E8%BD%A6%E7%AB%99%E5%A6%B9%E5%AD%90%286397.7539VX%29%E6%81%AC%E6%81%AC%E5%A6%B9%E5%AD%90...rcc.htm HTTP/1.1 - 444 - Mozilla/5.0(Linux;Android 5.1.1;OPPO A33 Build/LMY47V;wv) AppleWebKit/537.36(KHTML,link Gecko) Version/4.0 Chrome/43.0.2357.121 Mobile Safari/537.36 LieBaoFast/4.51.3
C 类地址 | 拦截次数 |
---|---|
171.109.216.0/24 | 184473 |
171.109.218.0/24 | 145898 |
49.74.3.0/24 | 88310 |
171.109.217.0/24 | 86588 |
49.82.87.0/24 | 84098 |
49.74.23.0/24 | 83748 |
49.82.145.0/24 | 78688 |
49.74.2.0/24 | 76928 |
171.109.219.0/24 | 63766 |
116.9.31.0/24 | 57480 |
49.82.162.0/24 | 56462 |
117.60.201.0/24 | 52070 |
117.60.203.0/24 | 51932 |
117.60.200.0/24 | 48514 |
117.60.202.0/24 | 48034 |
171.111.62.0/24 | 44892 |
171.111.63.0/24 | 40282 |
49.87.53.0/24 | 39208 |
49.89.163.0/24 | 38776 |
49.89.167.0/24 | 37322 |
49.89.162.0/24 | 36384 |
49.89.165.0/24 | 36302 |
49.89.161.0/24 | 35862 |
49.89.160.0/24 | 35790 |
49.89.164.0/24 | 34274 |
49.89.166.0/24 | 33730 |
117.95.181.0/24 | 33662 |
49.87.32.0/24 | 33216 |
117.95.166.0/24 | 32436 |
117.95.182.0/24 | 31426 |
117.95.165.0/24 | 31304 |
117.95.167.0/24 | 30888 |
49.87.13.0/24 | 30536 |
121.226.150.0/24 | 30414 |
121.226.151.0/24 | 30160 |
117.95.180.0/24 | 29962 |
121.226.148.0/24 | 29902 |
117.95.164.0/24 | 29688 |
117.95.183.0/24 | 29658 |
116.9.34.0/24 | 27352 |
121.226.149.0/24 | 26936 |
114.239.56.0/24 | 26858 |
114.239.59.0/24 | 25016 |
114.239.57.0/24 | 24924 |
114.239.63.0/24 | 24876 |
114.239.58.0/24 | 24204 |
114.239.62.0/24 | 23814 |
106.110.207.0/24 | 23436 |
114.239.60.0/24 | 23172 |
114.239.61.0/24 | 21650 |
49.87.17.0/24 | 17900 |
180.139.242.0/24 | 15612 |
121.234.248.0/24 | 15034 |
121.234.251.0/24 | 14760 |
121.234.249.0/24 | 14582 |
121.234.250.0/24 | 14222 |
106.110.208.0/24 | 14218 |
106.125.148.0/24 | 7024 |
106.111.133.0/24 | 6178 |
49.89.149.0/24 | 1888 |
106.125.149.0/24 | 1780 |
121.226.128.0/24 | 1734 |
1.181.138.0/24 | 1400 |
114.239.129.0/24 | 972 |
1.181.137.0/24 | 748 |
1.181.136.0/24 | 662 |
106.125.150.0/24 | 530 |
1.181.139.0/24 | 152 |
36.102.12.0/24 | 80 |
1
dfc643 OP 附加一份完整的 IP 列表: https://isu.fcsys.eu.org/oppo-a33-ip.7z
|
2
Xusually 2021-07-05 22:11:05 +08:00
垃圾 SEO 你看看日志里的 Referer 字段更有意思,这些垃圾灰产把自己平台地址都放进去了
|
3
marktask 2021-07-06 08:33:52 +08:00 via Android
这个不是什么访客,只是爬虫,直接屏蔽 ua 就行。
|
4
xiaoqiao24 2021-07-06 09:28:36 +08:00
就是爬虫而已,ip 使用了代理池,ua 可能没弄那么多,所以被你发现了,否则几百个 ua 随机切换,就没那么显眼了
|
5
ho121 2021-07-06 12:24:39 +08:00 via Android
盲猜是广告
|
6
yaocai321 2021-07-06 14:36:57 +08:00
很多年前遇到过.
|
8
dfc643 OP @xiaoqiao24 IP 大多是家宽地址池,不好屏蔽 IP,只能屏蔽 UA,还好就用了 OPPO A33
|
13
Xusually 2021-07-06 21:27:16 +08:00 1
@dfc643 哈哈 好吧 ,很意外啊,UA 都不改的就封 UA 吧。。能看到 Referer 的话就很有意思了,可以收集一堆垃圾 SEO 、站群、灰产的网站地址。
|
15
yashika 2021-08-05 11:56:06 +08:00
这个人也遇到和你一样的问题了, 我看他就是封 User-Agent, 后来不妥当就直接封代理池 IP 了
https://blog.csdn.net/kkun/article/details/119191695 |
16
yashika 2022-01-02 17:09:51 +08:00
通过持续 3 个月观察, 最近 A33 的客户端变成三星的 SM-G900P Build/LRX21T 了
|