192.168.0.188 - - [03/Oct/2024:12:21:32 +0000] "POST /bitrix/services/main/ajax.php?action=main.bitrix.main.controller.loadext.getextensions HTTP/1.0" 200 8633 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:32 +0000] "POST /bitrix/services/main/ajax.php?action=crm.api.entity.canChangeCurrency HTTP/1.0" 200 44 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:32 +0000] "POST /bitrix/services/main/ajax.php?action=crm.api.entity.fetchPaymentDocuments HTTP/1.0" 200 649 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:32 +0000] "POST /bitrix/tools/uf.php HTTP/1.0" 200 7408 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:35 +0000] "POST /bitrix/components/bitrix/crm.kanban/ajax.old.php?action=get HTTP/1.0" 200 3315 "http://192.168.0.109/crm/deal/details/30989/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:36 +0000] "POST /bitrix/components/bitrix/crm.kanban/ajax.old.php?action=get HTTP/1.0" 200 3315 "http://192.168.0.109/crm/deal/details/30989/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:21:42 +0000] "GET /bitrix/tools/public_session.php?k=5b6c91574ce4650e4aec681b42980ff0.b41f0bd21a662615610413e72ea5411cc7cc77d0c308344ecf1b6fecac899da0 HTTP/1.0" 200 2 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.1.83 - - [03/Oct/2024:12:21:49 +0000] "GET /bitrix/tools/check_mail.php?SITE_ID=s1 HTTP/1.0" 200 60 "http://192.168.0.109/crm/deal/category/0/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.1.101 - - [03/Oct/2024:12:22:05 +0000] "GET /bitrix/tools/public_session.php?k=1e122de47e3d6f51c0e64af651b47f66.5b05ca7a4c16fd19dc6a76ee1e70d31fc7c388c0eabce94290a50ae8aa16d297 HTTP/1.0" 200 2 "http://192.168.0.109/crm/deal/category/24/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:131.0) Gecko/20100101 Firefox/131.0"
192.168.0.229 - - [03/Oct/2024:12:22:09 +0000] "GET /bitrix/tools/public_session.php?k=d8fcebefdbf3503c8469f878a6c2e5da.4201f730838cebfd7988ed3c748b1c83853147a3a8d031981d1ed705a8974c91 HTTP/1.0" 200 2 "http://192.168.0.109/crm/lead/list/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:12 +0000] "GET /crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER HTTP/1.0" 200 860338 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:13 +0000] "POST /bitrix/services/main/ajax.php?action=main.bitrix.main.controller.loadext.getextensions HTTP/1.0" 200 8633 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:13 +0000] "POST /bitrix/services/main/ajax.php?action=crm.api.entity.canChangeCurrency HTTP/1.0" 200 44 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:13 +0000] "POST /bitrix/services/main/ajax.php?action=crm.api.entity.fetchPaymentDocuments HTTP/1.0" 200 649 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:13 +0000] "POST /bitrix/tools/uf.php HTTP/1.0" 200 7408 "http://192.168.0.109/crm/deal/details/30989/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.0.189 - - [03/Oct/2024:12:22:15 +0000] "POST /bitrix/services/main/ajax.php?action=im.v2.UpdateState.getStateData HTTP/1.0" 200 2183 "http://192.168.0.109/bitrix/js/im/v2/lib/update-state/shared-worker/dist/shared-worker.bundle.js" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
192.168.1.131 - - [03/Oct/2024:12:22:35 +0000] "GET /bitrix/tools/public_session.php?k=2def394c15083b855eb2e7550bb233ae.c3d9e63a1583327d9c69d605482ea875e51c70e21dcf78adf14455a38239156d HTTP/1.0" 200 2 "http://192.168.0.109/crm/lead/details/53552/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 YaBrowser/24.7.0.0 Safari/537.36"
192.168.0.188 - - [03/Oct/2024:12:22:42 +0000] "GET /bitrix/tools/public_session.php?k=5b6c91574ce4650e4aec681b42980ff0.b41f0bd21a662615610413e72ea5411cc7cc77d0c308344ecf1b6fecac899da0 HTTP/1.0" 200 2 "http://192.168.0.109/crm/deal/details/30989/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36"
[Wed Oct 02 18:56:35.563889 2024] [mpm_prefork:notice] [pid 703:tid 703] AH00170: caught SIGWINCH, shutting down gracefully
