SterN

Ломают или взломали...

Рекомендуемые сообщения

SterN    3

Уважаемые форумчане прошу помощи.

Не так давно появился на сайте странный возврат товара.

 

48b7761d5010e805402e7255092f6e27.jpg

 

Полез в логи хостинга, а там веселье что аж писец !

 

64.37.231.150 - - [07/Jul/2016:11:13:21 +0600] "GET /_vti_bin/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:21 +0600] "GET /_vti_bin/_vti_cnf/ HTTP/1.0" 301 468 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:22 +0600] "GET /_vti_bin/f5e446af75145da3/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:22 +0600] "GET /_vti_bin/b1028e4e29200b29/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:22 +0600] "GET /_vti_bot/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:22 +0600] "GET /_vti_cnf/_vti_cnf/ HTTP/1.0" 301 468 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:22 +0600] "GET /_vti_cnf/1148fac5ad8778e6/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:23 +0600] "GET /_vti_cnf/7aeadb8386e8f825/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:23 +0600] "GET /_vti_log/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:23 +0600] "GET /_vti_log/_vti_cnf/ HTTP/1.0" 301 468 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:23 +0600] "GET /_vti_log/9fe7335b8d2518fd/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:23 +0600] "GET /_vti_log/4220d7dc22329ff0/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:24 +0600] "GET /_vti_pvt/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:24 +0600] "GET /_vti_shm/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:24 +0600] "GET /_vti_txt/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:24 +0600] "GET /_vti_txt/_vti_cnf/ HTTP/1.0" 301 468 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:25 +0600] "GET /_vti_txt/7636e9cf4e6a470a/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:25 +0600] "GET /_vti_txt/89b9711c6272ad0e/ HTTP/1.0" 301 484 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:25 +0600] "GET /~1/ HTTP/1.0" 301 438 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:25 +0600] "GET /~admin/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:25 +0600] "GET /~log/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:26 +0600] "GET /~root/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:26 +0600] "GET /~stats/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:26 +0600] "GET /~webstats/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:26 +0600] "GET /about/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:26 +0600] "GET /access/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:27 +0600] "GET /accessplatform/ HTTP/1.0" 301 462 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:27 +0600] "GET /accesswatch/ HTTP/1.0" 301 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:27 +0600] "GET /account/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:27 +0600] "GET /accounting/ HTTP/1.0" 301 454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:28 +0600] "GET /acid/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:28 +0600] "GET /activex/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:28 +0600] "GET /adm/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:28 +0600] "GET /admcgi/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:28 +0600] "GET /admentor/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:29 +0600] "GET /Admin/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:29 +0600] "GET /admin.back/ HTTP/1.0" 301 454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:29 +0600] "GET /admin_/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:29 +0600] "GET /Admin_files/ HTTP/1.0" 301 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:29 +0600] "GET /admin-bak/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:30 +0600] "GET /Administration/ HTTP/1.0" 301 462 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:30 +0600] "GET /administrator/ HTTP/1.0" 301 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:30 +0600] "GET /admin-old/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:30 +0600] "GET /adminuser/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:31 +0600] "GET /AdminWeb/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:31 +0600] "GET /admisapi/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:31 +0600] "GET /advwebadmin/ HTTP/1.0" 301 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:31 +0600] "GET /Agent/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:31 +0600] "GET /Agents/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:32 +0600] "GET /Album/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:32 +0600] "GET /analog/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:32 +0600] "GET /anthill/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:32 +0600] "GET /apache/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:32 +0600] "GET /apex/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:33 +0600] "GET /app/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:33 +0600] "GET /applets/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:33 +0600] "GET /application/ HTTP/1.0" 301 456 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:33 +0600] "GET /applications/ HTTP/1.0" 301 458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:34 +0600] "GET /applicattion/ HTTP/1.0" 301 458 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:34 +0600] "GET /applicattions/ HTTP/1.0" 301 460 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:34 +0600] "GET /apps/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:34 +0600] "GET /archive/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:34 +0600] "GET /archives/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:35 +0600] "GET /archivo/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:35 +0600] "GET /asdf/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:35 +0600] "GET /asp/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:35 +0600] "GET /aspx/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:35 +0600] "GET /atc/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:36 +0600] "GET /auth/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:36 +0600] "GET /authadmin/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:36 +0600] "GET /b2-include/ HTTP/1.0" 301 454 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:36 +0600] "GET /back/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:37 +0600] "GET /backdoor/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:37 +0600] "GET /backend/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:37 +0600] "GET /backup/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:37 +0600] "GET /backups/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:38 +0600] "GET /bak/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:38 +0600] "GET /balancer/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:38 +0600] "GET /bank/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:38 +0600] "GET /banner/ HTTP/1.0" 301 446 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:38 +0600] "GET /banner01/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:39 +0600] "GET /banners/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:39 +0600] "GET /basilix/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:39 +0600] "GET /batch/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:39 +0600] "GET /bb-dnbd/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:40 +0600] "GET /bbv/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:40 +0600] "GET /bdata/ HTTP/1.0" 301 444 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:40 +0600] "GET /beta/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:40 +0600] "GET /billpay/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:40 +0600] "GET /bin/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:41 +0600] "GET /bmp/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:41 +0600] "GET /boadmin/ HTTP/1.0" 301 448 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:41 +0600] "GET /boot/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:41 +0600] "GET /Boutiques/ HTTP/1.0" 301 452 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:42 +0600] "GET /btauxdir/ HTTP/1.0" 301 450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:42 +0600] "GET /bug/ HTTP/1.0" 301 440 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"
64.37.231.150 - - [07/Jul/2016:11:13:42 +0600] "GET /bugs/ HTTP/1.0" 301 442 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.6; rv:16.0) Gecko/20100101 Firefox/16.0"

