[Abuse]: Cara cari suspected account

Discussion in 'Dedicated Server dan Colocation' started by Bestariweb Studio, 1 Dec 2015.

Thread Status:
Not open for further replies.
  1. Bestariweb Studio

    Bestariweb Studio Apprentice 1.0

    Messages:
    252
    Likes Received:
    13
    Trophy Points:
    18
    Pagi Master,
    Mau tanya.. kmaren sy dapet email spt ini dari datacenter.. :

    ****
    Greetings,

    We have detected abuse from the IP address 213.202.xxx.xxx, which according to a whois lookup is on your network.
    It seams to be trying to find known vulnerabilities in our server [213.138.116.8].
    We would appreciate if you would investigate and take action as appropriate.
    Log lines are given below, but please ask if you require any further information.

    213.202.xxx.xxx - - [29/Nov/2015:14:05:39 +0000] "GET /index.php?gf_page=upload HTTP/1.1" 200 139970 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" 0
    213.202.xxx.xxx - - [29/Nov/2015:14:05:40 +0000] "GET /index.php?option=com_adsmanager&task=upload&tmpl=component HTTP/1.1" 404 2022 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" 0
    213.202.xxx.xxx - - [29/Nov/2015:14:05:40 +0000] "GET /wp-content/themes/u-design/scripts/admin/uploadify/uploadify.css HTTP/1.1" 404 430 "-" "Mozilla/5.0 (compatible; MSIE 9.0; Windows NT 6.0; Trident/5.0)" 0

    If you are not the correct person to contact about this please accept our apologies. Your e-mail address was extracted from the whois record by an automated process.


    This mail was generated by Fail2Ban.
    ****

    cara nyari suspect domain gmn ya? kebetulan CSF saat kejadian lagi non aktif

    Terimakasih
     
Loading...
Thread Status:
Not open for further replies.

Share This Page

Loading...