Tag: log

ZFS cache and log

Posted on by Bian Xi Leave a Comment on ZFS cache and log

ZFS cache and log

There are two kinds of cache, read cache and write cache.

Read cache

Called ARC and L2ARC.

ARC (Adaptive Replacement Cache)

In memory, caching the information that would require in the near future, while discarding the ones that will be needed furthest ahead in time.

This can be set using kernel/module parameter, such as zfs_arc_max.

L2ARC (Level 2 ARC)

In cache device, extension of ARC. Can be created using following command

zpool add tank cache ada3

Note: tank is the pool name, ada3 is the block device used for caching

Write cache

Called ZIL (ZFS Intent Log).

Asynchronous

By default, ZFS will cache write data in memory before write to disk, this is called asynchronous mode.

Synchronous

Synchronous will make sure data written to disk before continue, this can be set using following command

zfs set sync=always mypool/dataset1

ZFS Intent Log (ZIL)

This is the temporary space to store data before write into main disks, this can be used to speed up write operation. The write operation is considered as completed once data written into ZIL device, which is called SLOG (Separate Intent Log) devices, can be defined as follow

zpool add tank log ada3

Note: tank is the pool name, ada3 is the block device used for slog

If worrying SLOG device faulty, it can be mirrored too.

zpool add tank log mirror ada3 ada4

References

Configuring ZFS Cache for High Speed IO
ZFS Performance with Databases (Cached)

Logs on the web server

Posted on by Bian Xi Leave a Comment on Logs on the web server

Logs on the web server

After run a few weeks of live web server, the log shows many attacks from internet.

Thinking about how to monitor such kind of attacks, and send alert and block them if possible.

Streaming Services

167.71.136.78 - - [10/Oct/2021:22:56:22 +0000] "GET /system_api.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:23 +0000] "GET /system_api.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:24 +0000] "GET /system_api.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:25 +0000] "GET /system_api.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:27 +0000] "GET /c/version.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:28 +0000] "GET /c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:29 +0000] "GET /c/version.js HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:30 +0000] "GET /c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:32 +0000] "GET /streaming/clients_live.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:33 +0000] "GET /streaming/clients_live.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:34 +0000] "GET /streaming/clients_live.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:35 +0000] "GET /streaming/clients_live.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:37 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:38 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:39 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:40 +0000] "GET /stalker_portal/c/version.js HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:42 +0000] "GET /stream/live.php HTTP/1.1" 301 169 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:43 +0000] "GET /stream/live.php HTTP/1.1" 404 153 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:44 +0000] "GET /stream/live.php HTTP/1.1" 400 255 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:45 +0000] "GET /stream/live.php HTTP/1.1" 404 153 "-" "VLC/3.0.8 LibVLC/3.0.8" "-"
167.71.136.78 - - [10/Oct/2021:22:56:47 +0000] "GET /flu/403.html HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:48 +0000] "GET /flu/403.html HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:49 +0000] "GET /flu/403.html HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:50 +0000] "GET /flu/403.html HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:52 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:53 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:55 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:56 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:57 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:58 +0000] "GET /gemini-iptv/vod.json HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:56:59 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 400 657 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"
167.71.136.78 - - [10/Oct/2021:22:57:00 +0000] "GET /gemini-iptv/get_prc.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36" "-"

Special CGI

167.71.13.196 - - [11/Oct/2021:03:04:59 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
167.71.13.196 - - [11/Oct/2021:03:05:00 +0000] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/etc/hosts HTTP/1.1" 400 157 "-" "-" "-"
23.148.145.236 - - [11/Oct/2021:04:55:13 +0000] "GET / HTTP/1.1" 200 154 "-" "libwww-perl/6.57" "-"
23.148.145.236 - - [11/Oct/2021:04:58:07 +0000] "GET / HTTP/1.1" 301 169 "-" "libwww-perl/6.57" "-"
23.148.145.236 - - [11/Oct/2021:04:58:08 +0000] "GET / HTTP/1.1" 200 154 "-" "libwww-perl/6.57" "-"
185.225.28.57 - - [11/Oct/2021:05:45:25 +0000] "" 400 0 "-" "-" "-"
45.146.164.110 - - [11/Oct/2021:05:52:57 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:52:59 +0000] "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:52:59 +0000] "GET /console/ HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:03 +0000] "GET /_ignition/execute-solution HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:04 +0000] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:08 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:08 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:09 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 157 "-" "-" "-"
45.146.164.110 - - [11/Oct/2021:05:53:11 +0000] "POST /api/jsonws/invoke HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [11/Oct/2021:05:53:14 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
61.219.11.151 - - [11/Oct/2021:06:14:03 +0000] "dN\x93\xB9\xE6\xBCl\xB6\x92\x84:\xD7\x03\xF1N\xB9\xC5;\x90\xC2\xC6\xBA\xE1I-\x22\xDDs\xBA\x1FgC:\xB1\xA7\x80+\x00\x00\x00\x00%\xFDK:\xAAW.|J\xB2\xB5\xF5'\xA5l\xD3V(\xB7\x01%(CsK8B\xCE\x9A\xD0z\xC7\x13\xAD" 400 157 "-" "-" "-"

