User Registration
Customer Login

Knowledgebase

Portal Home > Knowledgebase > Articles Database > How to trace the nobody spam mail sent from my sevrer?


How to trace the nobody spam mail sent from my sevrer?




Posted by 0218, 12-10-2008, 10:54 AM
How to trace the nobody spam mail sent from my sevrer? Hi All, I fond near to 15k spam mail sent from m server and bounced back. All mails is sent by nobody. May I know how can I trave the mail is sent from which domain user? (I am using whm/cpanel) The mail header i found from WHM is below: 1LALNN-0008PJ-7t-H nobody 99 99 1228901341 0 -ident nobody -received_protocol local -body_linecount 174 -max_received_linelength 318 -auth_id nobody -auth_sender nobody@srv6. *********** -allow_unqualified_recipient -allow_unqualified_sender -local XX 1ima_val@infonegocio.net.pe 192P Received: from nobody by srv6. *********** with local (Exim 4.69) (envelope-from ) id 1LALNN-0008PJ-7t for ima_val@infonegocio.net.pe; Wed, 10 Dec 2008 17:29:01 +0800 031T To: ima_val@infonegocio.net.pe 075 Subject: Los Peruanos son los más feos de Latinoamérica y le siguen los... 018 MIME-Version: 1.0 044 Content-type: text/html; charset=iso-8859-1 056F From: Yahoo! Respuestas - Encuesta 2008 048I Message-Id: 038 Date: Wed, 10 Dec 2008 17:29:01 +0800
Posted by ub3r, 12-10-2008, 10:56 AM
I would usually grep the timestamp from when the mail entered the local email queue against apache's domain logs.
Posted by 0218, 12-10-2008, 11:08 AM
Quote: Originally Posted by ub3r I would usually grep the timestamp from when the mail entered the local email queue against apache's domain logs. Hi, Thank you for your prompt reply. May I know what is the SSH command to grep the mail? Thank you.
Posted by ub3r, 12-10-2008, 11:11 AM
try this Code: find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST"
Posted by 0218, 12-10-2008, 11:26 AM
Quote: Originally Posted by ub3r try this Code: find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST" No luck. Can't find the related record. The result as below: root@srv6 [~]# find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST" /usr/local/apache/domlogs/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/eswebmy/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)" /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)" /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/mvstreet/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" root@srv6 [~]# root@srv6 [~]# find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST" | more /usr/local/apache/domlogs/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "ht tp://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "htt p://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "htt p://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)" /usr/local/apache/domlogs/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "h ttp://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/u ser_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "M ozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name. com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.yoout h.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mo zilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co m/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co m/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name. com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co m/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/eswebmy/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5 .1; SV1)" /usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/native radio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativer adio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/native radio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativer adio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nati veradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativer adio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativera dio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nati veradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1) " /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 3 02 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)" /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 3 02 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)" /usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_albu m_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla /4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4 .0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user _album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/us er_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4. 0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f riends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f riends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user _album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f riends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)" /usr/local/apache/domlogs/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla /5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/mvstreet/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 1 42928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox /3.0.4" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.o rg/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.or g/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.o rg/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.or g/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name .org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.or g/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org /nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4" /usr/local/apache/domlogs/ipoyonet/clie


Was this answer helpful?

Add to Favourites Add to Favourites    Print this Article Print this Article

Also Read
urgent help (Views: 972)
Pure-FTPd malware scanner (Views: 695)
Fusion-Hosts Shuts Down (Views: 708)
Delete a Specific Sub String (Views: 836)
Versehost down again... (Views: 609)

Language:

Our Services

Client Menu

Legal

+1 512-782-9732

Find any answers
you need...



  • PCI Secure
  • Verefied by VISA
  • MasterCard SecureCode

    • Terms of Service | Privacy Policy | FAQs | Affiliates | Email
    Copyright © 2015 BraginHos / CHS Gateway inc. - All Rights Reserved.
    Our address: CHS GATEWAY INC c/o Regus Offices, 2598 E. Sunrise Blvd Ste 2104, Fort Lauderdale, Florida 33304, contact phone number: (+1) 512-782-9732, email: support@chsgatewayinc.com