is my server under attach?

Question

I am using DO loadbalancer and behind it there are 4 droplets running apache 2. I have recently notice some strange logs in my apache2 showing requests for different domains. What is wrong here and how can i fix it.Thanks in advance for your help. 10.139.8.229 - - [02/May/2018:00:00:02 +0000] "POST http://statistics.meipai.com/statistics/play_video.json HTTP/1.1" 200 15 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "POST http://iptvliving.com:8000/client_area/ HTTP/1.1" 200 1375 10.139.8.229 - - [01/May/2018:23:59:56 +0000] "CONNECT api.weibo.com:443 HTTP/1.0" 200 - 10.139.8.229 - - [01/May/2018:23:59:47 +0000] "CONNECT www.instagram.com:443 HTTP/1.0" 200 - 10.139.8.229 - - [02/May/2018:00:00:01 +0000] "GET http://www.google.ru/search?as_qdr=all&complete=1&num=100&hl=ru&nord=1&as_q=%D0%BA%D1%83%D0%BF%D0%B8%D1%82%D1%8C+%D1%8F%D1%85%D1%82%D1%83+%D1%8D%D0%BC%D0%B8%D1%80%D0%B0%D1%82%D1%8B&sa=N HTTP/1.1" 200 2148 10.139.8.229 - - [01/May/2018:23:59:59 +0000] "CONNECT www.victoriassecret.com:443 HTTP/1.0" 200 - 10.139.8.229 - - [02/May/2018:00:00:02 +0000] "GET http://www.cq9995.com/index.php?c=home HTTP/1.1" 200 552 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://www.tfent.cn/Register HTTP/1.1" 405 4104 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://music.163.com/api/v1/resource/comments/R_SO_4_2876048?limit=5&offset=0 HTTP/1.1" 200 902 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://kuaibao.qq.com/getMediaCardInfo?chlid=5721752 HTTP/1.1" 200 470 10.139.8.229 - - [02/May/2018:00:00:02 +0000] "POST http://hb-api.longzhu.com/user/collect?roomId=2126122&version=4.6.4&device=4&packageId=1&utm_sr=chanel_12 HTTP/1.1" 587 3 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "POST http://iptvliving.com:8000/client_area/ HTTP/1.1" 200 1375 10.139.8.229 - - [02/May/2018:00:00:02 +0000] "GET http://www.cq9995.com/index.php?c=home HTTP/1.1" 200 549 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "POST http://goldvod.tv/login.html HTTP/1.1" 301 4899 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "POST http://hb-api.longzhu.com/user/collect?roomId=2314818&version=4.6.4&device=4&packageId=1&utm_sr=chanel_12 HTTP/1.1" 200 12 10.139.8.229 - - [02/May/2018:00:00:01 +0000] "CONNECT bar-navig.yandex.ru:443 HTTP/1.0" 200 - 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://map.baidu.com/?qt=ugcPhotos&poiId=b6519a701e7d049526d2bb6d&type=life&pageCount=30&t=1525219202529 HTTP/1.1" 200 74 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://open-webstore.com/201[2-8]{1}/0[1-9]{1}/ HTTP/1.1" 200 1340 10.139.8.229 - - [01/May/2018:23:59:58 +0000] "CONNECT web.immomo.com:443 HTTP/1.0" 200 - 10.139.8.229 - - [02/May/2018:00:00:01 +0000] "CONNECT bar-navig.yandex.ru:443 HTTP/1.0" 200 - 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "GET http://api.steampowered.com/ISteamUser/GetPlayerSummaries/v2/?key=C03B3C09F6AEAF4969A0EE747B895321&steamids=76561198055637017 HTTP/1.1" 200 367 10.139.8.229 - - [02/May/2018:00:00:03 +0000] "POST http://iptvliving.com:8000/client_area/ HTTP/1.1" 200 1375

Ryan Quinn · Answer

Yes, in that this is likely the result of a bot scanning for open web proxy servers that can be used to request remote sites.

This page includes some additional details on this type of request as well as how you can test how your server responds.

Try DigitalOcean for free

Related Questions

Question

is my server under attach?

Want to learn more? Join the DigitalOcean Community!

Try DigitalOcean for free

Popular Topics

Questions

Events

Get involved