Portal Home > Knowledgebase > Articles Database > How to trace the nobody spam mail sent from my sevrer?
How to trace the nobody spam mail sent from my sevrer?
Posted by 0218, 12-10-2008, 10:54 AM |
How to trace the nobody spam mail sent from my sevrer?
Hi All,
I fond near to 15k spam mail sent from m server and bounced back.
All mails is sent by nobody. May I know how can I trave the mail is sent from which domain user? (I am using whm/cpanel)
The mail header i found from WHM is below:
1LALNN-0008PJ-7t-H
nobody 99 99
1228901341 0
-ident nobody
-received_protocol local
-body_linecount 174
-max_received_linelength 318
-auth_id nobody
-auth_sender nobody@srv6. ***********
-allow_unqualified_recipient
-allow_unqualified_sender
-local
XX
1ima_val@infonegocio.net.pe
192P Received: from nobody by srv6. *********** with local (Exim 4.69)
(envelope-from )
id 1LALNN-0008PJ-7t
for ima_val@infonegocio.net.pe; Wed, 10 Dec 2008 17:29:01 +0800
031T To: ima_val@infonegocio.net.pe
075 Subject: Los Peruanos son los más feos de Latinoamérica y le siguen los...
018 MIME-Version: 1.0
044 Content-type: text/html; charset=iso-8859-1
056F From: Yahoo! Respuestas - Encuesta 2008
048I Message-Id:
038 Date: Wed, 10 Dec 2008 17:29:01 +0800
|
Posted by ub3r, 12-10-2008, 10:56 AM |
I would usually grep the timestamp from when the mail entered the local email queue against apache's domain logs.
|
Posted by 0218, 12-10-2008, 11:08 AM |
Quote:
Originally Posted by ub3r
I would usually grep the timestamp from when the mail entered the local email queue against apache's domain logs.
Hi,
Thank you for your prompt reply. May I know what is the SSH command to grep the mail?
Thank you.
|
Posted by ub3r, 12-10-2008, 11:11 AM |
try this
Code:
find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST"
|
Posted by 0218, 12-10-2008, 11:26 AM |
Quote:
Originally Posted by ub3r
try this
Code:
find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST"
No luck. Can't find the related record. The result as below:
root@srv6 [~]# find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST"
/usr/local/apache/domlogs/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/eswebmy/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/mvstreet/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
root@srv6 [~]#
root@srv6 [~]# find /usr/local/apache/domlogs -exec grep -Hi "10/Dec/2008:17:2" {} \; | grep "POST" | more
/usr/local/apache/domlogs/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 142928 "ht
tp://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "htt
p://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "htt
p://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)"
/usr/local/apache/domlogs/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 302 - "h
ttp://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/u
ser_album_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php"
"Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "M
ozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.
com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.yoout
h.com/user_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mo
zilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co
m/user_friends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co
m/user_friends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.
com/user_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.co
m/user_friends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-namec/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php"
"Mozilla/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/eswebmy/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5
.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/native
radio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativer
adio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/native
radio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativer
adio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nati
veradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.org/nativer
adio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org/nativera
dio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:27:20 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name.org/nati
veradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/esweb.my:118.101.171.198 - - [10/Dec/2008:17:24:34 +0800] "POST /syscms/link/vipasana/index.php?page=productlist MSIE 6.0; Windows NT 5.1; SV1)
"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.75.247 - - [10/Dec/2008:17:26:20 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 3
02 - "http://kyels.com/wordpress/?p=320" "Opera/9.00 (Windows NT 5.1; U; ru)"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.8.74.155 - - [10/Dec/2008:17:28:18 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0" 3
02 - "http://kyels.com/wordpress/?p=300" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; Win64; AMD64)"
/usr/local/apache/domlogs/vickyels/kyels.client-domain-name.com:194.165.42.119 - - [10/Dec/2008:17:28:50 +0800] "POST /wordpress/wp-comments-post.php HTTP/1.0"
302 - "http://kyels.com/wordpress/?p=320" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; Q312461)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:20:19 +0800] "POST /user_album_add.php HTTP/1.1" 302 - "http://www.client-domain-name.com/user_albu
m_add.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:22:56 +0800] "POST /login.php HTTP/1.1" 200 6607 "http://client-domain-name.com/home.php" "Mozilla
/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:23:04 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/login.php" "Mozilla/4
.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:22:33 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user
_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:03 +0800] "POST /user_album_update.php HTTP/1.1" 200 10516 "http://www.client-domain-name.com/us
er_album_update.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:08 +0800] "POST /login.php HTTP/1.1" 302 - "http://client-domain-name.com/home.php" "Mozilla/4.
0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:27 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f
riends_confirm.php?user=Mango%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:39 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f
riends_confirm.php?user=L00s3r%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:60.50.41.189 - - [10/Dec/2008:17:24:19 +0800] "POST /user_album_upload.php HTTP/1.1" 200 193 "http://www.client-domain-name.com/user
_album_upload.php?album_id=373" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/client-domain-name.com:60.50.136.129 - - [10/Dec/2008:17:24:50 +0800] "POST /user_friends_confirm.php HTTP/1.1" 302 - "http://client-domain-name.com/user_f
riends_confirm.php?user=Aizen%26task=confirm" "Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1; SV1)"
/usr/local/apache/domlogs/client-domain-name.com:211.25.207.6 - - [10/Dec/2008:17:28:51 +0800] "POST /login.php HTTP/1.1" 302 - "http://www.client-domain-name.com/home.php" "Mozilla
/5.0 (Windows; U; Windows NT 6.0; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/mvstreet/client-domain-name.com:190.42.82.209 - - [10/Dec/2008:17:28:58 +0800] "POST /phpform/use//phpforms/files/error.php HTTP/1.1" 200 1
42928 "http://www.client-domain-name.com/phpform/use//phpforms/files/error.php" "Mozilla/5.0 (Windows; U; Windows NT 5.1; es-ES; rv:1.9.0.4) Gecko/2008102920 Firefox
/3.0.4"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:28 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.o
rg/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:124.13.142.55 - - [10/Dec/2008:17:23:31 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.or
g/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.1) Gecko/2008070208 Firefox/3.0.1"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:35 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.o
rg/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:36 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.or
g/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:91.104.76.238 - - [10/Dec/2008:17:26:39 +0800] "POST /streamtitle.php HTTP/1.1" 200 51 "http://client-domain-name
.org/nativeradio.swf" "Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; savastore.com; .NET CLR 1.1.4322; .NET CLR 2.0.50727)"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radioinfo.php HTTP/1.1" 200 38 "http://client-domain-name.or
g/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/ipoyonet/client-domain-name.org:60.51.44.190 - - [10/Dec/2008:17:26:50 +0800] "POST /radiolist.php HTTP/1.1" 404 - "http://client-domain-name.org
/nativeradio.swf" "Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.0.4) Gecko/2008102920 Firefox/3.0.4"
/usr/local/apache/domlogs/ipoyonet/clie
|
Add to Favourites Print this Article
Also Read
urgent help (Views: 972)