Day: October 12, 2021

Bginfo displays PC info on screen

Posted on by Bian Xi Leave a Comment on Bginfo displays PC info on screen

Bginfo displays PC info on screen

Just completed installation of Bginfo on my Windows VMs, which can display PC info on screen.

Pros

  • Won't be confused with other PCs when doing remote control
  • Don't need to run command to know those info

Cons

  • Hard to configure
  • Can not copy the text, such as MAC address might required for troubleshooting
  • LAN info is not accurate if have multiple NIC card
  • Hard to read, the font is big, and the color is not changing based on background
  • Small terminal font is better

References

BgInfo

Logs on the web server

Posted on by Bian Xi Leave a Comment on Logs on the web server

Logs on the web server

After run a few weeks of live web server, the log shows many attacks from internet.

Thinking about how to monitor such kind of attacks, and send alert and block them if possible.

Streaming Services

167.71.136.78 - - [10/Oct/2021:22:56:22 +0000] "GET /system_api.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:23 +0000] "GET /system_api.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:24 +0000] "GET /system_api.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:25 +0000] "GET /system_api.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:27 +0000] "GET /c/version.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:28 +0000] "GET /c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:29 +0000] "GET /c/version.js HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:30 +0000] "GET /c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:32 +0000] "GET /streaming/clients_live.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:33 +0000] "GET /streaming/clients_live.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:34 +0000] "GET /streaming/clients_live.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:35 +0000] "GET /streaming/clients_live.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:37 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:38 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:39 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:40 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:42 +0000] "GET /stream/live.php HTTP/1.1" 301 169 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:43 +0000] "GET /stream/live.php HTTP/1.1" 404 153 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:44 +0000] "GET /stream/live.php HTTP/1.1" 400 255 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:45 +0000] "GET /stream/live.php HTTP/1.1" 404 153 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:47 +0000] "GET /flu/403.html HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:48 +0000] "GET /flu/403.html HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:49 +0000] "GET /flu/403.html HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:50 +0000] "GET /flu/403.html HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:52 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:53 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:55 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:56 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:57 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:58 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:59 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:57:00 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"

Special CGI

167.71.13.196 - - [11/Oct/2021:03:04:59 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
23.148.145.236 - - [11/Oct/2021:04:55:13 +0000] "GET / HTTP/1.1" 200 154 "-" "libwww-perl/6.57" "-"
23.148.145.236 - - [11/Oct/2021:04:58:07 +0000] "GET / HTTP/1.1" 301 169 "-" "libwww-perl/6.57" "-"
23.148.145.236 - - [11/Oct/2021:04:58:08 +0000] "GET / HTTP/1.1" 200 154 "-" "libwww-perl/6.57" "-"
185.225.28.57 - - [11/Oct/2021:05:45:25 +0000] "" 400 0 "-" "-" "-"
45.146.164.110 - - [11/Oct/2021:05:52:57 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:52:59 +0000] "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:52:59 +0000] "GET /console/ HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:03 +0000] "GET /_ignition/execute-solution HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:04 +0000] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:08 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:08 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:09 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 157 "-" "-" "-"
45.146.164.110 - - [11/Oct/2021:05:53:11 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:14 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
61.219.11.151 - - [11/Oct/2021:06:14:03 +0000] "dN\x93\xB9\xE6\xBCl\xB6\x92\x84:\xD7\x03\xF1N\xB9\xC5;\x90\xC2\xC6\xBA\xE1I-\x22\xDDs\xBA\x1FgC:\xB1\xA7\x80+\x00\x00\x00\x00%\xFDK:\xAAW.|J\xB2\xB5\xF5'\xA5l\xD3V(\xB7\x01%(CsK8B\xCE\x9A\xD0z\xC7\x13\xAD" 400 157 "-" "-" "-"

Application Admin

103.76.165.122 - - [11/Oct/2021:00:06:54 +0000] "GET //admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:55 +0000] "GET //recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:56 +0000] "GET //html/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:56 +0000] "GET //freepbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //fpbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //www/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //asterisk/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:58 +0000] "GET //myasterisk/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:58 +0000] "GET //pbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //html/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //html/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //fpbx/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //www/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //asterisk/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //myasterisk/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //pbx/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"

Database Admin

51.38.38.130 - - [10/Oct/2021:21:54:18 +0000] "GET /phpMyAdmin-4/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /administrator/web/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /db/webdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /phpMyAdmin3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /admin/sysadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /phpmyadmin2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /phpMyAdmin-5.1.0/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /db/webdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /PMA2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /phpMyAdmin5/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /MyAdmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /pma2018/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /phpMyAdmin1/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /mysqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /db/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /phpMyAdmin-4.9.7-english/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /PMA2017/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /pma2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /shopdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /pma2013/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /sqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /administrator/web/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /phpMyAdmin-3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /sql/phpMyAdmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /phpMyadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /phpmyadmin2011/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /PMA2017/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /pma2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /phpmyadmin2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /phpmyadmin3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /PMA2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /sql/sql-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /phpmyadmin2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /php-myadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /sqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpmyadmin2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpMyAdmin-5.1.1/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpMyAdmin4/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /phpMyAdmin-5.1.1-english/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /db/phpMyAdmin-3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /PMA2015/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:33 +0000] "GET /phpmyadmin2013/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:33 +0000] "GET /pma2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"

Sharing

58.250.125.78 - - [10/Oct/2021:07:51:12 +0000] "GET / HTTP/1.1" 301 169 "-" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" "-"

Web Admin Page

45.146.164.110 - - [09/Oct/2021:17:36:14 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [09/Oct/2021:17:36:15 +0000] "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:35 +0000] "POST /api/jsonws/invoke HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:36 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:37 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:38 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:38 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:39 +0000] "GET /index.php?s=/Index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:41 +0000] "GET /console/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:42 +0000] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:43 +0000] "GET /_ignition/execute-solution HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:44 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 157 "-" "-" "-"

WordPress plug in

185.225.28.57 - - [11/Oct/2021:05:45:20 +0000] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:20 +0000] "GET /xmlrpc.php?rsd HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /news/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"