Jump to content
fskadi

Bine v-am gasit, xampp server apache

By fskadi, in Securitate web

Recommended Posts

fskadi Newbie

fskadi

Posted
Posted

Buna seara, am facut un download url pentru serverul meu de cs 1.6 in xampp si tot se inchidea pc-ul neasteptat, am gasit astea in log-uri, am verificat ip-urile si sunt de prin china

 

185.224.128.55 - - [20/Feb/2024:15:11:04 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 109.205.213.198 - - [20/Feb/2024:15:12:46 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46" 89.190.156.150 - - [20/Feb/2024:15:52:25 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 403 301 "http://5.13.115.181:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0" 82.64.166.135 - - [20/Feb/2024:16:05:52 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 69.164.217.245 - - [20/Feb/2024:16:15:29 +0200] "GET / HTTP/1.0" 400 468 45.33.80.243 - - [20/Feb/2024:16:16:39 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:17 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:18 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:19 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:20 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:21 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:22 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:24 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:25 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:26 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:28 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:29 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:30 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:31 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 82.57.141.189 - - [20/Feb/2024:16:36:32 +0200] "GET / HTTP/1.0" 403 301 "-" "-" 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:32 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:33 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:35 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:36 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:37 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:38 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:39 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:36:41 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:42 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:43 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:44 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:45 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:47 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:48 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:36:49 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:50 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /vF4l HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:51 +0200] "GET /bNfF HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:52 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:53 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:36:54 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:36:55 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:57 +0200] "POST /categories/Yud HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:58 +0200] "POST /wp-content/themes/twentytwentyone/inc/block-css.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:36:59 +0200] "POST /QKBFJBVZsPKeqFS/HAchGeCttVyEtqZ.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:00 +0200] "POST /nation.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:01 +0200] "GET /search/s.php?i=1&id=APOX8NWOV42320 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:02 +0200] "POST / HTTP/1.1" 302 - 43.129.97.125 - - [20/Feb/2024:16:37:03 +0200] "GET /dashboard/ HTTP/1.1" 200 5187 43.129.97.125 - - [20/Feb/2024:16:37:04 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:05 +0200] "GET /is-bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:07 +0200] "GET /news.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /8.bin HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:08 +0200] "GET /hrsgdsb7386wknzms.jpg HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /UnityPlayer.dll HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /ttd.exe HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:09 +0200] "GET /qd.CHM HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:10 +0200] "GET /zMLUH93A HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:12 +0200] "GET /Display/chan/IB61I7MYA HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:13 +0200] "GET /jquery-3.3.1.min.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:14 +0200] "GET /Gmail/UnityPlayer.txt HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:15 +0200] "GET /new/login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:16 +0200] "GET /viwwwsogou?op=8&query=%E7%A8%8F%E5%BB%BA%09%E9%BE%90%E1%B7%A2 HTTP/1.1" 404 300 43.129.97.125 - - [20/Feb/2024:16:37:17 +0200] "GET /e3e7e71a0b28b5e96cc492e636722f73/4sVKAOvu3D/BDyot0NxyG.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:19 +0200] "GET /jquery.js HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:20 +0200] "GET /wh/glass.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:21 +0200] "GET /login HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:22 +0200] "POST /nvidia_license_upd.php HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:23 +0200] "POST /session HTTP/1.1" 400 384 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:25 +0200] "GET /c/msdownload/update/software/update/2021/11/6632de33-967441-x86.cab HTTP/1.1" 404 305 43.129.97.125 - - [20/Feb/2024:16:37:26 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:27 +0200] "GET /fw6I HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /nPi5 HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:28 +0200] "GET /86ww HTTP/1.1" 404 299 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 43.129.97.125 - - [20/Feb/2024:16:37:29 +0200] "GET /Visu/ens/events HTTP/1.1" 404 304 45.79.168.172 - - [20/Feb/2024:17:09:09 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 zgrab/0.x" 172.105.128.12 - - [20/Feb/2024:17:09:17 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 13_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36" 185.224.128.55 - - [20/Feb/2024:17:18:37 +0200] "GET / HTTP/1.1" 403 301 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46"

 

Momentan imi este inchis pc-ul de tot, aveti idee ce s-a incercat? mentionez ca nu este securitate deloc setata de mine inafara de faptul ca fisierele cstrike sunt setate sa nu poate fi modificate ci doar descarcate.

OS W10 64bit cu update-urile aproape la zi,antivirus avast, fara firewall pe router, firewall din windows

Este posibil sa imi fie inchis pc-ul asa la misto? mi-e cam greu sa cred ca ar face asta o persoana din china, dupa mintea mea l-ar vrea deschis sa-si faca mersu

Multumesc

Link to comment
Share on other sites

Join the conversation

You can post now and register later. If you have an account, sign in now to post with your account.

Guest
Reply to this topic...

×   Pasted as rich text.   Paste as plain text instead

  Only 75 emoji are allowed.

×   Your link has been automatically embedded.   Display as a link instead

×   Your previous content has been restored.   Clear editor

×   You cannot paste images directly. Upload or insert images from URL.

×
Go to topic listing
×
×
  • Create New...