LORG Detection Results [lorg]

Summary: 3 incidents discovered from one client

192.168.21.127 | 3 incidents | impact ∑: 38

attacks only

Description: A targeted scan yesterday. A total of 3 incidents where discovered by phpids detection modules.

Impact	Tags	Remote-City	Remote-Host	Remote-Logname	Remote-User	Date	Request	Final-Status	Bytes-Sent	Referer	User-Agent
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 00:15:14 +0100	GET / HTTP/1.1	200	6846	-	Linux Gnu (cow)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 01:04:14 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/74.0.3729.131 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 01:18:06 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 02:17:45 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 02:36:37 +0100	GET /2022_08_08_report_access.log.1.html HTTP/1.1	200	32493	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 02:37:27 +0100	GET /2022_08_02_vipex_access.log.1.html HTTP/1.1	200	41626	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
13	dt id lfi xss csrf	-	192.168.21.127	-	-	Mon, 09 Jan 2023 02:56:16 +0100	GET ///remote/fgt_lang?lang=/../../../..//////////dev/ HTTP/1.1	404	456	-	python-requests/2.6.0 CPython/2.7.5 Linux/3.10.0-1160.el7.x86_64
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 03:34:14 +0100	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 03:56:30 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.102 Safari/537.36 OPR/90.0.4480.117
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 04:06:12 +0100	GET /favicon.ico HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:102.0) Gecko/20100101 Firefox/102.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 04:10:51 +0100	GET /.git/config HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:107.0) Gecko/20100101 Firefox/107.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 04:25:35 +0100	GET /p1rJ HTTP/1.1	404	457	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 04:25:36 +0100	GET /jquery-3.3.1.slim.min.js HTTP/1.1	404	457	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 04:25:37 +0100	GET /jquery-3.3.2.slim.min.js HTTP/1.1	404	457	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:32.0) Gecko/20100101 Firefox/32.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 05:20:53 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 06:30:17 +0100	GET / HTTP/1.1	200	6846	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 06:41:42 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 06:59:41 +0100	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 07:09:06 +0100	GET /script HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 07:09:07 +0100	GET /jenkins/login HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 07:09:08 +0100	GET /users/sign_in HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 07:30:57 +0100	GET /manager/html HTTP/1.1	404	456	-	User-Agent:Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.2; .NET CLR 1.0.3705
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 08:19:59 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/105.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 08:22:42 +0100	GET /favicon.ico HTTP/1.1	404	456	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 08:22:53 +0100	GET /robots.txt HTTP/1.1	404	456	-	Go-http-client/1.1
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 08:55:29 +0100	GET / HTTP/1.1	200	136718	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 09:19:00 +0100	GET /robots.txt HTTP/1.1	404	462	-	Mozilla/5.0 (compatible;PetalBot;+https://webmaster.petalsearch.com/site/petalbot)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 09:51:35 +0100	GET / HTTP/1.1	200	6864	-	python-requests/2.28.1
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:24:39 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwi_97mdkrr8AhWxg4kEHfRcCIo4ChAWegQIDhAC&usg=AOvVaw3RKJtPLdhNER5yMsYfwZNb//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:24:40 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwi_97mdkrr8AhWxg4kEHfRcCIo4ChAWegQIDhAC&usg=AOvVaw3RKJtPLdhNER5yMsYfwZNb//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:24:40 +0100	POST //vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:24:41 +0100	POST //vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:27:44 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwj59N6dkrr8AhUVk4kEHYQqDek4FBAWegQIDBAC&usg=AOvVaw3A5S8yGHdMsAEhyHSEj1Ic//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:27:45 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwj59N6dkrr8AhUVk4kEHYQqDek4FBAWegQIDBAC&usg=AOvVaw3A5S8yGHdMsAEhyHSEj1Ic//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:30:39 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiRs_-dkrr8AhWrlIkEHRaqAtg4HhAWegQIDxAC&usg=AOvVaw3jk2KR5pt79cySnP4vlonr//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:30:40 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiRs_-dkrr8AhWrlIkEHRaqAtg4HhAWegQIDxAC&usg=AOvVaw3jk2KR5pt79cySnP4vlonr//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:33:39 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwjt35-ekrr8AhVKj4kEHaLJDA44KBAWegQIDxAC&usg=AOvVaw1jwuve29Oxit777TAJXf1M//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:33:40 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwjt35-ekrr8AhVKj4kEHaLJDA44KBAWegQIDxAC&usg=AOvVaw1jwuve29Oxit777TAJXf1M//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:35:34 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiej7eekrr8AhU6kIkEHbZDD7s4MhAWegQIChAC&usg=AOvVaw3i4dJ0JRqhivpRKEwyORrl//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:35:35 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiej7eekrr8AhU6kIkEHbZDD7s4MhAWegQIChAC&usg=AOvVaw3i4dJ0JRqhivpRKEwyORrl//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:37:17 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiTs8yekrr8AhXLjIkEHa2WDUw4PBAWegQIDxAC&usg=AOvVaw0YE8aYG7h_AykL_-qjI9M5//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 10:37:18 +0100	POST /2020_11_02_vipex_access.log.1.html&sa=U&ved=2ahUKEwiTs8yekrr8AhXLjIkEHa2WDUw4PBAWegQIDxAC&usg=AOvVaw0YE8aYG7h_AykL_-qjI9M5//vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	462	-	Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.9.2) Gecko/20100115 Firefox/3.6