Application Admin

103.76.165.122 - - [11/Oct/2021:00:06:54 +0000] "GET //admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:55 +0000] "GET //recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:56 +0000] "GET //html/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:56 +0000] "GET //freepbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //fpbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //www/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:57 +0000] "GET //asterisk/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:58 +0000] "GET //myasterisk/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:58 +0000] "GET //pbx/recordings/index.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //html/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //html/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:06:59 +0000] "GET //fpbx/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //www/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //asterisk/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:00 +0000] "GET //myasterisk/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //pbx/admin/config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //config.php HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"
103.76.165.122 - - [11/Oct/2021:00:07:01 +0000] "GET //remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 400 255 "-" "python-requests/2.26.0" "-"

Database Admin

51.38.38.130 - - [10/Oct/2021:21:54:18 +0000] "GET /phpMyAdmin-4/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /administrator/web/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /db/webdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:19 +0000] "GET /phpMyAdmin3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /admin/sysadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /phpmyadmin2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:20 +0000] "GET /phpMyAdmin-5.1.0/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /db/webdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /PMA2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:21 +0000] "GET /phpMyAdmin5/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /MyAdmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /pma2018/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:22 +0000] "GET /phpMyAdmin1/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /mysqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /db/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:23 +0000] "GET /phpMyAdmin-4.9.7-english/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /PMA2017/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /pma2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:24 +0000] "GET /shopdb/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /pma2013/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:25 +0000] "GET /sqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /administrator/web/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /phpMyAdmin-3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:26 +0000] "GET /sql/phpMyAdmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /phpMyadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:27 +0000] "GET /phpmyadmin2011/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /PMA2017/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /pma2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:28 +0000] "GET /phpmyadmin2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /phpmyadmin3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /PMA2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:29 +0000] "GET /sql/sql-admin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /phpmyadmin2019/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /php-myadmin/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:30 +0000] "GET /sqlmanager/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpmyadmin2021/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpMyAdmin-5.1.1/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:31 +0000] "GET /phpMyAdmin4/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /phpMyAdmin-5.1.1-english/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /db/phpMyAdmin-3/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:32 +0000] "GET /PMA2015/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:33 +0000] "GET /phpmyadmin2013/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"
51.38.38.130 - - [10/Oct/2021:21:54:33 +0000] "GET /pma2014/index.php?lang=en HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/93.0.4577.82 Safari/537.36" "-"

Sharing

58.250.125.78 - - [10/Oct/2021:07:51:12 +0000] "GET / HTTP/1.1" 301 169 "-" "Sogou web spider/4.0(+http://www.sogou.com/docs/help/webmasters.htm#07)" "-"

Web Admin Page

45.146.164.110 - - [09/Oct/2021:17:36:14 +0000] "GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [09/Oct/2021:17:36:15 +0000] "GET /wp-content/plugins/wp-file-manager/readme.txt HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:35 +0000] "POST /api/jsonws/invoke HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:36 +0000] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:37 +0000] "GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:38 +0000] "GET /solr/admin/info/system?wt=json HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:38 +0000] "GET /?a=fetch&content=<php>die(@md5(HelloThinkCMF))</php> HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:39 +0000] "GET /index.php?s=/Index/\x5Cthink\x5Capp/invokefunction&function=call_user_func_array&vars[0]=md5&vars[1][]=HelloThinkPHP21 HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:41 +0000] "GET /console/ HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:42 +0000] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:43 +0000] "GET /_ignition/execute-solution HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:43 +0000] "GET / HTTP/1.1" 301 169 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36" "-"
45.146.164.110 - - [10/Oct/2021:02:29:44 +0000] "POST /cgi-bin/.%2e/.%2e/.%2e/.%2e/bin/sh HTTP/1.1" 400 157 "-" "-" "-"

WordPress plug in

185.225.28.57 - - [11/Oct/2021:05:45:20 +0000] "GET /wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:20 +0000] "GET /xmlrpc.php?rsd HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET / HTTP/1.1" 200 154 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /blog/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /web/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:21 +0000] "GET /wordpress/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /website/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /wp/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /news/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:22 +0000] "GET /2020/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /2019/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /shop/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /wp1/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:23 +0000] "GET /test/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /wp2/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /site/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /cms/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"
185.225.28.57 - - [11/Oct/2021:05:45:24 +0000] "GET /sito/wp-includes/wlwmanifest.xml HTTP/1.1" 404 555 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4240.193 Safari/537.36" "-"