0

I receive a lot of 404 from cyberscan.io:

34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /cgi/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /mail/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /test/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /ws/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /admin/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /db/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /inc/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"
34.159.13.2 - - [11/Aug/2022:17:32:18 +0200] "GET /sql/en/index.html HTTP/1.1" 404 522 "-" "cyberscan.io"

cyberscan.io looks like a company, not just a script from unknown source.

Is there anything which I can do against it?

There are several perspectives: Do something against via law or via technical solution.

guettli
  • 3,591
  • 17
  • 72
  • 123
  • contact the owner with a deny letter... – djdomi Aug 11 '22 at 16:46
  • 1
    There's always a lot of "background noise" being generated by bots scanning random ip-ranges and trying for known vulnerabilities and exploits. It's a fact of modern digital life and you see evidence of that in your log files. Keep your systems patched and up-to-date and learn to live with that. Or configure a fail2ban rule and block IP's that generate a lot of 404's – HBruijn Aug 12 '22 at 09:56
  • Replace "or" with "and" in the previous comment. You have to apply latest patches and use fail2ban. – Nikita Kipriyanov Aug 23 '22 at 18:16

0 Answers0