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 11:30:31 +0100	GET / HTTP/1.1	200	136718	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:79.0) Gecko/20100101 Firefox/79.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 11:51:17 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 11:57:21 +0100	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:11:34 +0100	GET /wp-load.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:11:44 +0100	GET /style.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:11:52 +0100	GET /s_e.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:18 +0100	GET /1index.php HTTP/1.1	503	575	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:20 +0100	GET /doc.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:28 +0100	GET /beence.php HTTP/1.1	503	575	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:35 +0100	GET /wp-signin.php?dizo&ping HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:36 +0100	GET /export.php HTTP/1.1	503	575	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:38 +0100	GET /wp-includes/wp-class.php HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:40 +0100	GET /wp-includes/images/css.php HTTP/1.1	404	462	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:42 +0100	GET /defau1t.php HTTP/1.1	503	575	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:46 +0100	GET /wp-booking.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:48 +0100	GET /wp-content/mu-plugins/db-safe-mode.php HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:50 +0100	GET /config.bak.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:52 +0100	GET /legion.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:12:57 +0100	GET /wp-plugins.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:01 +0100	GET /wp-content/db-cache.php HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:11 +0100	GET /defau11.php HTTP/1.1	503	575	www.bing.com	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/90.0.4430.85 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:19 +0100	GET /system_log.php?bala=up HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:23 +0100	GET /error.php?phpshells HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:25 +0100	GET /alfacgiapi HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:31 +0100	GET /.well-known/ALFA_DATA HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:35 +0100	GET /.well-known/cgialfa HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:39 +0100	GET /wp-content/uploads/alfacgiapi HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:41 +0100	GET /wp-includes/ALFA_DATA HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:44 +0100	GET /wp-includes/cgialfa HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:47 +0100	GET /wp-admin/alfacgiapi HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:50 +0100	GET /wp-content/ALFA_DATA HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:52 +0100	GET /wp-content/cgialfa HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:13:57 +0100	GET /templates/beez3/alfacgiapi HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:01 +0100	GET /sites/default/files/ALFA_DATA HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:06 +0100	GET /sites/default/files/cgialfa HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:08 +0100	GET /admin/controller/extension/extension/alfacgiapi HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:20 +0100	GET /wp-content/plugins/ubh/up.php HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:21 +0100	GET /olux.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:21 +0100	GET /wso.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:21 +0100	GET /up.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:22 +0100	GET /1.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:22 +0100	GET /z.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:22 +0100	GET /test.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:23 +0100	GET /alfa.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:24 +0100	GET /templates/beez3/index.php HTTP/1.1	404	462	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:14:24 +0100	GET /shells.php HTTP/1.1	503	575	www.bing.com	wp_is_mobile