 

И еще много много подобного.

 

В логах апача такое 

(36)File name too long: AH00036: access to /\xc3\x90\xc5\xb8\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xb3\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb5\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xbe\xc3\x91\xe2\x82\xac\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xad\xc3\x90\xc2\xbb\xc3\x90\xc2\xb5\xc3\x90\xc2\xba\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xbd\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb5-\xc3\x91\xc2\x81\xc3\x90\xc2\xb8\xc3\x90\xc2\xb3\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb5\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xad\xc3\x90\xc2\xbb\xc3\x90\xc2\xb5\xc3\x90\xc2\xba\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xbd\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb5-\xc3\x90\xc2\xba\xc3\x90\xc2\xb0\xc3\x90\xc2\xbb\xc3\x91\xc5\x92\xc3\x91\xc2\x8f\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xb2-\xc3\x90\xc2\x90\xc3\x90\xc2\xbb\xc3\x90\xc2\xbc\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x91\xc2\x81-\xc3\x90\xc2\xb4\xc3\x90\xc2\xbe\xc3\x91\xc2\x81\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xb0\xc3\x90\xc2\xb2\xc3\x90\xc2\xba\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x90\xc2\xbf\xc3\x90\xc2\xbe-\xc3\x90\xc2\xbd\xc3\x90\xc2\xb8\xc3\x90\xc2\xb7\xc3\x90\xc2\xba\xc3\x90\xc2\xb8\xc3\x90\xc2\xbc-\xc3\x91\xe2\x80\xa0\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb0\xc3\x90\xc2\xbc/\xc3\x90\xc2\xad\xc3\x90\xc2\xbb\xc3\x90\xc2\xb5\xc3\x90\xc2\xba\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xbd\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb5-\xc3\x91\xc2\x81\xc3\x90\xc2\xb8\xc3\x90\xc2\xb3\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb5\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-Joyetech-\xc3\x90\xc2\xb2-\xc3\x90\xc2\x90\xc3\x90\xc2\xbb\xc3\x90\xc2\xbc\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xbf\xc3\x90\xc2\xbe-\xc3\x90\xc2\xbd\xc3\x90\xc2\xb8\xc3\x90\xc2\xb7\xc3\x90\xc2\xba\xc3\x90\xc2\xb8\xc3\x90\xc2\xbc-\xc3\x91\xe2\x80\xa0\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb0\xc3\x90\xc2\xbc-\xc3\x91\xc2\x81-\xc3\x90\xc2\xb4\xc3\x90\xc2\xbe\xc3\x91\xc2\x81\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xb0\xc3\x90\xc2\xb2\xc3\x90\xc2\xba\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9/eVic-VTC-\xc3\x90\xc2\xb1\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb5\xc3\x90\xc2\xb9\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb9-\xc3\x90\xc2\xbc\xc3\x90\xc2\xbe\xc3\x90\xc2\xb4-\xc3\x90\xe2\x80\x99-\xc3\x90\xc2\x90\xc3\x90\xc2\xbb\xc3\x90\xc2\xbc\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x91\xc2\x81-\xc3\x90\xe2\x80\x98\xc3\x90\xc2\xb5\xc3\x91\xc2\x81\xc3\x90\xc2\xbf\xc3\x90\xc2\xbb\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xbd\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x90\xc2\xb4\xc3\x90\xc2\xbe\xc3\x91\xc2\x81\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xb0\xc3\x90\xc2\xb2\xc3\x90\xc2\xba\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x90\xc2\xbf\xc3\x90\xc2\xbe-\xc3\x91\xc2\x81\xc3\x90\xc2\xb0\xc3\x90\xc2\xbc\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x90\xc2\xbd\xc3\x90\xc2\xb8\xc3\x90\xc2\xb7\xc3\x90\xc2\xba\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x91\xe2\x80\xa0\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb5 failed (filesystem path '/var/www/vhosts/xxx.kz/httpdocs/\xc3\x90\xc5\xb8\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xb3\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb5\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xbe\xc3\x91\xe2\x82\xac\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xad\xc3\x90\xc2\xbb\xc3\x90\xc2\xb5\xc3\x90\xc2\xba\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xbd\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb5-\xc3\x91\xc2\x81\xc3\x90\xc2\xb8\xc3\x90\xc2\xb3\xc3\x90\xc2\xb0\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xb5\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xad\xc3\x90\xc2\xbb\xc3\x90\xc2\xb5\xc3\x90\xc2\xba\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x82\xac\xc3\x90\xc2\xbe\xc3\x90\xc2\xbd\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9\xc3\x90\xc2\xb5-\xc3\x90\xc2\xba\xc3\x90\xc2\xb0\xc3\x90\xc2\xbb\xc3\x91\xc5\x92\xc3\x91\xc2\x8f\xc3\x90\xc2\xbd\xc3\x91\xe2\x80\xb9-\xc3\x90\xc2\xb2-\xc3\x90\xc2\x90\xc3\x90\xc2\xbb\xc3\x90\xc2\xbc\xc3\x90\xc2\xb0\xc3\x91\xe2\x80\x9a\xc3\x91\xe2\x80\xb9-\xc3\x91\xc2\x81-\xc3\x90\xc2\xb4\xc3\x90\xc2\xbe\xc3\x91\xc2\x81\xc3\x91\xe2\x80\x9a\xc3\x90\xc2\xb0\xc3\x90\xc2\xb2\xc3\x90\xc2\xba\xc3\x90\xc2\xbe\xc3\x90\xc2\xb9-\xc3\x90\xc2\xbf\xc3\x90\xc2\xbe-\xc3\x90\xc2\xbd\xc3\x90\xc2\xb8\xc3\x90\xc2\xb7\xc3\x90\xc2\xba\xc3\x90\xc2\xb8\xc3\x90\xc2\xbc-\xc3\x91\xe2\x80\xa0\xc3\x90\xc2\xb5\xc3\x90\xc2\xbd\xc3\x90\xc2\xb0\xc3\x90\xc2\xbc')