[Wed Oct 02 18:56:36.635900 2024] [suexec:notice] [pid 2292:tid 2292] AH01232: suEXEC mechanism enabled (wrapper: /usr/sbin/suexec)
[Wed Oct 02 18:56:36.737320 2024] [mpm_prefork:notice] [pid 2292:tid 2292] AH00163: Apache/2.4.57 (CentOS Stream) configured -- resuming normal operations
[Wed Oct 02 18:56:36.737357 2024] [core:notice] [pid 2292:tid 2292] AH00094: Command line: '/usr/sbin/httpd -D FOREGROUND'
msmtp: account default not found: no configuration file available
msmtp: account default not found: no configuration file available
msmtp: account default not found: no configuration file available
msmtp: account default not found: no configuration file available
msmtp: account default not found: no configuration file available
192.168.0.188 - - [03/Oct/2024:12:20:27 +0000 - 0.038] 200 "POST /bitrix/services/main/ajax.php?action=disk.commonActions.search HTTP/1.1" 64 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:27 +0000 - 0.094] 200 "POST /bitrix/services/main/ajax.php?action=tasks.task.search HTTP/1.1" 537 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:27 +0000 - 0.389] 200 "POST /bitrix/services/main/ajax.php?action=crm.api.entity.search HTTP/1.1" 490 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:30 +0000 - 0.458] 200 "GET /crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER HTTP/1.1" 153680 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:31 +0000 - 0.029] 200 "POST /bitrix/services/main/ajax.php?action=main.bitrix.main.controller.loadext.getextensions HTTP/1.1" 1636 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:31 +0000 - 0.063] 200 "POST /bitrix/services/main/ajax.php?action=crm.api.entity.canChangeCurrency HTTP/1.1" 44 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:31 +0000 - 0.114] 200 "POST /bitrix/services/main/ajax.php?action=crm.api.entity.fetchPaymentDocuments HTTP/1.1" 649 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:31 +0000 - 0.110] 200 "POST /bitrix/tools/uf.php HTTP/1.1" 2039 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.229 - - [03/Oct/2024:12:20:34 +0000 - 0.075] 200 "POST /bitrix/services/main/ajax.php?action=im.v2.Chat.Message.send HTTP/1.1" 64 "http://192.168.0.109/crm/lead/list/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:34 +0000 - -] 200 "GET /bitrix/js/crm/images/crm-control-panel-sprite-26.png HTTP/1.1" 54693 "http://192.168.0.109/bitrix/js/crm/css/crm.min.css?1727632051189634" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.229 - - [03/Oct/2024:12:20:36 +0000 - 0.098] 200 "POST /bitrix/services/main/ajax.php?controller=disk.uf.integration.diskUploaderController&controllerOptions=%7B%22folderId%22%3A1647%7D&token=&action=ui.fileuploader.upload HTTP/1.1" 969 "http://192.168.0.109/crm/lead/list/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.1.109 - - [03/Oct/2024:12:20:37 +0000 - -] 206 "GET /bitrix/js/im/audio/new-message-1.mp3 HTTP/2.0" 21742 "https://192.168.0.109/desktop_app/?BXD_API_VERSION=74&user_lang=ru&login=agolotovskii" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/106.0.5249.12 BitrixDesktop/14.3.10.74 Safari/537.36" "-"
192.168.0.229 - - [03/Oct/2024:12:20:37 +0000 - 0.134] 200 "POST /rest/im.disk.file.commit.json HTTP/1.1" 985 "http://192.168.0.109/crm/lead/list/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:40 +0000 - 0.542] 200 "POST /bitrix/components/bitrix/crm.deal.list/list.ajax.php?sessid=5b6c91574ce4650e4aec681b42980ff0 HTTP/1.1" 45 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:41 +0000 - 0.148] 200 "POST /bitrix/components/bitrix/crm.deal.details/ajax.php?sessid=5b6c91574ce4650e4aec681b42980ff0 HTTP/1.1" 11772 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:41 +0000 - 0.031] 200 "POST /bitrix/tools/uf.php HTTP/1.1" 1092 "http://192.168.0.109/crm/deal/details/31061/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:42 +0000 - 0.025] 200 "GET /bitrix/tools/public_session.php?k=5b6c91574ce4650e4aec681b42980ff0.b41f0bd21a662615610413e72ea5411cc7cc77d0c308344ecf1b6fecac899da0 HTTP/1.1" 2 "http://192.168.0.109/crm/deal/details/31061/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:44 +0000 - 0.124] 200 "POST /bitrix/components/bitrix/crm.kanban/ajax.old.php?action=get HTTP/1.1" 1445 "http://192.168.0.109/crm/deal/details/31061/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.0.188 - - [03/Oct/2024:12:20:50 +0000 - 0.151] 200 "POST /bitrix/components/bitrix/crm.kanban/ajax.old.php?action=get HTTP/1.1" 1445 "http://192.168.0.109/crm/deal/kanban/category/13/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36" "-"