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:27:15 +0100	GET /2022_08_13_vipex_access.log.1.html HTTP/1.1	304	145	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 12:27:16 +0100	GET /2022_11_02_report_access.log.1.html HTTP/1.1	200	34205	-	Mozilla/5.0 (Linux; Android 6.0.1; Nexus 5X Build/MMB29P) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/107.0.5304.115 Mobile Safari/537.36 (compatible; Googlebot/2.1; +http://www.google.com/bot.html)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 13:38:45 +0100	POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 14:10:09 +0100	GET /login HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 14:10:09 +0100	GET /manager/html HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 14:33:26 +0100	GET /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 15:13:50 +0100	GET /solr/admin/info/system?wt=json HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 15:21:00 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 15:32:11 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:15:22 +0100	OPTIONS / HTTP/1.0	200	192	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:31:10 +0100	GET / HTTP/1.1	200	136718	-	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/51.0.2704.103 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:39:44 +0100	GET /actuator/health HTTP/1.1	404	456	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:54:05 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:58:52 +0100	GET / HTTP/1.1	200	136719	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 16:58:55 +0100	GET /favicon.ico HTTP/1.1	404	457	-	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 17:00:04 +0100	GET / HTTP/1.1	200	136718	-	Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 17:00:36 +0100	GET /sitemap.xml HTTP/1.1	404	456	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 17:00:37 +0100	GET /favicon.ico HTTP/1.1	404	456	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:80.0) Gecko/20100101 Firefox/80.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 17:13:44 +0100	POST /boaform/admin/formLogin HTTP/1.1	404	456	http://91.223.222.117:80/admin/login.asp	Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 17:26:04 +0100	HEAD / HTTP/1.0	200	146	-	-
12	xss csrf id rfe lfi	-	192.168.21.127	-	-	Mon, 09 Jan 2023 18:28:21 +0100	GET /?a=fetch&content=die(@md5(HelloThinkCMF)) HTTP/1.1	200	6864	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 18:48:12 +0100	GET / HTTP/1.0	200	136540	-	Mozilla/5.0 (X11; Linux x86_64; rv:98.0) Gecko/20100101 Firefox/98.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 18:49:44 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (compatible; CensysInspect/1.1; +https://about.censys.io/)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 19:01:29 +0100	GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1	200	6864	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 19:15:32 +0100	GET /owa/auth/logon.aspx?url=https://1/ecp/ HTTP/1.1	404	456	-	Mozilla/5.0 zgrab/0.x
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 19:50:14 +0100	GET /console/ HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 20:35:26 +0100	GET / HTTP/1.1	200	136718	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 20:40:20 +0100	GET / HTTP/1.1	200	6864	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/60.0.3112.113 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 20:41:41 +0100	GET /favicon.ico HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 20:55:05 +0100	GET / HTTP/1.1	200	136718	-	Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2743.116 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 21:16:58 +0100	GET /_ignition/execute-solution HTTP/1.1	404	456	-	Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:17:50 +0100	GET / HTTP/1.0	200	136548	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:17:50 +0100	OPTIONS / RTSP/1.0	400	-	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:17:56 +0100	OPTIONS / HTTP/1.0	200	192	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:01 +0100	OPTIONS / RTSP/1.0	400	-	-	-
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /dana-na/../dana/html5acc/guacamole/../../../../../../etc/passwd?/dana/html5acc/guacamole/ HTTP/1.1	400	494	-	Mozilla/4.0 (compatible; MSIE 6.0; Windows NT 5.1)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	PUT /api/v2/cmdb/system/admin/admin HTTP/1.1	405	525	-	Report Runner - Internet Research
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	POST /casa/nodes/thumbprints HTTP/1.1	404	448	-	Guayoyo - Mozilla/5.0 (compatible; vCenter)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	PUT /api/v2/cmdb/system/admin/admin HTTP/1.1	405	525	-	Report Runner - Internet Research
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd HTTP/1.1	404	463	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1	404	462	-	curl/7.54.0
13	dt id lfi xss csrf	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1	404	463	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:01 +0100	GET / HTTP/1.1	200	136724	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET / HTTP/1.1	200	136724	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /ui/login.action HTTP/1.1	404	448	-	Guayoyo - Mozilla/5.0 (compatible; vCenter)
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /Telerik.Web.UI.WebResource.axd?type=rau HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /jira/rest/applinks/1.0/manifest HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /confluence/rest/applinks/1.0/manifest HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /bitbucket/rest/applinks/1.0/manifest HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /bamboo/rest/applinks/1.0/manifest HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:18:02 +0100	GET /crowd/rest/applinks/1.0/manifest HTTP/1.1	404	462	-	curl/7.54.0
0	none	-	192.168.21.127	-	-	Mon, 09 Jan 2023 22:39:11 +0100	GET / HTTP/1.1	200	136719	-	Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:47.0) Gecko/20100101 Firefox/47.0