 

Кто может подсказать что вообще происходит, в безопасности не особо силен !

Изменено пользователем SterN

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
chukcha    926

А почему у вас отдается 301 редирект?

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
SterN    3

А почему у вас отдается 301 редирект?

переадресация на https возможно

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
MorVit    5

По логам вроде взлома не видно, только скан каталогов на предмет стандартных скриптов админок

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
SterN    3

По логам вроде взлома не видно, только скан каталогов на предмет стандартных скриптов админок

Там логов за 2 дня ну примерно строк 3000.. 

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
Ketty83    14

такая же ситуация.. все поля заполнены точно также до буковки, только Имя и Фамилия другие..

что бы это могло быть?

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
chukcha    926

если у вас не планируются возвраты через сайт

То.. удалите контроллер return,

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты
MSP    3

В интернете много разных сервисов и ботов которые сканируют сайты на предмет уязвимостей, определения CMS для спама и т.п. Так же легко можно создать бота который будет делать автоматические заказы и подставлять данные покупателя из какой-то базы чтобы они выглядели реальными.

Поделиться сообщением


Ссылка на сообщение
Поделиться на другие сайты

Для публикации сообщений создайте учётную запись или авторизуйтесь

Вы должны быть пользователем, чтобы оставить комментарий

Создать учетную запись

Зарегистрируйте новую учётную запись в нашем сообществе. Это очень просто!

Регистрация нового пользователя

Войти

Уже есть аккаунт? Войти в систему.

Войти


  • Последние посетители   0 пользователей онлайн

    Ни одного зарегистрированного пользователя не просматривает данную страницу