192.168.1.131 - - [03/Oct/2024:12:20:50 +0000 - 0.398] 200 "GET /crm/lead/details/53552/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER HTTP/1.1" 141548 "http://192.168.0.109/crm/lead/list/" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 YaBrowser/24.7.0.0 Safari/537.36" "-"
192.168.1.131 - - [03/Oct/2024:12:20:51 +0000 - 0.035] 200 "POST /bitrix/services/main/ajax.php?action=main.bitrix.main.controller.loadext.getextensions HTTP/1.1" 1636 "http://192.168.0.109/crm/lead/details/53552/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 YaBrowser/24.7.0.0 Safari/537.36" "-"
192.168.1.131 - - [03/Oct/2024:12:20:52 +0000 - 0.035] 200 "POST /bitrix/tools/uf.php HTTP/1.1" 5666 "http://192.168.0.109/crm/lead/details/53552/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 YaBrowser/24.7.0.0 Safari/537.36" "-"
192.168.1.131 - - [03/Oct/2024:12:20:54 +0000 - 0.043] 200 "POST /bitrix/components/bitrix/crm.timeline/ajax.php?&site=s1&sessid=2def394c15083b855eb2e7550bb233ae HTTP/1.1" 79 "http://192.168.0.109/crm/lead/details/53552/?IFRAME=Y&IFRAME_TYPE=SIDE_SLIDER" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 YaBrowser/24.7.0.0 Safari/537.36" "-"
2024/10/03 03:11:12 [error] 725#0: *830 access forbidden by rule, client: 64.62.156.107, server: _, request: "GET /.git/config HTTP/1.1", host: "217.67.189.155"
2024/10/03 04:46:13 [error] 726#0: *968 open() "/home/bitrix/www/bitrix/cache/css/s1/bitrix24/template_5e3f7a5bf9ba9c03a08cc2d805acb8c8/template_5e3f7a5bf9ba9c03a08cc2d805acb8c8_v1.css" failed (2: No such file or directory), client: 192.168.1.101, server: _, request: "GET /bitrix/cache/css/s1/bitrix24/template_5e3f7a5bf9ba9c03a08cc2d805acb8c8/template_5e3f7a5bf9ba9c03a08cc2d805acb8c8_v1.css HTTP/1.1", host: "192.168.0.109", referrer: "http://192.168.0.109/crm/deal/category/24/"
2024/10/03 04:46:14 [error] 729#0: *967 open() "/home/bitrix/www/bitrix/cache/js/s1/bitrix24/template_2602454182c25240c03c1cf65eeddef8/template_2602454182c25240c03c1cf65eeddef8_v1.js" failed (2: No such file or directory), client: 192.168.1.101, server: _, request: "GET /bitrix/cache/js/s1/bitrix24/template_2602454182c25240c03c1cf65eeddef8/template_2602454182c25240c03c1cf65eeddef8_v1.js HTTP/1.1", host: "192.168.0.109", referrer: "http://192.168.0.109/crm/deal/category/24/"
2024/10/03 04:46:22 [error] 726#0: *964 open() "/home/bitrix/www/bitrix/cache/js/s1/bitrix24/template_2602454182c25240c03c1cf65eeddef8/template_2602454182c25240c03c1cf65eeddef8_v1.js" failed (2: No such file or directory), client: 192.168.1.101, server: _, request: "GET /bitrix/cache/js/s1/bitrix24/template_2602454182c25240c03c1cf65eeddef8/template_2602454182c25240c03c1cf65eeddef8_v1.js HTTP/1.1", host: "192.168.0.109", referrer: "http://192.168.0.109/crm/deal/category/24/"
Scanning portal.xxx.ru (217.xxx.xxx.155) [1000 ports]
Discovered open port 443/tcp on 217.xxx.xxx155
Discovered open port 1723/tcp on 217.xxx.xxx.155
Discovered open port 3389/tcp on 217.xxx.xxx.155
Completed SYN Stealth Scan at 17:24, 4.98s elapsed (1000 total ports)
Initiating Service scan at 17:24
Scanning 217-xxx-xxx-155.in-addr.mastertelecom.ru (217.xxx.xxx.155) [65535 ports]
Discovered open port 443/tcp on 217.xxx.xxx.155
Discovered open port 1723/tcp on 217.xxx.xxx.155
Discovered open port 3389/tcp on 217.xxx.xxx.155
Completed SYN Stealth Scan at 17:28, 38.62s elapsed (65535 total ports)
Initiating Service scan at 17:28