What can be said from this log?

L

lukoie2017-05-01 15:59:04

Apache HTTP Server

lukoie, 2017-05-01 15:59:04

In ISPManager, the log shows this flow for the last minutes.
What does it mean? Is someone picking up? Or how to evaluate these urls in the logs?
There the answer is 200. That is, the answer is received.
But there are no such directories on the server that are specified in the request URLs.

68.180.228.159 - - [01/May/2017:14:54:47 +0200] "GET /415/gtntje/reksup/827/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 190973 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:48 +0200] "GET /415/gtntje/reksup/827/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 191090 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:51 +0200] "GET /2556/gtntje/reksup/832/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 190823 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:51 +0200] "GET /2556/gtntje/reksup/832/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 191043 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:53 +0200] "GET /index.php/ure/promise/11798. HTTP/1.0" 200 190983 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:54 +0200] "GET /index.php/ure/promise/11798. HTTP/1.1" 200 191100 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:53 +0200] "GET /9876/gtntje/reksup/834/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 192110 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:54 +0200] "GET /9876/gtntje/reksup/834/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 192227 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:54 +0200] "GET /9367/gtntje/reksup/837/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 191056 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:54 +0200] "GET /9367/gtntje/reksup/837/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 191173 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:55 +0200] "GET /index.php/35/15232/disembark+bark/ HTTP/1.0" 200 191204 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:54:55 +0200] "GET /index.php/35/15232/disembark+bark/ HTTP/1.1" 200 191313 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:01 +0200] "GET /15938/gtntje/reksup/826/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 190895 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:02 +0200] "GET /15938/gtntje/reksup/826/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 191012 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:02 +0200] "GET /18082/gtntje/reksup/829/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 191252 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:03 +0200] "GET /18082/gtntje/reksup/829/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 191369 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:10 +0200] "GET /index.php/osse/teenager/0.=VBtL HTTP/1.0" 200 190660 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:11 +0200] "GET /index.php/osse/teenager/0.=VBtL HTTP/1.1" 200 190769 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
185.112.248.183 - - [01/May/2017:14:55:28 +0200] "GET /customizer.php HTTP/1.0" 200 145254 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko"
185.112.248.183 - - [01/May/2017:14:55:28 +0200] "GET /customizer.php HTTP/1.1" 200 145395 "-" "Mozilla/5.0 (Windows NT 6.3; WOW64; Trident/7.0; rv:11.0) like Gecko"
68.180.228.159 - - [01/May/2017:14:55:30 +0200] "GET /15964/gtntje/reksup/829/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.0" 200 190698 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:31 +0200] "GET /15964/gtntje/reksup/829/vggvp_mmkwsq_hwjns_xkmpngf_kf HTTP/1.1" 200 190918 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:32 +0200] "GET /index.php/dBeer/saw-Ca/3324/ HTTP/1.0" 200 190070 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"
68.180.228.159 - - [01/May/2017:14:55:33 +0200] "GET /index.php/dBeer/saw-Ca/3324/ HTTP/1.1" 200 190187 "-" "Mozilla/5.0 (compatible; Yahoo! Slurp; http://help.yahoo.com/help/us/ysearch/slurp)"

Reply

Answer the question

In order to leave comments, you need to log in

3 answer(s)

T

Tsiren Naimanov, 2017-05-01
@ImmortalCAT

That all requests were successful??? is not it?
everywhere 200 code

S

sim3x, 2017-05-01
@sim3x

With a high probability you have been hacked and used as a hosting for an adult or something worse
Request for a non-existent url should return
40x
30x
50x
not 200

D

dummyman, 2017-05-02
@dummyman

200 response returns index.php

spoiler

Скрипт тупым перебором ищет знакомые уязвимые скрипты/плагины.
Еще пока не ломанули, волноваться незачто.
Забаньте пид..раса, и пожалуйтесь на ip сюда www.dnsbl.info

Although no. Looks like a real search engine
geoiplookup 68.180.228.159
GeoIP Country Edition: US, United States
GeoIP City Edition, Rev 1: US, CA, California, Sunnyvale, 94089, 37.424900, -122.007401, 807, 408
GeoIP ASNum Edition: AS36647 Yahoo
Well, you then you yourself looked, what kind of png-hee is there?
Check the directory tree ncdu,
the program will show which folders take up the most space.